Does Upload and Update List of Files have any unpatched vulnerabilities?

No. All known vulnerabilities in Upload and Update List of Files have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Upload and Update List of Files compatible with WordPress 5.5.18?

According to WordPress.org data, Upload and Update List of Files 0.1 has been tested up to WordPress 5.5.18. Check the plugin's changelog for the latest compatibility information.

How often is Upload and Update List of Files updated?

Upload and Update List of Files was last updated on Sep 18, 2020. Frequent updates are generally a positive security signal.

What is Upload and Update List of Files's security score?

Upload and Update List of Files has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Upload and Update List of Files Security & Risk Analysis

wordpress.org/plugins/iran-alves-upload-and-update-list-of-files

Create and update list of files to be inserted in pages using shortcode.

0 active installs v0.1 PHP + WP + Updated Sep 18, 2020

arquivosfileslistlistalista-de-arquivos

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Upload and Update List of Files Safe to Use in 2026?

Generally Safe

Score 85/100

Upload and Update List of Files has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The plugin 'iran-alves-upload-and-update-list-of-files' version 0.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for SQL queries and does not appear to have any known historical vulnerabilities, suggesting a conscientious development approach. The absence of dangerous functions, external HTTP requests, and taint flows with unsanitized paths further contributes to a generally clean code base.

However, several concerns warrant attention. The plugin has one AJAX handler that lacks authentication checks, presenting a direct entry point for potential unauthorized actions. While the total attack surface is small, this unprotected handler is a significant weakness. Additionally, only 68% of output escaping is properly done, leaving room for potential cross-site scripting (XSS) vulnerabilities if the unescaped outputs handle user-controlled data.

Given the lack of historical vulnerabilities, the current risk appears moderate rather than high. The primary concern stems from the unprotected AJAX endpoint, which could be exploited if it performs sensitive operations. The partial output escaping also introduces a potential, albeit less severe, risk. Future development should focus on securing all entry points and ensuring comprehensive output sanitization.

Key Concerns

AJAX handler without auth checks
Partial output escaping

Vulnerabilities

None known

Upload and Update List of Files Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Upload and Update List of Files Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

21 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

68% escaped31 total outputs

Attack Surface

1 unprotected

Upload and Update List of Files Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 1

authwp_ajax_upload_update_list_files_query_pagesincludes\class-uulf.php:29

Shortcodes 1

[iauulf_page_list_files] includes\class-uulf.php:35

WordPress Hooks 4

actionadmin_noticesincludes\class-uulf.php:20

actionadmin_menuincludes\class-uulf.php:23

actionadmin_enqueue_scriptsincludes\class-uulf.php:26

actionadmin_initincludes\class-uulf.php:32

Maintenance & Trust

Upload and Update List of Files Maintenance & Trust

Maintenance Signals

WordPress version tested5.5.18

Last updatedSep 18, 2020

PHP min version

Downloads853

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Upload and Update List of Files Alternatives

Simple File List

simple-file-list

Simple File List gives your WordPress website a list of your files which allows your users to open and download them.

5K 1 unpatched

Schedulista – Online Scheduling

schedulista-shortcode

Online scheduling for your business. Let your clients schedule appointments online anywhere, anytime, from any device.

200 No CVEs

Simple Downloads List

simple-downloads-list

Provide a list of downloads for your visitors - quick and easy. With download categories and mobile friendly design.

100 2 CVEs

WP Youtube channel gallery

wp-youtube-channel-gallery

Displays the most recent videos on a YouTube channel in your wp blog.

100 No CVEs

WP All Import – Listings Import for Listable

import-xml-csv-listings-to-listable-theme

100

Drag & drop to import directory listings from any CSV, XML, Excel, or Google Sheets file of any size or format. Supports images, categories, locat …

80 No CVEs

Developer Profile

Upload and Update List of Files Developer Profile

iranalves85

4 plugins · 30 total installs

trust score

Avg Security Score

89/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Upload and Update List of Files

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/iran-alves-upload-and-update-list-of-files/assets/style.css/wp-content/plugins/iran-alves-upload-and-update-list-of-files/assets/main.js

Script Paths

jquery

Version Parameters

iran-alves-upload-and-update-list-of-files/assets/style.css?ver=iran-alves-upload-and-update-list-of-files/assets/main.js?ver=

HTML / DOM Fingerprints

CSS Classes

button-link

Data Attributes

checked='checked'

JS Globals

window.jQuery

FAQ