Does Just Image Optimizer have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Just Image Optimizer compatible with WordPress 5.0.25?

According to WordPress.org data, Just Image Optimizer 1.1.3 has been tested up to WordPress 5.0.25. Check the plugin's changelog for the latest compatibility information.

How often is Just Image Optimizer updated?

Just Image Optimizer was last updated on Dec 17, 2018. Frequent updates are generally a positive security signal.

What is Just Image Optimizer's security score?

Just Image Optimizer has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Just Image Optimizer Security & Risk Analysis

wordpress.org/plugins/just-image-optimizer

Just Image Optimizer uses Google Page Speed Insights API to compress image files, improve performance and boost your SEO rank.

20 active installs v1.1.3 PHP + WP 4.5+ Updated Dec 17, 2018

compressimageoptimiseoptimizeresize

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Just Image Optimizer Safe to Use in 2026?

Generally Safe

Score 85/100

Just Image Optimizer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The "just-image-optimizer" v1.1.3 plugin exhibits several significant security concerns despite a clean vulnerability history. The most pressing issue is the presence of two AJAX handlers that lack authentication checks. This creates a direct attack surface where unauthorized users could potentially trigger plugin functionalities. Furthermore, the taint analysis reveals six high-severity flows with unsanitized paths. This indicates that user-supplied data is being processed in a way that could lead to unintended or malicious outcomes, potentially allowing for path traversal or other file-related vulnerabilities. While the plugin demonstrates good practices in SQL query preparation and output escaping, the unprotected AJAX endpoints and the high number of unsanitized taint flows present a substantial risk. The absence of any recorded vulnerabilities is a positive sign, but it does not negate the risks identified in the static and taint analysis. The plugin needs immediate attention to secure its entry points and properly sanitize all user inputs to mitigate potential exploitation.

Key Concerns

AJAX handlers without authentication checks
High-severity taint flows with unsanitized paths
No nonce checks on AJAX
No capability checks

Vulnerabilities

None known

Just Image Optimizer Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Just Image Optimizer Release Timeline

v1.1.3Current

v1.1.2

v1.1.1

v1.1

v1.0

v0.9

Code Analysis

Analyzed Mar 16, 2026

Just Image Optimizer Code Analysis

Dangerous Functions

Raw SQL Queries

25 prepared

Unescaped Output

103 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

81% prepared31 total queries

Output Escaping

76% escaped136 total outputs

Data Flows · Security

6 unsanitized

Data Flow Analysis

6 flows6 with unsanitized paths

manual_optimize (components\Optimizer.php:139)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Just Image Optimizer Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_manual_optimizecomponents\Optimizer.php:18

authwp_ajax_joi_check_api_connectcontrollers\ConnectController.php:21

WordPress Hooks 25

actionadmin_initcomponents\MediaInfo.php:23

actionadmin_print_scripts-upload.phpcomponents\MediaInfo.php:24

actionadmin_print_scripts-post.phpcomponents\MediaInfo.php:25

actionadd_meta_boxes_attachmentcomponents\MediaInfo.php:26

filterwp_generate_attachment_metadatacomponents\MediaInfo.php:29

filtermanage_media_columnscomponents\MediaInfo.php:61

actionmanage_media_custom_columncomponents\MediaInfo.php:62

filtermanage_upload_sortable_columnscomponents\MediaInfo.php:63

actionadd_attachmentcomponents\Optimizer.php:19

actioninitcomponents\Optimizer.php:32

filtercron_schedulescomponents\Optimizer.php:33

actionjust_image_optimizer_autoruncomponents\Optimizer.php:34

filterfilesystem_methodcomponents\Optimizer.php:175

actionadmin_menucontrollers\ConnectController.php:19

actionadmin_print_scripts-media_page_just-img-opt-connectioncontrollers\ConnectController.php:20

actionadmin_menucontrollers\DashboardController.php:19

actionadmin_print_scripts-media_page_just-img-opt-dashboardcontrollers\DashboardController.php:20

actionadmin_menucontrollers\LogController.php:17

actionadmin_menucontrollers\MigrateController.php:17

actionadmin_menucontrollers\SettingsController.php:19

actionadmin_print_scripts-media_page_just-img-opt-settingscontrollers\SettingsController.php:20

actionadmin_noticescore\PluginLoader.php:29

filterquery_varsservices\GooglePagespeed.php:33

actionparse_requestservices\GooglePagespeed.php:34

actioninitservices\GooglePagespeed.php:35

Scheduled Events 1

just_image_optimizer_autorun

Maintenance & Trust

Just Image Optimizer Maintenance & Trust

Maintenance Signals

WordPress version tested5.0.25

Last updatedDec 17, 2018

PHP min version

Downloads3K

Community Trust

Rating86/100

Number of ratings6

Active installs20

Alternatives

Just Image Optimizer Alternatives

ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF

shortpixel-image-optimiser

Optimize images & PDFs smartly. Create and compress next-gen WebP and AVIF formats. Smart crop and resize.

300K 8 CVEs

Kraken.io Image Optimizer

kraken-image-optimizer

This plugin allows you to optimize your WordPress images through the Kraken.io API, the world's most advanced image optimization and resizing API.

10K 3 CVEs

Compress, Resize & Lazy Load Images – WPvivid Image Optimization

wpvivid-imgoptim

100

Optimize, compress and resize images in WordPress in bulk. Lazy load images. Auto resize and optimize images upon upload.

10K No CVEs

Image Optimizer, Resizer and CDN – Sirv

sirv

Serve perfectly optimized images, videos, models and 360 spins. The best WordPress & WooCommerce CDN plugin for media.

1K 12 CVEs

Resize Control – Compress and resize images after upload

resize-control

Auto resize, optimize images; ensure compression for WP accounts to save time, speed, space, and bandwidth.

20 No CVEs

Developer Profile

Just Image Optimizer Developer Profile

Alex Prokopenko / JustCoded

5 plugins · 2K total installs

trust score

Avg Security Score

76/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Just Image Optimizer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/just-image-optimizer/assets/css/styles.css/wp-content/plugins/just-image-optimizer/assets/js/optimize.js

Script Paths

/wp-content/plugins/just-image-optimizer/assets/js/optimize.js

Version Parameters

just-image-optimizer/assets/css/styles.css?ver=just-image-optimizer/assets/js/optimize.js?ver=

HTML / DOM Fingerprints

CSS Classes

jri-attachement-meta-infojri-attachement-meta-info-content

Data Attributes

data-iddata-actiondata-nonce

JS Globals

just_img_optimize_obj

FAQ