Does LH Browser Shots have any unpatched vulnerabilities?

No. All known vulnerabilities in LH Browser Shots have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is LH Browser Shots compatible with WordPress 6.0.11?

According to WordPress.org data, LH Browser Shots 2.00 has been tested up to WordPress 6.0.11. Check the plugin's changelog for the latest compatibility information.

How often is LH Browser Shots updated?

LH Browser Shots was last updated on Aug 1, 2022. Frequent updates are generally a positive security signal.

What is LH Browser Shots's security score?

LH Browser Shots has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

LH Browser Shots Security & Risk Analysis

wordpress.org/plugins/lh-browser-shots

Add screenshots of remote wesbites directly to the wordpress media library, either enter the site url in an onsite input box or click a bookmarklet.

10 active installs v2.00 PHP + WP 4.0+ Updated Aug 1, 2022

attachmentbookmarkletdownloadmediapost

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is LH Browser Shots Safe to Use in 2026?

Generally Safe

Score 85/100

LH Browser Shots has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The "lh-browser-shots" v2.00 plugin demonstrates a generally strong security posture with several positive indicators. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits its attack surface, and all discovered entry points appear to be protected. The plugin also utilizes prepared statements for its single SQL query and includes nonce and capability checks, which are good security practices. However, a concerning finding from the static analysis is the presence of a taint flow with an unsanitized path. While no critical or high severity taint flows were found, this indicates a potential weakness where user-supplied data might be improperly handled when interacting with the file system. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive sign of good development and maintenance. Despite the lack of historical vulnerabilities, the identified unsanitized path warrants attention and could be a blind spot that might lead to vulnerabilities if not addressed. Overall, the plugin is built on a sound foundation of security practices, but the single taint flow with an unsanitized path represents a notable area for improvement.

Key Concerns

Unsanitized path in taint flow
Low output escaping percentage

Vulnerabilities

None known

LH Browser Shots Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

LH Browser Shots Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

8 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared1 total queries

Output Escaping

35% escaped23 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths

<upload> (partials\upload.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

LH Browser Shots Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actionadmin_menulh-browser-shots.php:194

actionadmin_initlh-browser-shots.php:195

actionplugins_loadedlh-browser-shots.php:224

Maintenance & Trust

LH Browser Shots Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11

Last updatedAug 1, 2022

PHP min version

Downloads2K

Community Trust

Rating20/100

Number of ratings1

Active installs10

Alternatives

LH Browser Shots Alternatives

LH Add Media From Url

lh-add-media-from-url

Upload files from an url to wordpress media library, either enter file urls in an onsite input box or click a bookmarklet.

2K 2 CVEs

Add Media from URL

add-media-from-url

Let you add media files into your media library without having to upload them.

20 No CVEs

DX Delete Attached Media

dx-delete-attached-media

Automatically deletes attached media from posts and custom post types added via the Media button.

4K 2 CVEs

Autoremove Attachments

autoremove-attachments

Remove child attachments when parent post, page or custom post type is deleted.

3K No CVEs

Fix Media Library

wow-media-library-fix

Fix Media Library inconsistency between database and wp-content/uploads folder contents. Unused image files, broken media library entries, missing att …

2K 1 unpatched

Developer Profile

LH Browser Shots Developer Profile

shawfactor

77 plugins · 15K total installs

trust score

Avg Security Score

87/100

Avg Patch Time

7 days

View full developer profile

Detection Fingerprints

How We Detect LH Browser Shots

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/lh-browser-shots/css/lh-browser-shots-admin.css/wp-content/plugins/lh-browser-shots/js/lh-browser-shots-admin.js

Script Paths

/wp-content/plugins/lh-browser-shots/js/lh-browser-shots-admin.js

Version Parameters

lh-browser-shots/css/lh-browser-shots-admin.css?ver=lh-browser-shots/js/lh-browser-shots-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

lh-browser-shots-wraplh-browser-shots-admin-css

Data Attributes

data-lh_browser_shots-nonce

JS Globals

lh_browser_shots_file_urllh_browser_shots_file_widthlh_browser_shots_file_height

FAQ