Does List Images have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is List Images compatible with WordPress 6.5.8?

According to WordPress.org data, List Images 1.0.4 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

How often is List Images updated?

List Images was last updated on Apr 8, 2024. Frequent updates are generally a positive security signal.

What is List Images's security score?

List Images has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

List Images Security & Risk Analysis

wordpress.org/plugins/list-images

Easy way to view and manage all images.

10 active installs v1.0.4 PHP + WP 3.6.1+ Updated Apr 8, 2024

active-imagesalt-editfilename-editimages-listlist-images

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is List Images Safe to Use in 2026?

Generally Safe

Score 85/100

List Images has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The "list-images" v1.0.4 plugin demonstrates several positive security practices, including the exclusive use of prepared statements for all SQL queries and a very high percentage of properly escaped output. The limited attack surface, with no directly exploitable unprotected entry points and the presence of nonce checks on its AJAX handlers, further contributes to a generally good security posture. The absence of any recorded past vulnerabilities or CVEs suggests a mature and well-maintained codebase.

However, the taint analysis reveals two flows with unsanitized paths, flagged as high severity. While the static analysis indicates no critical issues and the vulnerability history is clean, these taint flows represent a potential risk that could be exploited if not properly handled. The lack of capability checks on its two AJAX handlers is also a concern, as it means any authenticated user could potentially trigger these functions, increasing the risk if the unsanitized paths can be manipulated. Overall, the plugin is strong in its handling of data and code execution but has specific areas requiring attention regarding input sanitization and access control on its entry points.

Key Concerns

High severity taint flows with unsanitized paths
Lack of capability checks on AJAX handlers

Vulnerabilities

None known

List Images Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

List Images Release Timeline

v1.0.4Current

v1.0.3

v1.0.2

v1.0.1

v1.0.0

Code Analysis

Analyzed Mar 16, 2026

List Images Code Analysis

Dangerous Functions

Raw SQL Queries

10 prepared

Unescaped Output

20 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

DataTables

SQL Query Safety

100% prepared10 total queries

Output Escaping

95% escaped21 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

wpdil_update_image_details (includes\wpil_list.php:164)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

List Images Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_update_image_detailsincludes\wpil_list.php:210

authwp_ajax_change_image_filenameincludes\wpil_list.php:212

WordPress Hooks 2

actionadmin_enqueue_scriptsincludes\enqueue-scripts.php:30

actionadmin_menuincludes\wpil_list.php:10

Maintenance & Trust

List Images Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedApr 8, 2024

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

List Images Alternatives

Interactive Image Map Plugin – Draw Attention

draw-attention

Create interactive images with clickable hotspots, using modern image maps for WordPress. Perfect for floor plans, infographics, maps, and more.

20K 2 CVEs

Vision – Interactive Image Map Builder

vision

Empower your site with interactive visuals! Our plugin seamlessly transforms static images into engaging media, enabling publishers and bloggers.

2K 3 CVEs

Interactive Image – Real Estate Visualizer & Image Map

interactive-real-estate

100

⚡ Create interactive images with clickable zones on svg. Display floor plans, image maps, property details and 2D/3D photos. No coding required.

40 No CVEs

PicPoints

picpoints

Create interactive images with clickable hotspots for WordPress.

0 No CVEs

Developer Profile

List Images Developer Profile

wpdock

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect List Images

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/list-images/admin/css/app.css/wp-content/plugins/list-images/admin/js/app.js/wp-content/plugins/list-images/libraries/datatable/css/dataTables.jqueryui.css/wp-content/plugins/list-images/libraries/datatable/js/buttons.html5.min.js/wp-content/plugins/list-images/libraries/datatable/js/dataTables.buttons.min.js/wp-content/plugins/list-images/libraries/datatable/js/dataTables.jqueryui.css/wp-content/plugins/list-images/libraries/datatable/js/jquery.dataTables.min.js/wp-content/plugins/list-images/libraries/swal2/sweetalert2.min.css+1 more

Script Paths

/wp-content/plugins/list-images/admin/js/app.js

HTML / DOM Fingerprints

CSS Classes

il-thumbnail-imageeditable-celleditable-textet-filenameil-inputil-editableil-editable-filenamesize+10 more

Data Attributes

data-idclassvaluesrcalt

JS Globals

il_params

FAQ