Does Media Genie have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Media Genie compatible with WordPress 6.9.4?

According to WordPress.org data, Media Genie 1.0.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Media Genie compatible with PHP 8.0+?

Media Genie requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Media Genie updated?

Media Genie was last updated on Mar 20, 2026. Frequent updates are generally a positive security signal.

What is Media Genie's security score?

Media Genie has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Media Genie Security & Risk Analysis

wordpress.org/plugins/media-genie

Manage media with folders, auto-renamed uploads, custom image sizes, and Retina (2×) support.

0 active installs v1.0.3 PHP 8.0+ WP 6.0+ Updated Mar 20, 2026

imageimage-sizesmediarenameretina

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Media Genie Safe to Use in 2026?

Generally Safe

Score 100/100

Media Genie has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The media-genie plugin v1.0.2 exhibits a generally strong security posture due to its adherence to several best practices. Notably, all 11 AJAX handlers are protected with nonce checks, and all 62 SQL queries utilize prepared statements, significantly mitigating common attack vectors. The plugin also boasts a high rate of output escaping (91%) and implements capability checks on all entry points, further bolstering its defenses. The absence of any recorded vulnerabilities or CVEs in its history is a positive indicator of past security diligence.

However, a significant concern arises from the taint analysis. Out of 9 analyzed flows, 6 have unsanitized paths, with all 6 flagged as high severity. This indicates a clear risk of improper handling of user-supplied data, potentially leading to vulnerabilities like path traversal or command injection, despite the lack of directly observable dangerous functions. The presence of file operations (5 instances) combined with these unsanitized paths warrants careful investigation by the plugin developer to ensure these operations are not exploitable.

In conclusion, while media-genie v1.0.2 benefits from strong implementation of core WordPress security features and a clean vulnerability history, the high number of unsanitized taint flows represents a critical area of concern that overshadows its strengths. Developers should prioritize addressing these specific taint flows to solidify the plugin's security.

Key Concerns

High severity unsanitized taint flows found

Vulnerabilities

None known

Media Genie Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Media Genie Release Timeline

v1.0.3Current

v1.0.2

v1.0.1

v1.0.0

Code Analysis

Analyzed Mar 17, 2026

Media Genie Code Analysis

Dangerous Functions

Raw SQL Queries

62 prepared

Unescaped Output

68 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared62 total queries

Output Escaping

91% escaped75 total outputs

Data Flows · Security

6 unsanitized

Data Flow Analysis

9 flows6 with unsanitized paths

media_genie_query_attachments (app\base\setup.php:51)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Media Genie Attack Surface

Entry Points11

Unprotected0

AJAX Handlers 11

authwp_ajax_admin_media_genie_get_base_folder_countapp\hooks\admin-library.php:22

authwp_ajax_admin_media_genie_add_media_folderapp\hooks\admin-library.php:23

authwp_ajax_admin_media_genie_get_foldersapp\hooks\admin-library.php:24

authwp_ajax_admin_media_genie_sort_foldersapp\hooks\admin-library.php:25

authwp_ajax_admin_media_genie_delete_folderapp\hooks\admin-library.php:26

authwp_ajax_admin_media_genie_rename_folderapp\hooks\admin-library.php:27

authwp_ajax_admin_media_genie_set_folder_colorapp\hooks\admin-library.php:28

authwp_ajax_admin_media_genie_move_media_to_folderapp\hooks\admin-library.php:29

authwp_ajax_admin_media_genie_get_mediasapp\hooks\admin-library.php:30

authwp_ajax_admin_media_genie_set_default_folderapp\hooks\admin-library.php:31

authwp_ajax_media_genie_regenerate_imagesapp\hooks\regenerate-images.php:20

WordPress Hooks 12

actionadmin_enqueue_scriptsapp\base\scripts.php:29

filterintermediate_image_sizesapp\base\setup.php:33

filterintermediate_image_sizes_advancedapp\base\setup.php:34

filtersanitize_file_nameapp\base\setup.php:35

filterwp_generate_attachment_metadataapp\base\setup.php:36

actioninitapp\base\setup.php:37

filterajax_query_attachments_argsapp\base\setup.php:38

actionadd_attachmentapp\base\setup.php:39

actionadmin_head-upload.phpapp\settings\library.php:31

actionadmin_enqueue_scriptsapp\settings\library.php:32

actionadmin_menuapp\settings\setting.php:33

actionadmin_initapp\settings\setting.php:34

Maintenance & Trust

Media Genie Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 20, 2026

PHP min version8.0

Downloads335

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Media Genie Alternatives

Phoenix Media Rename

phoenix-media-rename

100

The Phoenix Media Rename plugin allows you to easily rename (and retitle) your media files, once uploaded.

50K 1 CVE

Disable Media Sizes

disable-media-sizes

100

Provides options to disable the extra images generated by WordPress.

10K No CVEs

File Media Renamer for SEO

file-media-renamer-for-seo

100

Rename media files with SEO-friendly names, auto-update references, alt/title sync, and 301 redirects — fast and safe.

100 No CVEs

Rename Media

rename-media

Rename underlying media files from the WordPress media management interface

80 No CVEs

Replace & Rename Media Files

replace-rename-media

100

Replace existing media files, rename media files, and display file sizes in the WordPress media library.

50 No CVEs

Developer Profile

Media Genie Developer Profile

PUJI Design

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Media Genie

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/media-genie/assets/scripts/media-panel.css/wp-content/plugins/media-genie/assets/scripts/library.css/wp-content/plugins/media-genie/assets/scripts/library.js/wp-content/plugins/media-genie/assets/scripts/media-panel.js

Script Paths

/wp-content/plugins/media-genie/assets/scripts/media-panel.js/wp-content/plugins/media-genie/assets/scripts/library.js

HTML / DOM Fingerprints

CSS Classes

mg-add-folder-buttonmg-sidebar-wrappermg-headingmg-base-foldersmg-sec-titlemg-folders-containermg-public-foldersmg-private-folders+6 more

Data Attributes

data-action

JS Globals

mediaGenieAjax

FAQ