Does NG-Lazyload have any unpatched vulnerabilities?

No. All known vulnerabilities in NG-Lazyload have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is NG-Lazyload compatible with WordPress 5.9.13?

According to WordPress.org data, NG-Lazyload 1.8 has been tested up to WordPress 5.9.13. Check the plugin's changelog for the latest compatibility information.

Is NG-Lazyload compatible with PHP 5.6+?

NG-Lazyload requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is NG-Lazyload updated?

NG-Lazyload was last updated on Apr 30, 2022. Frequent updates are generally a positive security signal.

What is NG-Lazyload's security score?

NG-Lazyload has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

NG-Lazyload Security & Risk Analysis

wordpress.org/plugins/ng-lazyload

Enables 'lazyload' for all thumbnails and images in the content. Developed by Nikita Menshutin https://nikita.global/

10 active installs v1.8 PHP 5.6+ WP 3.6+ Updated Apr 30, 2022

imageslazy-loadlazyloadoptimize-contentthumbnail

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is NG-Lazyload Safe to Use in 2026?

Generally Safe

Score 85/100

NG-Lazyload has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

Based on the provided static analysis and vulnerability history, the 'ng-lazyload' v1.8 plugin exhibits a strong security posture. The absence of any detected dangerous functions, raw SQL queries, unescaped output, file operations, or external HTTP requests indicates good coding practices. Furthermore, the plugin's attack surface is zero, with no AJAX handlers, REST API routes, shortcodes, or cron events, meaning there are no direct entry points for potential attackers to exploit. The lack of any recorded CVEs further solidifies its secure standing, suggesting a history of stable and well-maintained code. However, the complete absence of nonces and capability checks is a notable observation. While the current attack surface is zero, any future expansion or introduction of new features without these fundamental WordPress security mechanisms could introduce significant risks. The plugin's current state is excellent, with no immediate vulnerabilities apparent, but a proactive approach to security for any future development is advised.

Vulnerabilities

None known

NG-Lazyload Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

NG-Lazyload Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

NG-Lazyload Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionwp_enqueue_scriptsNG-Lazyload.php:39

filterpost_thumbnail_htmlNG-Lazyload.php:40

filterwp_get_attachment_image_attributesNG-Lazyload.php:47

filterthe_contentNG-Lazyload.php:56

filterthe_contentNG-Lazyload.php:57

Maintenance & Trust

NG-Lazyload Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13

Last updatedApr 30, 2022

PHP min version5.6

Downloads1K

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

NG-Lazyload Alternatives

Disable Lazy Load

disable-lazy-loading

100

Activate this plugin to disable the Lazy Loading feature that was added in WP v5.5.

10K No CVEs

Smart LazyLoad – Lazy Load Images, Videos and Iframes

lazy-load-for-images

100

The best free, lightweight lazy load plugin for WordPress. Lazy loading images, videos, and iframes to improve performance and Core Web Vitals scores.

300 No CVEs

Native Image Lazy Loading

native-image-lazy-loading

Automatically add the new loading attribute to images within your content to support native image lazy loading.

20 No CVEs

Lazy Optimization

lazy-optimization

Lazy Optimization speeds up your website by lazy loading background images that are in the external CSS files.

10 No CVEs

Simple lyteload

simple-lyteload

A simple plugin to integrate jQuery lazyLoad for lazy loading images.

10 No CVEs

Developer Profile

NG-Lazyload Developer Profile

nikita.global

2 plugins · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect NG-Lazyload

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ng-lazyload/nglazyload.css/wp-content/plugins/ng-lazyload/plugin.js

Script Paths

/wp-content/plugins/ng-lazyload/plugin.js

Version Parameters

nglazyload/nglazyload.css?ver=nglazyload/plugin.js?ver=

HTML / DOM Fingerprints

Data Attributes

data-ngll-src

JS Globals

window.nglazyload

FAQ