Does Plugin Name: oQey Add-ons have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Plugin Name: oQey Add-ons compatible with WordPress 3.6.1?

According to WordPress.org data, Plugin Name: oQey Add-ons 0.3 has been tested up to WordPress 3.6.1. Check the plugin's changelog for the latest compatibility information.

How often is Plugin Name: oQey Add-ons updated?

Plugin Name: oQey Add-ons was last updated on Apr 16, 2014. Frequent updates are generally a positive security signal.

What is Plugin Name: oQey Add-ons's security score?

Plugin Name: oQey Add-ons has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Plugin Name: oQey Add-ons Security & Risk Analysis

wordpress.org/plugins/oqey-add-ons

oQey Add-ons is a plugin that add more features for oQey Gallery users.

10 active installs v0.3 PHP + WP 3.6.1+ Updated Apr 16, 2014

cropgalleryoqeyphotowatermark

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Plugin Name: oQey Add-ons Safe to Use in 2026?

Generally Safe

Score 85/100

Plugin Name: oQey Add-ons has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The "oqey-add-ons" v0.3 plugin presents a mixed security posture. While it shows positive signs like the majority of SQL queries utilizing prepared statements and no recorded vulnerabilities, significant concerns exist regarding its attack surface and data handling. The presence of two AJAX handlers, both lacking authentication checks, immediately exposes potential entry points to attackers. Furthermore, the taint analysis reveals a concerning number of flows with unsanitized paths, specifically three classified as high severity, indicating a risk of data being manipulated or misused without proper validation.

The vulnerability history is a strong positive, with no known or past CVEs suggesting a generally well-maintained codebase in that regard. However, the static analysis results directly contradict this positive trend by highlighting critical areas for improvement. The low percentage of properly escaped output further exacerbates the risks associated with unsanitized taint flows, as malicious input could be directly rendered to users without any mitigation. In conclusion, while the plugin avoids historical vulnerabilities and uses prepared statements for SQL, the unprotected AJAX endpoints and the high-severity unsanitized taint flows represent substantial security risks that require immediate attention.

Key Concerns

Unprotected AJAX handlers
High severity unsanitized taint flows
Low percentage of properly escaped output

Vulnerabilities

None known

Plugin Name: oQey Add-ons Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Plugin Name: oQey Add-ons Release Timeline

v0.3Current

v0.2

v0.1

Code Analysis

Analyzed Mar 16, 2026

Plugin Name: oQey Add-ons Code Analysis

Dangerous Functions

Raw SQL Queries

8 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

89% prepared9 total queries

Output Escaping

10% escaped20 total outputs

Data Flows · Security

5 unsanitized

Data Flow Analysis

5 flows5 with unsanitized paths

oqeygallery_featured_image (addonscore.php:82)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Plugin Name: oQey Add-ons Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_oQeyAddonGetImageDetailsaddonscore.php:159

authwp_ajax_oQeyAddonGetGalleryaddonscore.php:213

WordPress Hooks 5

actionadmin_menuaddonscore.php:4

filtermedia_upload_tabsaddonscore.php:67

actionmedia_upload_oqeytabaddonscore.php:80

actionadmin_noticesoqeyaddons.php:97

actioninitoqeyaddons.php:125

Maintenance & Trust

Plugin Name: oQey Add-ons Maintenance & Trust

Maintenance Signals

WordPress version tested3.6.1

Last updatedApr 16, 2014

PHP min version

Downloads74K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Plugin Name: oQey Add-ons Alternatives

PhotoBerry Studio for Photographers – Image Selection, Proofing, Watermarking & Client Management

photoberry-studio

100

Create and showcase image galleries, manage sessions, protect images, streamline proofing with tools like watermarking, favorites, and image comments.

50 No CVEs

Smash Balloon Social Photo Feed – Easy Social Feeds Plugin

instagram-feed

Formerly "Instagram Feed". Display clean, customizable, and responsive Instagram feeds from multiple accounts. Supports Instagram oEmbeds.

1.0M 4 CVEs

Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery

nextgen-gallery

The most popular gallery plugin that lets you create galleries and albums in seconds.

400K 38 CVEs

Firelight Lightbox

easy-fancybox

Formerly Easy Fancybox. The most popular WordPress lightbox plugin. Simple, fast, and responsive. Opens images, videos, PDFs, and custom popups.

200K 5 CVEs

Photo Gallery by 10Web – Mobile-Friendly Image Gallery

photo-gallery

Photo Gallery is a powerful image gallery plugin with a list of advanced options for creating responsive image galleries with beautiful lightbox.

200K 62 CVEs

Developer Profile

Plugin Name: oQey Add-ons Developer Profile

oQeySites

5 plugins · 60 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Plugin Name: oQey Add-ons

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ