Does PixJet – NextGen Image Optimizer & CDN have any unpatched vulnerabilities?

No. All known vulnerabilities in PixJet – NextGen Image Optimizer & CDN have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is PixJet – NextGen Image Optimizer & CDN compatible with WordPress 6.8.5?

According to WordPress.org data, PixJet – NextGen Image Optimizer & CDN 1.0.4 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is PixJet – NextGen Image Optimizer & CDN compatible with PHP 7.4+?

PixJet – NextGen Image Optimizer & CDN requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is PixJet – NextGen Image Optimizer & CDN updated?

PixJet – NextGen Image Optimizer & CDN was last updated on Nov 10, 2025. Frequent updates are generally a positive security signal.

What is PixJet – NextGen Image Optimizer & CDN's security score?

PixJet – NextGen Image Optimizer & CDN has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

PixJet – NextGen Image Optimizer & CDN Security & Risk Analysis

wordpress.org/plugins/pixjet

PixJet: Simplify media management with image optimization, watermarking, and a premium CDN for lightning-fast content delivery.

200 active installs v1.0.4 PHP 7.4+ WP 6.4+ Updated Nov 10, 2025

cdnimage-optimizationsite-speedsmart-lazy-loadwatermark

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is PixJet – NextGen Image Optimizer & CDN Safe to Use in 2026?

Generally Safe

Score 100/100

PixJet – NextGen Image Optimizer & CDN has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The "pixjet" v1.0.4 plugin demonstrates several strong security practices, including the exclusive use of prepared statements for all SQL queries and a near-perfect output escaping rate. This indicates a generally good awareness of fundamental web application security principles. The absence of known CVEs and a clean vulnerability history further bolster its current security standing. However, a significant concern arises from the substantial attack surface exposed through unprotected AJAX handlers and REST API routes. Eight out of twelve identified entry points lack necessary authentication or permission checks, creating a wide opening for potential unauthorized access and manipulation if specific vulnerabilities are discovered in these unprotected endpoints. While the taint analysis shows no critical or high severity unsanitized paths, the presence of five unsanitized flows, even if deemed low severity by the analysis, combined with the unprotected entry points, warrants careful consideration. The plugin's strengths lie in its robust data handling, but its weaknesses are concentrated in its access control mechanisms for its exposed interfaces. A balanced conclusion suggests that while the core functionality appears secure, the external interfaces are a considerable risk area that needs immediate attention.

Key Concerns

Unprotected AJAX handlers
Unprotected REST API routes
Taint flows with unsanitized paths

Vulnerabilities

None known

PixJet – NextGen Image Optimizer & CDN Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

PixJet – NextGen Image Optimizer & CDN Code Analysis

Dangerous Functions

Raw SQL Queries

46 prepared

Unescaped Output

296 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared46 total queries

Output Escaping

99% escaped300 total outputs

Data Flows

5 unsanitized

Data Flow Analysis

5 flows5 with unsanitized paths

handle_pixjet_ajax (1.0.3\admin\class-pixjet-admin.php:426)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

8 unprotected

PixJet – NextGen Image Optimizer & CDN Attack Surface

Entry Points12

Unprotected8

AJAX Handlers 6

authwp_ajax_pixjet_api_status1.0.3\includes\class-pixjet.php:156

authwp_ajax_pixjet_ajax1.0.3\includes\class-pixjet.php:158

authwp_ajax_pixjet_refresh_nonce1.0.3\includes\class-pixjet.php:160

authwp_ajax_pixjet_api_statusincludes\class-pixjet.php:156

authwp_ajax_pixjet_ajaxincludes\class-pixjet.php:158

authwp_ajax_pixjet_refresh_nonceincludes\class-pixjet.php:160

REST API Routes 6

GET/wp-json/pixjet/v1/message1.0.3\public\class-pixjet-public.php:302

GET/wp-json/pixjet/v1/message1.0.3\public\class-pixjet-public.php:314

GET/wp-json/pixjet/v1/messagepublic\class-pixjet-public.php:360

GET/wp-json/pixjet/v1/messagepublic\class-pixjet-public.php:372

GET/wp-json/pixjet/v1/lcppublic\class-pixjet-public.php:575

GET/wp-json/pixjet/v1/lcppublic\class-pixjet-public.php:585

WordPress Hooks 40

actionplugins_loaded1.0.3\includes\class-pixjet.php:132

actionadmin_notices1.0.3\includes\class-pixjet.php:146

actionadmin_enqueue_scripts1.0.3\includes\class-pixjet.php:148

actionadmin_enqueue_scripts1.0.3\includes\class-pixjet.php:149

actionadmin_menu1.0.3\includes\class-pixjet.php:150

actionadmin_init1.0.3\includes\class-pixjet.php:153

actionwp_generate_attachment_metadata1.0.3\includes\class-pixjet.php:164

actionplugin_row_meta1.0.3\includes\class-pixjet.php:165

actionplugin_auto_update_setting_html1.0.3\includes\class-pixjet.php:168

actionadmin_post_toggle_auto_update1.0.3\includes\class-pixjet.php:169

actionwp_enqueue_scripts1.0.3\includes\class-pixjet.php:182

actionwp_enqueue_scripts1.0.3\includes\class-pixjet.php:183

filterinit1.0.3\includes\class-pixjet.php:184

actionrest_api_init1.0.3\public\class-pixjet-public.php:424

filterthe_content1.0.3\public\class-pixjet-public.php:426

filterwp_get_attachment_url1.0.3\public\class-pixjet-public.php:427

filterwp_get_attachment_image_src1.0.3\public\class-pixjet-public.php:428

filterwp_calculate_image_srcset1.0.3\public\class-pixjet-public.php:429

filterthe_content1.0.3\public\class-pixjet-public.php:432

actionplugins_loadedincludes\class-pixjet.php:132

actionadmin_noticesincludes\class-pixjet.php:146

actionadmin_enqueue_scriptsincludes\class-pixjet.php:148

actionadmin_enqueue_scriptsincludes\class-pixjet.php:149

actionadmin_menuincludes\class-pixjet.php:150

actionadmin_initincludes\class-pixjet.php:153

actionwp_generate_attachment_metadataincludes\class-pixjet.php:164

actionplugin_row_metaincludes\class-pixjet.php:165

actionplugin_auto_update_setting_htmlincludes\class-pixjet.php:168

actionadmin_post_toggle_auto_updateincludes\class-pixjet.php:169

actionwp_enqueue_scriptsincludes\class-pixjet.php:182

actionwp_enqueue_scriptsincludes\class-pixjet.php:183

filterinitincludes\class-pixjet.php:184

actionrest_api_initpublic\class-pixjet-public.php:482

actionrest_api_initpublic\class-pixjet-public.php:484

actionwp_headpublic\class-pixjet-public.php:486

filterthe_contentpublic\class-pixjet-public.php:488

filterwp_get_attachment_urlpublic\class-pixjet-public.php:489

filterwp_get_attachment_image_srcpublic\class-pixjet-public.php:490

filterwp_calculate_image_srcsetpublic\class-pixjet-public.php:491

filterthe_contentpublic\class-pixjet-public.php:494

Maintenance & Trust

PixJet – NextGen Image Optimizer & CDN Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedNov 10, 2025

PHP min version7.4

Downloads4K

Community Trust

Rating100/100

Number of ratings2

Active installs200

Alternatives

PixJet – NextGen Image Optimizer & CDN Alternatives

SpeedSize Image & Video AI-Optimizer

speedsize-ai-image-optimizer

SpeedSize Image & Video AI-Optimizer plugin allows you to easily use SpeedSize's Neuroscience Media Optimization on your WP website.

400 1 CVE

Auto Cloudinary

auto-cloudinary

100

Super simple Cloudinary auto-upload implementation for WordPress.

200 No CVEs

Codirun R2 Media & Static CDN

codirun-codir2me-cdn

100

Upload JS, CSS, SVG, fonts and images to Cloudflare R2 and serve them via Cloudflare CDN to speed up your WordPress site and reduce server load.

10 No CVEs

FileJet Pro

filejet-pro

100

FileJet Pro plugin provides easy integration with FileJet service for serving as much optimized images as possible for your clients.

10 No CVEs

Automatic Image Optimizer & CDN by wpimg.io

automatic-image-optimizer-cdn

100

Instantly speed up your site with automated image optimization, WebP/AVIF, and global CDN. Zero setup required.

0 No CVEs

Developer Profile

PixJet – NextGen Image Optimizer & CDN Developer Profile

addonix

1 plugin · 200 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect PixJet – NextGen Image Optimizer & CDN

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/pixjet/assets/css/frontend-style.css/wp-content/plugins/pixjet/assets/js/frontend-script.js

Script Paths

/wp-content/plugins/pixjet/assets/js/frontend-script.js

Version Parameters

pixjet/assets/css/frontend-style.css?ver=pixjet/assets/js/frontend-script.js?ver=

HTML / DOM Fingerprints

CSS Classes

pixjet-lazy-image

HTML Comments

JS Globals

pixjet_settings

FAQ