WP-Safety

七牛图床 Security & Risk Analysis

wordpress.org/plugins/qiniu-tuchuang

七牛图床插件:编辑器中上传图片至七牛服务器

10 active installs v0.5 PHP + WP 3.0+ Updated Jun 13, 2015
qiniu%e5%9b%be%e5%ba%8a%e4%b8%83%e7%89%9b
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is 七牛图床 Safe to Use in 2026?

Generally Safe

Score 85/100

七牛图床 has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago
Risk Assessment

The plugin "qiniu-tuchuang" v0.5 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of any known CVEs and no recorded vulnerabilities in its history is a significant positive indicator. Furthermore, the code analysis reveals a commendable approach to database security, with 100% of SQL queries utilizing prepared statements, which greatly mitigates the risk of SQL injection vulnerabilities. The plugin also demonstrates good practices in avoiding dangerous functions, file operations, and external HTTP requests, all of which are common sources of security weaknesses.

Key Concerns

  • 0% output escaping
  • 0 capability checks
  • 0 nonce checks
Vulnerabilities
None known

七牛图床 Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

七牛图床 Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
9
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

0% escaped9 total outputs
Attack Surface

七牛图床 Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 5
actionadmin_menuqiniu-tuchaung.php:19
actionadmin_initqiniu-tuchaung.php:34
actionsubmitpost_boxqiniu-tuchaung.php:81
actionsubmitpost_boxqiniu-tuchaung.php:89
actionsubmitpost_boxqiniu-tuchaung.php:94
Maintenance & Trust

七牛图床 Maintenance & Trust

Maintenance Signals

WordPress version tested4.1.42
Last updatedJun 13, 2015
PHP min version
Downloads7K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

七牛图床 Alternatives

KODO Qiniu

KODO Qiniu

kodo-qiniu

A
100

使用七牛云海量存储系统 KODO 作为附件存储空间。(This is a plugin that uses Qiniu Cloud KODO for attachments remote saving.)

300 1 CVE
远程抓取图片CDN加速插件

远程抓取图片CDN加速插件

kxxx-qiniu

A
85

一款抓取远程图片并对接七牛cdn的扩展

20 No CVEs
WPQiNiu七牛云对象存储

WPQiNiu七牛云对象存储

wpqiniu

A
100

WordPress 七牛云对象存储(简称:WPQiNiu),基于七牛云对象存储与WordPress实现静态资源到对象存储中,让静态资源包括图片、附件分离WordPress根目录,提高网站打开速度。

400 No CVEs
WP-QINIU (WordPress连接到七牛云存储)

WP-QINIU (WordPress连接到七牛云存储)

wp-qiniu

A
85

备份WordPress到七牛云存储,把七牛云存储作为网站附件存储空间。

60 No CVEs
七牛镜像存储 WordPress 插件

七牛镜像存储 WordPress 插件

wpjam-qiniu

A
85

七牛镜像存储 WordPress 插件:一键实现 WordPress 博客静态文件 CDN 加速。

50 No CVEs
Developer Profile

七牛图床 Developer Profile

yangzhongchao

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect 七牛图床

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/qiniu-tuchuang/js/qiniu.js/wp-content/plugins/qiniu-tuchuang/js/main.js/wp-content/plugins/qiniu-tuchuang/css/qiniu_tuchuang.css
Script Paths
/wp-content/plugins/qiniu-tuchuang/js/qiniu.js/wp-content/plugins/qiniu-tuchuang/js/main.js

HTML / DOM Fingerprints

CSS Classes
submit
Data Attributes
id="host"name="qiniu_options[host]"id="prefix"name="qiniu_options[prefix]"id="bucket"name="qiniu_options[bucket]"+10 more
JS Globals
savekeyimgurlhostuptokenurl
FAQ

Frequently Asked Questions about 七牛图床