Does Random Post Thumbnail have any unpatched vulnerabilities?

No. All known vulnerabilities in Random Post Thumbnail have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Random Post Thumbnail compatible with WordPress 3.3.2?

According to WordPress.org data, Random Post Thumbnail 0.1 has been tested up to WordPress 3.3.2. Check the plugin's changelog for the latest compatibility information.

How often is Random Post Thumbnail updated?

Random Post Thumbnail was last updated on Jan 18, 2012. Frequent updates are generally a positive security signal.

What is Random Post Thumbnail's security score?

Random Post Thumbnail has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Random Post Thumbnail Security & Risk Analysis

wordpress.org/plugins/random-post-thumbnail

Easy way to add random featured images to your posts.

10 active installs v0.1 PHP + WP 3.0+ Updated Jan 18, 2012

featured-imagemedia-gallerypostrandom-imagethumbnail

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Random Post Thumbnail Safe to Use in 2026?

Generally Safe

Score 85/100

Random Post Thumbnail has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 14yr ago

Risk Assessment

The 'random-post-thumbnail' plugin version 0.1 exhibits a seemingly secure static analysis profile with no detected dangerous functions, SQL injection vulnerabilities, file operations, or external HTTP requests. The absence of any recorded vulnerabilities in its history also suggests a stable and well-maintained codebase. However, a significant concern arises from the complete lack of output escaping, as 100% of the identified outputs are not properly escaped. This represents a substantial risk of Cross-Site Scripting (XSS) vulnerabilities, which could allow attackers to inject malicious scripts into the website. Furthermore, the absence of nonce and capability checks across all entry points, though the attack surface is currently zero, indicates a potential weakness if new entry points are introduced without proper security considerations. While the current lack of known vulnerabilities is a positive sign, the unescaped outputs remain a critical area of concern that needs immediate attention.

Key Concerns

0% output escaping found
No capability checks on entry points
No nonce checks on entry points

Vulnerabilities

None known

Random Post Thumbnail Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Random Post Thumbnail Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped2 total outputs

Attack Surface

Random Post Thumbnail Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actionadmin_menurandom-post-thumbnail.php:12

Maintenance & Trust

Random Post Thumbnail Maintenance & Trust

Maintenance Signals

WordPress version tested3.3.2

Last updatedJan 18, 2012

PHP min version

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Random Post Thumbnail Alternatives

WP Random Post Thumbnails

wp-random-post-thumbnails

100

Allows you to select images to be shown at random for posts without a featured image.

1K No CVEs

Auto Featured Image (Auto Post Thumbnail)

auto-post-thumbnail

Automatically generate, assign, and manage featured images in bulk so every post on your site has a featured image.

50K 6 CVEs

Multiple Featured Images

multiple-featured-images

Enables multiple featured images for all post types (including custom post types and WooCommerce products). Comes with a widget and a handy shortcode …

5K No CVEs

Acme Fix Images – Regenerate Thumbnails

acme-fix-images

100

Fix image sizes after you have changed image sizes from Media Settings. Ensure your images display consistently across your website.

4K 1 CVE

Add Featured Image to RSS Feed

add-featured-image-to-rss-feed

Adds the featured image attached to posts to the beginning of the post content and excerpt in RSS feeds.

2K No CVEs

Developer Profile

Random Post Thumbnail Developer Profile

JohnnyPea

8 plugins · 140 total installs

trust score

Avg Security Score

87/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Random Post Thumbnail

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

wrap

FAQ