Does Reimage Optimizer have any unpatched vulnerabilities?

No. All known vulnerabilities in Reimage Optimizer have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Reimage Optimizer compatible with WordPress 6.9.4?

According to WordPress.org data, Reimage Optimizer 2.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Reimage Optimizer compatible with PHP 7.0+?

Reimage Optimizer requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Reimage Optimizer updated?

Reimage Optimizer was last updated on Jan 29, 2026. Frequent updates are generally a positive security signal.

What is Reimage Optimizer's security score?

Reimage Optimizer has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Reimage Optimizer Security & Risk Analysis

wordpress.org/plugins/reimage-optimizer

Short Description: Optimize and compress images and videos in WordPress. Improve speed and SEO with HLS, logs, and troubleshooting tools.

10 active installs v2.0.0 PHP 7.0+ WP 5.7+ Updated Jan 29, 2026

image-compressionoptimizationperformancetroubleshootingvideo-optimization

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Reimage Optimizer Safe to Use in 2026?

Generally Safe

Score 100/100

Reimage Optimizer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The reimage-optimizer plugin v2.0.0 exhibits a generally good security posture, with several positive indicators. All identified SQL queries utilize prepared statements, and all output is properly escaped, significantly mitigating risks of SQL injection and cross-site scripting (XSS) vulnerabilities. The absence of known CVEs and a clean vulnerability history further contribute to this positive assessment. Furthermore, the plugin demonstrates robust use of nonces and capability checks for most of its entry points.

However, there are notable concerns regarding the plugin's attack surface. Out of seven identified AJAX handlers, three lack proper authentication checks. This presents a significant risk, as unauthenticated users could potentially trigger these handlers, leading to unauthorized actions or information disclosure. While the taint analysis showed no critical or high-severity issues, the presence of unsanitized paths in the taint flows, even if not critically rated, warrants attention as it could represent potential future risks. The plugin's file operations and external HTTP requests, while not inherently insecure, should be monitored for any unexpected or malicious behavior.

In conclusion, reimage-optimizer v2.0.0 benefits from strong defensive coding practices in its handling of data and output. The absence of historical vulnerabilities is a positive sign. Nevertheless, the unauthenticated AJAX endpoints represent a clear and present danger that requires immediate attention. Addressing these unprotected entry points will significantly improve the plugin's overall security and bring it closer to a more secure state.

Key Concerns

Unprotected AJAX handlers

Vulnerabilities

None known

Reimage Optimizer Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Reimage Optimizer Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

29 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped29 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

reimop_save_reimage_api (includes\Ajax\Reimop_WizardAjaxHandler.php:19)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

Reimage Optimizer Attack Surface

Entry Points7

Unprotected3

AJAX Handlers 7

authwp_ajax_reimage_manual_syncincludes\Ajax\Reimop_ManuallySyncAjaxHandler.php:11

authwp_ajax_reimage_ajax_statsincludes\Ajax\Reimop_ReimageStatsHandler.php:10

authwp_ajax_reimage_save_apiincludes\Ajax\Reimop_WizardAjaxHandler.php:14

authwp_ajax_reimage_save_settingsincludes\Ajax\Reimop_WizardAjaxHandler.php:15

authwp_ajax_reimage_optimize_images_cronincludes\Ajax\Reimop_WizardAjaxHandler.php:16

authwp_ajax_reimage_force_checkreimage-optimizer.php:166

authwp_ajax_reimage_reset_blockreimage-optimizer.php:208

WordPress Hooks 30

filtermanage_upload_columnsincludes\Admin\Reimop_MediaSyncColumn.php:10

actionmanage_media_custom_columnincludes\Admin\Reimop_MediaSyncColumn.php:11

actionadmin_menuincludes\Admin\Reimop_Menus.php:15

actionadmin_menuincludes\Admin\Reimop_Menus.php:16

actionadmin_initincludes\Admin\Reimop_Settings.php:10

actionadmin_enqueue_scriptsincludes\Core\Reimop_Assets_Enqueue.php:13

actionwp_enqueue_scriptsincludes\Core\Reimop_Assets_Enqueue.php:14

actionenqueue_block_assetsincludes\Core\Reimop_Assets_Enqueue.php:15

actionelementor/frontend/after_register_scriptsincludes\Core\Reimop_Assets_Enqueue.php:16

actionelementor/preview/enqueue_stylesincludes\Core\Reimop_Assets_Enqueue.php:17

actionreimop_optimize_single_imageincludes\Services\Reimop_FileReplacer.php:17

actionsave_post_attachmentincludes\Services\Reimop_FileReplacer.php:18

actionadd_attachmentincludes\Services\Reimop_Reimage-Sync.php:12

actionreimop_optimize_single_imageincludes\Services\Reimop_Reimage-Sync.php:13

actionreimop_run_batch_optimize_onceincludes\Services\Reimop_Reimage-Sync.php:14

filtercron_schedulesincludes\Services\Reimop_Reimage-Sync.php:15

actioninitincludes\Services\Reimop_Reimage-Sync.php:16

actionreimop_run_batch_optimizeincludes\Services\Reimop_Reimage-Sync.php:19

actionadmin_initincludes\Services\Reimop_ReimageReplace.php:15

actionreimop_replace_unattached_images_batchincludes\Services\Reimop_ReimageReplace.php:16

actionwp_uninstall_pluginincludes\Services\Reimop_ReimageReplace.php:18

actionreimop_optimize_existing_imagesincludes\Services\Reimop_ReimageReplace.php:21

actionadmin_initreimage-optimizer.php:59

filterwp_get_attachment_urlreimage-optimizer.php:80

filterwp_get_attachment_image_srcreimage-optimizer.php:84

filterthe_contentreimage-optimizer.php:90

filterthe_contentreimage-optimizer.php:96

filterget_custom_logoreimage-optimizer.php:104

filterget_avatar_urlreimage-optimizer.php:110

actionsave_postreimage-optimizer.php:145

Scheduled Events 5

reimop_run_batch_optimize

reimop_run_batch_optimize_once

reimop_optimize_single_image

reimop_replace_unattached_images_batch

Maintenance & Trust

Reimage Optimizer Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 29, 2026

PHP min version7.0

Downloads377

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Reimage Optimizer Alternatives

Image Optimizer – Optimize Images and Convert to WebP or AVIF

image-optimization

Automatically resize, optimize, and convert images to WebP and AVIF. Compress images in bulk or on upload to boost your WordPress site performance.

1.0M 1 CVE

QuickWebP – Compress / Optimize Images & Convert WebP | SEO Friendly

quickwebp

100

QuickWebP is a free WordPress plugin that converts images to WebP, optimizes performance, improves SEO, auto-fills metadata, and resizes images—no API …

7K No CVEs

Image to WebP Converter

image-to-webp-converter

100

Automatically convert uploaded images (PNG, JPG, JPEG) to WebP format to enhance website performance and reduce load times.

900 No CVEs

SpeedSize Image & Video AI-Optimizer

speedsize-ai-image-optimizer

SpeedSize Image & Video AI-Optimizer plugin allows you to easily use SpeedSize's Neuroscience Media Optimization on your WP website.

400 1 CVE

AHS – Image to WebP Converter

ahs-image-to-webp-converter

100

Automatically convert uploaded images to modern WebP format to reduce file size and improve website performance.

10 No CVEs

Developer Profile

Reimage Optimizer Developer Profile

reimagedev

1 plugin · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Reimage Optimizer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/reimage-optimizer/assets/css/wizard.css/wp-content/plugins/reimage-optimizer/assets/js/wizard.js/wp-content/plugins/reimage-optimizer/assets/js/reimage-optimizer-admin.js/wp-content/plugins/reimage-optimizer/assets/css/reimage-optimizer-admin.css/wp-content/plugins/reimage-optimizer/assets/js/reimage-optimizer-frontend.js/wp-content/plugins/reimage-optimizer/assets/js/reimage-optimizer-video-player.js

Script Paths

/wp-content/plugins/reimage-optimizer/assets/js/wizard.js/wp-content/plugins/reimage-optimizer/assets/js/reimage-optimizer-admin.js/wp-content/plugins/reimage-optimizer/assets/js/reimage-optimizer-frontend.js/wp-content/plugins/reimage-optimizer/assets/js/reimage-optimizer-video-player.js

Version Parameters

reimage-optimizer/assets/css/wizard.css?ver=reimage-optimizer/assets/js/wizard.js?ver=reimage-optimizer/assets/js/reimage-optimizer-admin.js?ver=reimage-optimizer/assets/css/reimage-optimizer-admin.css?ver=reimage-optimizer/assets/js/reimage-optimizer-frontend.js?ver=reimage-optimizer/assets/js/reimage-optimizer-video-player.js?ver=

HTML / DOM Fingerprints

CSS Classes

reimop-wizard-page

HTML Comments

Optimize your WordPress images via Reimage API.

Data Attributes

data-reimop-key

JS Globals

ReimageOptimizerAdminReimageOptimizerFrontendreimop_ajax_object

REST Endpoints

/wp-json/reimage-optimizer/v1/settings

FAQ