Does Replace & Rename Media Files have any unpatched vulnerabilities?

No. All known vulnerabilities in Replace & Rename Media Files have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Replace & Rename Media Files compatible with WordPress 6.8.5?

According to WordPress.org data, Replace & Rename Media Files 0.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is Replace & Rename Media Files updated?

Replace & Rename Media Files was last updated on May 21, 2025. Frequent updates are generally a positive security signal.

What is Replace & Rename Media Files's security score?

Replace & Rename Media Files has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Replace & Rename Media Files Security & Risk Analysis

wordpress.org/plugins/replace-rename-media

Replace existing media files, rename media files, and display file sizes in the WordPress media library.

40 active installs v0.1 PHP + WP 5.0+ Updated May 21, 2025

file-sizeimagesmediarenamereplace

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Replace & Rename Media Files Safe to Use in 2026?

Generally Safe

Score 100/100

Replace & Rename Media Files has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago

Risk Assessment

The plugin "replace-rename-media" v0.1 exhibits a strong security posture based on the provided static analysis. All identified entry points, including AJAX handlers, appear to have proper authentication checks. The code demonstrates good practices by utilizing prepared statements for all SQL queries and a very high percentage of properly escaped output. The absence of critical or high-severity taint flows further reinforces this positive assessment.

While the plugin's internal code quality seems robust, the presence of 11 file operations warrants attention. Although no unsanitized paths were detected in the taint analysis, any operation involving file system interactions can introduce risks if not meticulously handled, especially concerning user-supplied input. The plugin's clean vulnerability history, with zero recorded CVEs, is a significant strength and suggests a history of secure development or infrequent targeted attacks.

In conclusion, the plugin appears to be secure and well-developed with respect to common web vulnerabilities. The primary areas of slight concern stem from the potential implicit risks associated with file operations, even without direct evidence of vulnerabilities in this analysis. The strong adherence to secure coding practices for SQL and output makes this plugin a relatively low-risk option.

Vulnerabilities

None known

Replace & Rename Media Files Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Replace & Rename Media Files Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

38 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared6 total queries

Output Escaping

97% escaped39 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

handle_replace_media_file (includes\Core\FileReplacer.php:80)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Replace & Rename Media Files Attack Surface

Entry Points4

Unprotected0

AJAX Handlers 4

authwp_ajax_rename_media_fileincludes\Core\FileRenamer.php:28

authwp_ajax_replace_media_fileincludes\Core\FileReplacer.php:21

authwp_ajax_wpvrrm_process_thumbnailsincludes\Process\BackgroundProcess.php:33

noprivwp_ajax_wpvrrm_process_thumbnailsincludes\Process\BackgroundProcess.php:34

WordPress Hooks 20

actionadmin_menuincludes\Admin\Admin.php:14

actionadmin_initincludes\Admin\Admin.php:16

actionadmin_enqueue_scriptsincludes\Admin\Admin.php:20

actionadmin_noticesincludes\Admin\Admin.php:22

actionadmin_noticesincludes\Admin\Admin.php:24

actionadmin_post_process_thumbnailsincludes\Admin\Admin.php:297

filterattachment_fields_to_editincludes\Core\FileRenamer.php:25

actionadmin_enqueue_scriptsincludes\Core\FileRenamer.php:31

filterattachment_fields_to_editincludes\Core\FileReplacer.php:19

actionadmin_enqueue_scriptsincludes\Core\FileReplacer.php:23

filtermanage_media_columnsincludes\Core\FileSizeColumn.php:17

actionmanage_media_custom_columnincludes\Core\FileSizeColumn.php:19

filtermanage_upload_sortable_columnsincludes\Core\FileSizeColumn.php:21

actionpre_get_postsincludes\Core\FileSizeColumn.php:23

filterattachment_fields_to_editincludes\Core\FileSizeColumn.php:25

actionadmin_enqueue_scriptsincludes\Main.php:29

filtercron_schedulesincludes\Process\BackgroundProcess.php:37

actionwpvrrm_process_queueincludes\Process\BackgroundProcess.php:40

actioninitincludes\Process\BackgroundProcess.php:43

actionplugins_loadedreplace-rename-media.php:55

Scheduled Events 3

wpvrrm_process_queue

Maintenance & Trust

Replace & Rename Media Files Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMay 21, 2025

PHP min version

Downloads310

Community Trust

Rating100/100

Number of ratings1

Active installs40

Alternatives

Replace & Rename Media Files Alternatives

Replace Image

replace-image

Upload a new version of an image without deleting the old image attachment, so that references to the image remain intact.

9K 1 CVE

File Media Renamer for SEO

file-media-renamer-for-seo

100

Rename media files with SEO-friendly names, auto-update references, alt/title sync, and 301 redirects — fast and safe.

80 No CVEs

FileRenameReplace

filerenamereplace

This plugin let the user renaming or replacing files without breaking links.

20 No CVEs

WP Media Size

wp-media-size

This adds a column in the WordPress Media Gallery list page with the filesize.

20 No CVEs

Enable Media Replace

enable-media-replace

Easily replace any attached image/file by simply uploading a new file in the Media Library edit view - a real time saver!

600K 7 CVEs

Developer Profile

Replace & Rename Media Files Developer Profile

WPVibes

10 plugins · 201K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

157 days

View full developer profile

Detection Fingerprints

How We Detect Replace & Rename Media Files

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/replace-rename-media/assets/css/admin.css/wp-content/plugins/replace-rename-media/assets/js/admin.js

Script Paths

/wp-content/plugins/replace-rename-media/assets/js/admin.js

Version Parameters

replace-rename-media/assets/css/admin.css?ver=replace-rename-media/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

wpvrrm_settings_page_wrap

Data Attributes

data-wpvrrm-action

JS Globals

wpvrrm_admin_params

FAQ