Does Scaleflex VXP – DAM & Cloudimage have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Scaleflex VXP – DAM & Cloudimage compatible with WordPress 6.8.5?

According to WordPress.org data, Scaleflex VXP – DAM & Cloudimage 1.0.33 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Scaleflex VXP – DAM & Cloudimage compatible with PHP 7.3+?

Scaleflex VXP – DAM & Cloudimage requires PHP 7.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Scaleflex VXP – DAM & Cloudimage updated?

Scaleflex VXP – DAM & Cloudimage was last updated on Mar 26, 2026. Frequent updates are generally a positive security signal.

What is Scaleflex VXP – DAM & Cloudimage's security score?

Scaleflex VXP – DAM & Cloudimage has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Scaleflex VXP – DAM & Cloudimage Security & Risk Analysis

wordpress.org/plugins/scaleflex-vxp-dam-dmo

Scaleflex VXP centralizes, manages, optimizes and accelerates your media assets in one single source of truth.

10 active installs v1.0.33 PHP 7.3+ WP 4.8+ Updated Mar 26, 2026

asset-managementcloudimagedamdmooptimize

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Scaleflex VXP – DAM & Cloudimage Safe to Use in 2026?

Generally Safe

Score 100/100

Scaleflex VXP – DAM & Cloudimage has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "scaleflex-vxp-dam-dmo" v1.0.32 plugin exhibits a generally good security posture, with several positive indicators. The absence of known CVEs and a lack of critical or high-severity issues in taint analysis are strong points. The plugin also demonstrates good practices in its use of prepared statements for SQL queries (80%) and proper output escaping (93%). The presence of nonces and capability checks further enhances its security. However, there are clear areas of concern related to its attack surface. Specifically, the presence of 7 AJAX handlers with 3 lacking authentication checks presents a significant risk. While there's only one REST API route, it does have permission callbacks, mitigating risk there. The limited file operations and external HTTP requests are also positive, suggesting a contained functionality.

Key Concerns

Unprotected AJAX handlers
Moderate number of entry points
Low percentage of prepared SQL statements
Some unescaped output detected

Vulnerabilities

None known

Scaleflex VXP – DAM & Cloudimage Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Scaleflex VXP – DAM & Cloudimage Release Timeline

v1.0.33Current

v1.0.32

v1.0.31

v1.0.30

v1.0.29

v1.0.28

v1.0.27

v1.0.26

v1.0.25

v1.0.24

v1.0.23

v1.0.22

v1.0.21

v1.0.20

v1.0.19

v1.0.18

v1.0.17

v1.0.16

v1.0.15

v1.0.14

Code Analysis

Analyzed Mar 17, 2026

Scaleflex VXP – DAM & Cloudimage Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

157 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

80% prepared5 total queries

Output Escaping

93% escaped168 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

3 flows

sfxvxp_first_install_step_one (function\register-action.php:1324)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

Scaleflex VXP – DAM & Cloudimage Attack Surface

Entry Points8

Unprotected3

AJAX Handlers 7

authwp_ajax_sfxvxp_fetch_plugin_optionfunction\register-action.php:57

authwp_ajax_sfxvxp_first_install_step_onefunction\register-action.php:59

authwp_ajax_sfxvxp_first_install_step_twofunction\register-action.php:60

authwp_ajax_sfxvxp_first_install_step_threefunction\register-action.php:61

authwp_ajax_sfxvxp_deactivate_pluginfunction\register-action.php:64

authwp_ajax_sfxvxp_dam_get_list_metadatafunction\register-action.php:66

authwp_ajax_sfxvxp_dam_insert_asset_to_contentfunction\register-action.php:67

REST API Routes 1

GET/wp-json/sfxvxp/dam/v1/webhook/listen-datafunction\register-action.php:89

WordPress Hooks 32

actionadmin_menufunction\register-action.php:54

actionadmin_initfunction\register-action.php:55

actionadmin_enqueue_scriptsfunction\register-action.php:56

actionadmin_noticesfunction\register-action.php:68

actionmanage_media_custom_columnfunction\register-action.php:69

actionsfxvxp_dam_sync_cronfunction\register-action.php:70

actionsfxvxp_sync_dam_assets_to_wpfunction\register-action.php:71

actionafter_setup_themefunction\register-action.php:73

actiondelete_attachmentfunction\register-action.php:76

actionadd_attachmentfunction\register-action.php:79

actionadd_meta_boxesfunction\register-action.php:81

actionparse_queryfunction\register-action.php:83

actionrest_api_initfunction\register-action.php:88

actionwp_enqueue_scriptsfunction\register-action.php:100

actionwp_headfunction\register-action.php:102

filtermanage_media_columnsfunction\register-filter.php:16

filterwp_get_attachment_urlfunction\register-filter.php:17

filterimage_downsizefunction\register-filter.php:18

filterwp_calculate_image_srcsetfunction\register-filter.php:19

filterbig_image_size_thresholdfunction\register-filter.php:20

filterwp_get_attachment_image_srcfunction\register-filter.php:22

filterwp_prepare_attachment_for_jsfunction\register-filter.php:23

filterwp_get_attachment_metadatafunction\register-filter.php:24

filtermedia_send_to_editorfunction\register-filter.php:25

filterajax_query_attachments_argsfunction\register-filter.php:26

filterattachment_fields_to_editfunction\register-filter.php:27

filterget_attached_filefunction\register-filter.php:28

filterwp_content_img_tagfunction\register-filter.php:29

filterwp_calculate_image_srcsetfunction\register-filter.php:32

filterwp_headfunction\register-filter.php:33

filterwp_get_attachment_image_attributesfunction\register-filter.php:34

filtercron_schedulesscaleflex-vxp.php:33

Scheduled Events 4

sfxvxp_dam_sync_cron

sfxvxp_sync_dam_assets_to_wp

sfxvxp_dam_sync_cron

sfxvxp_sync_dam_assets_to_wp

Maintenance & Trust

Scaleflex VXP – DAM & Cloudimage Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMar 26, 2026

PHP min version7.3

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Scaleflex VXP – DAM & Cloudimage Alternatives

Canto

canto

Find & publish creative assets to WordPress easily, no email or folder search needed, with Canto's digital asset management.

100 1 unpatched

pixx.io

pixx-io

100

Integrate pixx.io DAM Digital Asset Management into WordPress. Use files from your pixx.io media pool with WordPress easily and without any detour.

90 No CVEs

OpenAsset

openasset

100

Sync your AEC Project Portfolio, Employees and Images from OpenAsset to your Wordpress Website.

10 No CVEs

Scaleflex DAM

filerobot-digital-asset-management-and-acceleration

100

Digital Asset Management and media acceleration platform that will store, manage, optimise and accelerate your media assets everywhere around the Worl …

0 No CVEs

HIVO Connector

hivo-library

100

0 No CVEs

Developer Profile

Scaleflex VXP – DAM & Cloudimage Developer Profile

Scaleflex

3 plugins · 210 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Scaleflex VXP – DAM & Cloudimage

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/scaleflex-vxp-dam-dmo/css/sfxvxp-admin-style.css/wp-content/plugins/scaleflex-vxp-dam-dmo/css/sfxvxp-style.css/wp-content/plugins/scaleflex-vxp-dam-dmo/js/sfxvxp-admin.js/wp-content/plugins/scaleflex-vxp-dam-dmo/js/sfxvxp-media-library.js/wp-content/plugins/scaleflex-vxp-dam-dmo/js/sfxvxp-frontend.js

Script Paths

/wp-content/plugins/scaleflex-vxp-dam-dmo/js/sfxvxp-admin.js/wp-content/plugins/scaleflex-vxp-dam-dmo/js/sfxvxp-media-library.js/wp-content/plugins/scaleflex-vxp-dam-dmo/js/sfxvxp-frontend.js

Version Parameters

scaleflex-vxp-dam-dmo/css/sfxvxp-admin-style.css?ver=scaleflex-vxp-dam-dmo/css/sfxvxp-style.css?ver=scaleflex-vxp-dam-dmo/js/sfxvxp-admin.js?ver=scaleflex-vxp-dam-dmo/js/sfxvxp-media-library.js?ver=scaleflex-vxp-dam-dmo/js/sfxvxp-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

sfxvxp-widget-wrappersfxvxp-media-asset

HTML Comments

Data Attributes

data-sfxvxp-asset-iddata-sfxvxp-asset-url

JS Globals

SFXVXP_LOCALIZED_DATAsfxvxp_admin_params

REST Endpoints

/wp-json/sfxvxp/dam/v1/webhook/listen-data

FAQ