Does Author Image have any unpatched vulnerabilities?

No. All known vulnerabilities in Author Image have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Author Image compatible with WordPress 4.3.34?

According to WordPress.org data, Author Image 4.9.3 has been tested up to WordPress 4.3.34. Check the plugin's changelog for the latest compatibility information.

How often is Author Image updated?

Author Image was last updated on Nov 28, 2017. Frequent updates are generally a positive security signal.

What is Author Image's security score?

Author Image has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Author Image Security & Risk Analysis

wordpress.org/plugins/sem-author-image

Lets you easily add author images on your site.

1K active installs v4.9.3 PHP + WP 3.1+ Updated Nov 28, 2017

authorauthor-imagesemiologic

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Author Image Safe to Use in 2026?

Generally Safe

Score 85/100

Author Image has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "sem-author-image" plugin version 4.9.3 exhibits a generally good security posture based on the provided static analysis. There are no reported CVEs in its history, indicating a lack of past critical vulnerabilities. The attack surface is minimal, with only one shortcode and no identified unprotected entry points. Furthermore, the absence of dangerous functions, external HTTP requests, and taint flows suggests a well-contained and relatively safe codebase.

However, there are a few areas for concern. The plugin's sole SQL query is not using prepared statements, which could be a potential vector for SQL injection if user-supplied data is not meticulously handled elsewhere. Additionally, the output escaping is only at 44%, meaning a significant portion of the output might be vulnerable to cross-site scripting (XSS) attacks if not properly sanitized before rendering. The lack of nonce checks and a single capability check on the entire entry point also presents a minor weakness that could be exploited in specific scenarios. While the current data is promising, these points warrant attention for a robust security profile.

Key Concerns

SQL query without prepared statements
Low output escaping percentage
No nonce checks on entry points
Limited capability checks

Vulnerabilities

None known

Author Image Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Author Image Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

17 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

44% escaped39 total outputs

Attack Surface

Author Image Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[author-image] sem-author-image.php:713

WordPress Hooks 7

actionshow_user_profilemultipart-user\multipart-user.php:40

actionedit_user_profilemultipart-user\multipart-user.php:41

actionedit_user_profilesem-author-image-admin.php:66

actionshow_user_profilesem-author-image-admin.php:67

actionprofile_updatesem-author-image-admin.php:68

actionplugins_loadedsem-author-image.php:106

actionwidgets_initsem-author-image.php:137

Maintenance & Trust

Author Image Maintenance & Trust

Maintenance Signals

WordPress version tested4.3.34

Last updatedNov 28, 2017

PHP min version

Downloads143K

Community Trust

Rating60/100

Number of ratings3

Active installs1K

Alternatives

Author Image Alternatives

User Avatar – Reloaded

user-avatar-reloaded

Use any image from your WordPress Media Library as a custom user avatar or user profile picture. Add your own Default Avatar.

900 1 unpatched

WP Custom Author Image

author-image

Lets you easily add WP Custom Author Images on your site.

100 No CVEs

Profile Xtra

profile-xtra

This plugin adds some xtras to authoring profile: profile image, social media contacts, as well as alternative author and multiple authors.

10 No CVEs

Edit Author Slug

edit-author-slug

100

Allows an admin (or capable user) to edit the author slug of a user, and change the author base.

100K No CVEs

WP Meta and Date Remover

wp-meta-and-date-remover

Remove meta author and date information from posts and pages. Hide from Humans and Search engines.SEO friendly and most advance plugin.

90K 2 CVEs

Developer Profile

Author Image Developer Profile

Denis de Bernardy

4 plugins · 12K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Author Image

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/sem-author-image/sem-author-image.php

HTML / DOM Fingerprints

CSS Classes

entry_author_image

FAQ