Does Smart Auto Upload Images – Import External Images have any unpatched vulnerabilities?

No. All known vulnerabilities in Smart Auto Upload Images – Import External Images have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Smart Auto Upload Images – Import External Images compatible with WordPress 6.9.4?

According to WordPress.org data, Smart Auto Upload Images – Import External Images 1.2.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Smart Auto Upload Images – Import External Images compatible with PHP 8.0+?

Smart Auto Upload Images – Import External Images requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is Smart Auto Upload Images – Import External Images's security score?

Smart Auto Upload Images – Import External Images has a WP-Safety security score of 97/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Smart Auto Upload Images – Import External Images Security & Risk Analysis

wordpress.org/plugins/smart-auto-upload-images

Import external images automatically on save. Adds to media library and updates URLs. No manual downloads. Works with any post type.

2K active installs v1.2.3 PHP 8.0+ WP 6.2+ Updated Jan 31, 2026

auto-uploadexternal-imagesimport-imagesmedia-libraryseo

A · Safe

CVEs total1

Unpatched0

Last CVENov 7, 2025

Plugin page Download

Safety Verdict

Is Smart Auto Upload Images – Import External Images Safe to Use in 2026?

Generally Safe

Score 97/100

Smart Auto Upload Images – Import External Images has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Nov 7, 2025Updated 2mo ago

Risk Assessment

The plugin 'smart-auto-upload-images' v1.2.3 exhibits a mixed security posture. On one hand, the static analysis indicates good practices in several areas, such as the complete absence of dangerous functions, 100% of SQL queries using prepared statements, and a relatively high percentage of properly escaped output. The limited number of file operations and external HTTP requests, combined with a negligible attack surface with no identified entry points lacking authentication, are also positive indicators. However, the lack of nonce checks and a single capability check raise some concerns about potential access control vulnerabilities, especially if certain functions are exposed in unexpected ways.

The vulnerability history for this plugin is a significant area of concern. The presence of a known, high-severity vulnerability in the past, specifically 'Unrestricted Upload of File with Dangerous Type,' points to a recurring or systemic issue with how user-provided files are handled. Although the provided data indicates this specific vulnerability is currently patched, the nature of the past exploit suggests a need for continued vigilance regarding file upload functionality. The lack of any identified taint flows in the current analysis is a positive sign for the latest version, but it doesn't entirely negate the historical risk associated with file handling.

In conclusion, while the current static analysis reveals an improved security implementation with robust SQL handling and good output escaping, the past high-severity vulnerability related to file uploads remains a significant risk factor. Users should be aware that historical issues of this nature can sometimes resurface or be indicative of underlying architectural weaknesses. The plugin demonstrates strengths in secure data handling for SQL and output, but the historical context of file upload vulnerabilities demands caution and thorough testing, particularly if the plugin handles sensitive file uploads.

Key Concerns

Past high severity vulnerability exists
No nonce checks detected
Low number of capability checks
82% of output escaped, not 100%

Vulnerabilities

Smart Auto Upload Images – Import External Images Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

High

1 total CVE

CVE-2025-12161high · 8.8Unrestricted Upload of File with Dangerous Type

Smart Auto Upload Images <= 1.2.0 - Authenticated (Contributor+) Arbitrary File Upload

Nov 7, 2025 Patched in 1.2.1 (1d)

Code Analysis

Analyzed Mar 16, 2026

Smart Auto Upload Images – Import External Images Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

82% escaped11 total outputs

Attack Surface

Smart Auto Upload Images – Import External Images Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actionadmin_noticessmart-auto-upload-images.php:41

actionplugins_loadedsmart-auto-upload-images.php:71

filterwp_insert_post_datasrc\classes\Plugin.php:39

actioninitsrc\classes\Plugin.php:40

actionadmin_enqueue_scriptssrc\classes\Plugin.php:42

actionenqueue_block_editor_assetssrc\classes\Plugin.php:43

actionadmin_menusrc\classes\Plugin.php:44

actionrest_api_initsrc\classes\Plugin.php:46

Maintenance & Trust

Smart Auto Upload Images – Import External Images Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 31, 2026

PHP min version8.0

Downloads10K

Community Trust

Rating80/100

Number of ratings4

Active installs2K

Alternatives

Smart Auto Upload Images – Import External Images Alternatives

Sage Auto Upload Images

sage-auto-upload-images

100

Automatically detect and import external images to your WordPress media library. Bulk process existing posts and prevent broken links.

10 No CVEs

Media Library Helper — Bulk edit image ALT, caption & description

media-library-helper

100

Add or edit or bulk edit image ALT tag, caption & description with one click straight from the WordPress media library to improve your SEO score.

10K 1 CVE

GL Import External Images

gl-import-external-images

Import and insert images to WordPress Media Library from external URLs.

800 No CVEs

Bubuku Media Library

bubuku-media-library

100

Manage image file size and alt text in your WordPress Media Library to improve performance, accessibility and SEO.

100 No CVEs

Filikod – ALT Text Audit & Bulk Management

filikod

100

Audit every image in your media library, get an ALT Quality Score, and fix missing or weak ALT text in bulk. No AI. No external API. Full control.

80 No CVEs

Developer Profile

Smart Auto Upload Images – Import External Images Developer Profile

Burhan Nasir

3 plugins · 2K total installs

trust score

Avg Security Score

94/100

Avg Patch Time

1 days

View full developer profile

Detection Fingerprints

How We Detect Smart Auto Upload Images – Import External Images

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/smart-auto-upload-images/dist/js/admin-settings.js/wp-content/plugins/smart-auto-upload-images/dist/css/admin-settings-style.css/wp-content/plugins/smart-auto-upload-images/dist/js/admin-editor.js

Script Paths

/wp-content/plugins/smart-auto-upload-images/dist/js/admin-settings.js/wp-content/plugins/smart-auto-upload-images/dist/js/admin-editor.js

Version Parameters

smart-auto-upload-images/dist/js/admin-settings.js?ver=smart-auto-upload-images/dist/css/admin-settings-style.css?ver=smart-auto-upload-images/dist/js/admin-editor.js?ver=

HTML / DOM Fingerprints

CSS Classes

smart-aui-admin-root

JS Globals

smartAuiAdmin

REST Endpoints

/wp-json/smart-aui/v1/settings

FAQ