Does TCL Categories Image have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is TCL Categories Image compatible with WordPress 4.9.29?

According to WordPress.org data, TCL Categories Image 1.0.1 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

Is TCL Categories Image compatible with PHP 5.2.4+?

TCL Categories Image requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is TCL Categories Image updated?

TCL Categories Image was last updated on Jan 19, 2018. Frequent updates are generally a positive security signal.

What is TCL Categories Image's security score?

TCL Categories Image has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

TCL Categories Image Security & Risk Analysis

wordpress.org/plugins/tcl-categories-image

TCL Categories Images Plugin allow users to add an image to category or custom taxonomies.You can easily assign an image to each category/taxonomy or …

10 active installs v1.0.1 PHP 5.2.4+ WP 4.4+ Updated Jan 19, 2018

categories-imagecategories-imagescategory-imagecategory-imagestaxonomy-image

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is TCL Categories Image Safe to Use in 2026?

Generally Safe

Score 85/100

TCL Categories Image has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "tcl-categories-image" plugin v1.0.1 exhibits a seemingly strong security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits its attack surface, and critically, there are no unprotected entry points. The code also demonstrates good practices with SQL queries exclusively using prepared statements and no file operations or external HTTP requests. However, a significant concern lies in the output escaping, where only 36% of total outputs are properly escaped. This indicates a substantial risk of Cross-Site Scripting (XSS) vulnerabilities, especially if sensitive data is displayed to users. The lack of vulnerability history and taint analysis, while positive, does not guarantee future security, and the low output escaping percentage is a clear red flag. While the plugin avoids common pitfalls like raw SQL or missing nonces, the insufficient output sanitization presents a tangible risk that needs immediate attention. The plugin's strengths lie in its minimal attack surface and use of prepared statements, but its weakness in output handling compromises its overall security.

Key Concerns

Insufficient output escaping

Vulnerabilities

None known

TCL Categories Image Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

TCL Categories Image Release Timeline

No version history available.

Code Analysis

Analyzed Mar 17, 2026

TCL Categories Image Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

36% escaped11 total outputs

Attack Surface

TCL Categories Image Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 7

actionadmin_initincludes\class-tcl-term-meta-box.php:17

actionedited_termincludes\class-tcl-term-meta-box.php:18

actioncreate_termincludes\class-tcl-term-meta-box.php:19

actionadmin_menuincludes\tcl-admin-setting.php:22

actionadmin_initincludes\tcl-admin-setting.php:23

actioninittcl-categories-image.php:57

actionadmin_enqueue_scriptstcl-categories-image.php:58

Maintenance & Trust

TCL Categories Image Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedJan 19, 2018

PHP min version5.2.4

Downloads1K

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

TCL Categories Image Alternatives

RDV Category Image

rdv-category-image

100

Add an image to a category or taxonomy. Display a category image using either a template tag or a shortcode.

300 No CVEs

Categories Images

categories-images

The Categories Images is a Wordpress plugin allow you to add image to category, tag or custom taxonomy.

50K 2 CVEs

Category Image Manager by DevDesignDazzle

category-image-manager-by-devdesigndazzle

Category Image Manager by DevDesignDazzle is a lightweight WordPress plugin to add images to WordPress categories.

0 No CVEs

Advanced Category and Custom Taxonomy Image

advanced-category-and-custom-taxonomy-image

Add Custom Image To Your Category / Custom Taxonomy Field With Advanced Category and Custom Taxonomy Image Plugin.

1K 1 CVE

Custom Category Image

custom-category-image

Are you looking for uploading image to a category ? Yes, Custom Category Image plugin exactly does that.

400 No CVEs

Developer Profile

TCL Categories Image Developer Profile

shishir

2 plugins · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect TCL Categories Image

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/tcl-categories-image/assets/js/tcl-media-uploader.js

Script Paths

/wp-content/plugins/tcl-categories-image/assets/js/tcl-media-uploader.js

Version Parameters

tcl-categories-image/assets/js/tcl-media-uploader.js?ver=1.0.0

HTML / DOM Fingerprints

CSS Classes

tclci-taxonomy-image-containertcl-taxonomy-imagetclci-taxonomy-valtclci-upload-image-buttontclci-remove-image-button

Data Attributes

data-upload-image

JS Globals

media_upload_object

FAQ