Does Thumbnail Manager have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Thumbnail Manager compatible with WordPress 6.9.4?

According to WordPress.org data, Thumbnail Manager 1.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Thumbnail Manager compatible with PHP 7.4+?

Thumbnail Manager requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Thumbnail Manager updated?

Thumbnail Manager was last updated on Mar 19, 2026. Frequent updates are generally a positive security signal.

What is Thumbnail Manager's security score?

Thumbnail Manager has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Thumbnail Manager Security & Risk Analysis

wordpress.org/plugins/thumbnail-manager

Clean, control, and regenerate thumbnails with precision — remove unused sizes, prevent bloat, and rebuild what matters.

40 active installs v1.1 PHP 7.4+ WP 6.3+ Updated Mar 19, 2026

cleanupimagesmediaregeneratethumbnails

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Thumbnail Manager Safe to Use in 2026?

Generally Safe

Score 100/100

Thumbnail Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The thumbnail-manager v1.0.1 plugin exhibits a generally good security posture based on the provided static analysis. The absence of REST API routes, shortcodes, and cron events, combined with all SQL queries using prepared statements and a focus on nonce and capability checks for its two AJAX handlers, are positive indicators. The code also demonstrates no file operations or external HTTP requests, further reducing its attack surface. However, a significant concern arises from the output escaping, where only 58% of outputs are properly escaped. This leaves a potential avenue for cross-site scripting (XSS) vulnerabilities if user-supplied data is directly outputted without adequate sanitization. The plugin's vulnerability history is clean, with no recorded CVEs, which suggests a history of stable and secure development. Overall, while the plugin has strong foundational security practices in place, the partial output escaping is a notable weakness that requires attention to prevent potential XSS exploits.

Key Concerns

Unescaped output detected

Vulnerabilities

None known

Thumbnail Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Thumbnail Manager Release Timeline

v1.1Current

v1.0.1

v1.0

Code Analysis

Analyzed Mar 16, 2026

Thumbnail Manager Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

38 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

58% escaped65 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

yotm_prune_thumbnails_page (inc\admin-menu.php:62)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Thumbnail Manager Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_yotm_prune_delete_batchinc\handle-delete.php:7

authwp_ajax_yotm_prune_prepareinc\handle-prune.php:7

WordPress Hooks 3

actionadmin_enqueue_scriptsinc\admin-menu.php:15

actionadmin_menuinc\admin-menu.php:51

filterintermediate_image_sizes_advancedinc\filter-disabled-sizes.php:8

Maintenance & Trust

Thumbnail Manager Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 19, 2026

PHP min version7.4

Downloads445

Community Trust

Rating0/100

Number of ratings0

Active installs40

Alternatives

Thumbnail Manager Alternatives

Thumbnail Remover and Size Manager

thumbnail-remover

100

Safely analyze, preview, trash, restore, schedule, regenerate, report on, and manage WordPress thumbnails and image sizes.

50 No CVEs

Auto Generated Images Remover

auto-generated-images-remover

100

Short Description: Scan and remove auto-generated WordPress image thumbnails safely.

40 No CVEs

Selective Thumbnail Regenerator

selective-thumbnail-regenerator

100

A WordPress plugin that allows users to regenerate thumbnails for media files uploaded in specific months and years.

20 No CVEs

Thumbs

thumbs

100

Ein einfaches Tool zur Verwaltung von Thumbnail-Dateien in WordPress. Zählt, listet und löscht generierte Thumbnails und entfernt leere Upload-Ordner, …

0 No CVEs

Quick Featured Images

quick-featured-images

The time-saving solution for managing tons of featured images within minutes: Set, replace and delete in bulk and set default images for future posts.

50K 3 CVEs

Developer Profile

Thumbnail Manager Developer Profile

YoOhw Studio

8 plugins · 3K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Thumbnail Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/thumbnail-manager/css/style.css/wp-content/plugins/thumbnail-manager/js/admin.js

Script Paths

/wp-content/plugins/thumbnail-manager/js/admin.js

Version Parameters

thumbnail-manager/css/style.css?ver=thumbnail-manager/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

yo-tabsyo-tabyo-panelyo-rowyo-sizesyo-progress

Data Attributes

data-tabid="yotm_tabs"id="yotm_panel_prune"id="yotm_limit_subpath"id="yotm_form"onsubmit="return false;"+10 more

JS Globals

YOTM

FAQ