Does Upload Multiple Image have any unpatched vulnerabilities?

No. All known vulnerabilities in Upload Multiple Image have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Upload Multiple Image compatible with WordPress 3.7.41?

According to WordPress.org data, Upload Multiple Image 1.0 has been tested up to WordPress 3.7.41. Check the plugin's changelog for the latest compatibility information.

How often is Upload Multiple Image updated?

Upload Multiple Image was last updated on Feb 12, 2014. Frequent updates are generally a positive security signal.

What is Upload Multiple Image's security score?

Upload Multiple Image has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Upload Multiple Image Security & Risk Analysis

wordpress.org/plugins/upload-multiple-image

This plugin adds a meta box for multiple images for all posts and pages.

10 active installs v1.0 PHP + WP 3.7+ Updated Feb 12, 2014

imagemetaboxmultimultiple-uploadupload-image

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Upload Multiple Image Safe to Use in 2026?

Generally Safe

Score 85/100

Upload Multiple Image has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The "upload-multiple-image" plugin v1.0 exhibits a mixed security posture. On the positive side, there are no known vulnerabilities (CVEs) associated with this plugin, and the code analysis reveals a lack of direct SQL injection risks due to the exclusive use of prepared statements. Furthermore, the plugin demonstrates awareness of security best practices by including nonce and capability checks, albeit these are not comprehensive across all potential entry points. However, significant concerns arise from the presence of the `unserialize` function, which, without proper sanitization and validation of the serialized data, can lead to remote code execution vulnerabilities. The fact that none of the outputs are properly escaped is also a serious deficiency, opening the door to Cross-Site Scripting (XSS) attacks. The absence of any taint analysis flows could be due to limited data or an inability of the analysis tool to effectively trace potentially vulnerable functions, which doesn't negate the risk posed by `unserialize`.

Key Concerns

Use of unserialize function
Output escaping is not properly implemented

Vulnerabilities

None known

Upload Multiple Image Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Upload Multiple Image Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$images = unserialize($value);upload-multi-image.php:114

unserialize$images = unserialize($value);upload-multi-image.php:143

Output Escaping

0% escaped2 total outputs

Attack Surface

Upload Multiple Image Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionload-post.phpupload-multi-image.php:14

actionload-post-new.phpupload-multi-image.php:15

actionadd_meta_boxesupload-multi-image.php:32

actionsave_postupload-multi-image.php:33

actionadmin_enqueue_scriptsupload-multi-image.php:34

Maintenance & Trust

Upload Multiple Image Maintenance & Trust

Maintenance Signals

WordPress version tested3.7.41

Last updatedFeb 12, 2014

PHP min version

Downloads3K

Community Trust

Rating94/100

Number of ratings3

Active installs10

Alternatives

Upload Multiple Image Alternatives

Multi Image Metabox

multi-image-metabox

Add a multi-image metabox to your posts, pages and custom post types

7K No CVEs

Multi Image Upload

multi-image-upload

This plugin adds a meta box to upload multiple images for posts and pages.

400 No CVEs

Multiple Gallery on Post

multiple-gallery-on-post

Very simple gallery plugin embedded on post as metaboxes, be able to add multiple metaboxes in one post with ability to insert multiple images for eac …

200 No CVEs

Advanced Multiple Image Upload

advanced-multiple-image-upload

Plugin to upload multiple images and can delete and edit images. Returns attachement ids and can be used in making custom gallery.

10 No CVEs

Snvk Gallery Metabox

snvk-media-gallery

Snvk media gallery metabox is a wordpress plugin that allow you to add gallery video metabox in post, page or any custom post type.

0 No CVEs

Developer Profile

Upload Multiple Image Developer Profile

suhasrathod

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Upload Multiple Image

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/upload-multiple-image/js/sr_image_upload_script.js

Script Paths

/wp-content/plugins/upload-multiple-image/js/sr_image_upload_script.js

Version Parameters

sr_image_upload_script?ver=

HTML / DOM Fingerprints

CSS Classes

sr_multi_images

Data Attributes

id="sr_multi_images"name="sr_multi_images"id="sr_multi_upload_nonce"

JS Globals

totalItemsplugin_dir

FAQ