Does WoPo File Converter have any unpatched vulnerabilities?

No. All known vulnerabilities in WoPo File Converter have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WoPo File Converter compatible with WordPress 6.8.5?

According to WordPress.org data, WoPo File Converter 1.2.3 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is WoPo File Converter compatible with PHP 8.2+?

WoPo File Converter requires PHP 8.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WoPo File Converter updated?

WoPo File Converter was last updated on Sep 4, 2025. Frequent updates are generally a positive security signal.

What is WoPo File Converter's security score?

WoPo File Converter has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WoPo File Converter Security & Risk Analysis

wordpress.org/plugins/wopo-file-converter

WoPo File Converter is an online file converter that supports nearly all audio, video, document, ebook, archive, image, spreadsheet, and presentation …

50 active installs v1.2.3 PHP 8.2+ WP 5.2+ Updated Sep 4, 2025

converterfile-convertfile-converterpdf-convertwopo

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WoPo File Converter Safe to Use in 2026?

Generally Safe

Score 100/100

WoPo File Converter has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago

Risk Assessment

The "wopo-file-converter" plugin v1.2.3 exhibits a generally good security posture with some areas requiring attention. The plugin demonstrates strong adherence to secure coding practices by exclusively using prepared statements for SQL queries and a high percentage of properly escaped output. The limited attack surface, consisting of a single shortcode and no AJAX or REST API endpoints, further contributes to its security. However, the presence of one flow with unsanitized paths identified during taint analysis is a significant concern, as this could potentially lead to path traversal vulnerabilities. Additionally, the absence of nonce checks across all entry points, though the attack surface is small, represents a missed opportunity for robust security. The plugin's history of zero known CVEs is positive, indicating a lack of publicly disclosed vulnerabilities. While the plugin appears to be well-maintained regarding known issues, the taint analysis findings highlight the need for careful review of file operation handling. Overall, "wopo-file-converter" v1.2.3 is in a decent security state due to its limited attack surface and good SQL/output practices, but the unsanitized path flow and lack of nonce checks present identifiable risks.

Key Concerns

Flow with unsanitized paths detected
No nonce checks on entry points
Bundled Guzzle library outdated (v1.1)

Vulnerabilities

None known

WoPo File Converter Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WoPo File Converter Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

32 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Guzzle1.1

Output Escaping

86% escaped37 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

wopofc_shortcode (wopo-file-converter.php:189)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WoPo File Converter Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[wopo-file-converter] wopo-file-converter.php:188

WordPress Hooks 2

actionadmin_initwopo-file-converter.php:124

actionadmin_menuwopo-file-converter.php:142

Maintenance & Trust

WoPo File Converter Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedSep 4, 2025

PHP min version8.2

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs50

Alternatives

WoPo File Converter Alternatives

WP PDF Generator

wp-pdf-generator

Simply helps you to get your web page download as pdf

1K 1 CVE

WPMK PDF Generator

wpmk-pdf-generator

This Free Plugin will provide you to add download html to pdf

80 1 unpatched

Web2PDF Converter

web2pdf-converter

This plugin convert current web page to pdf file

10 No CVEs

Robin Image Optimizer – Unlimited Image Optimization & WebP Converter

robin-image-optimizer

Unlimited automatic image optimization for WordPress. Compress images, convert to WebP, and improve site speed without losing image quality.

100K 2 CVEs

FOX – Currency Switcher Professional for WooCommerce

woocommerce-currency-switcher

FOX - Currency Switcher Professional for WooCommerce (former name is WOOCS) is currency plugin for woocommerce and multi currency shop, switch & pay

50K 12 CVEs

Developer Profile

WoPo File Converter Developer Profile

WoPo Web

10 plugins · 280 total installs

trust score

Avg Security Score

90/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WoPo File Converter

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wopo-file-converter/assets/js/main.js

Version Parameters

wopo-file-converter/assets/js/main.js?ver=

HTML / DOM Fingerprints

Shortcode Output

<h1><?php echo esc_html( get_admin_page_title() ); ?></h1>

FAQ