Does WP Boyka have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Boyka have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Boyka compatible with WordPress 3.5.2?

According to WordPress.org data, WP Boyka 0.1 has been tested up to WordPress 3.5.2. Check the plugin's changelog for the latest compatibility information.

How often is WP Boyka updated?

WP Boyka was last updated on May 10, 2013. Frequent updates are generally a positive security signal.

What is WP Boyka's security score?

WP Boyka has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Boyka Security & Risk Analysis

wordpress.org/plugins/wp-boyka

This plugin increases your website's performance by reducing image size without an apparent change for the human eye.

10 active installs v0.1 PHP + WP 3.0.1+ Updated May 10, 2013

compressionimage-compressionimage-compressorimprove-performance

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Boyka Safe to Use in 2026?

Generally Safe

Score 85/100

WP Boyka has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The wp-boyka plugin v0.1 presents a mixed security posture. On the positive side, the absence of known CVEs and a clean vulnerability history suggest a generally well-maintained or simple plugin. The code analysis also shows strengths like 100% of SQL queries using prepared statements and the presence of at least one capability check. However, there are significant concerns. A striking 14% of output is not properly escaped, posing a risk of cross-site scripting (XSS) vulnerabilities. Furthermore, the taint analysis identified one unsanitized path, which, despite its severity not being flagged as critical or high in the provided data, still represents a potential avenue for exploitation. The lack of nonce checks on any entry points is also a notable weakness, especially if the plugin were to have any AJAX handlers in the future. The single file operation without explicit details is also a point of caution.

Key Concerns

Low percentage of properly escaped output
Taint analysis found unsanitized paths
Zero nonce checks on entry points
Presence of file operations

Vulnerabilities

None known

WP Boyka Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP Boyka Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

14% escaped29 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

boyka_preview_page (wp-boyka.php:317)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WP Boyka Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actionadmin_initwp-boyka.php:63

actionadmin_menuwp-boyka.php:70

filtermanage_media_columnswp-boyka.php:71

actionmanage_media_custom_columnwp-boyka.php:72

actionadmin_action_boyka_compress_singlewp-boyka.php:73

actionadmin_action_boyka_clear_cachewp-boyka.php:74

actionplugins_loadedwp-boyka.php:75

filterwp_generate_attachment_metadatawp-boyka.php:79

Maintenance & Trust

WP Boyka Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2

Last updatedMay 10, 2013

PHP min version

Downloads2K

Community Trust

Rating80/100

Number of ratings1

Active installs10

Alternatives

WP Boyka Alternatives

Image Optimizer – Optimize Images and Convert to WebP or AVIF

image-optimization

Automatically resize, optimize, and convert images to WebP and AVIF. Compress images in bulk or on upload to boost your WordPress site performance.

1.0M 1 CVE

QuickWebP – Compress / Optimize Images & Convert WebP | SEO Friendly

quickwebp

100

QuickWebP is a free WordPress plugin that converts images to WebP, optimizes performance, improves SEO, auto-fills metadata, and resizes images—no API …

7K No CVEs

Flying Images: Optimize and Lazy Load Images for Faster Page Speed

nazy-load

Optimize and lazy load images to reduce load times, save bandwidth, and improve performance, delivering a faster and smoother user experience.

3K 1 CVE

ImageRecycle pdf & image compression

imagerecycle-pdf-image-compression

ImageRecycle image & PDF compression. Make WordPress loads faster by using an automatic image and PDF optimization.

1K 15 CVEs

nicen-localize-image

100

A WordPress plugin for localizing external images in posts, supporting pre-publish localization via editor plugin, automatic localization during publi …

1K No CVEs

Developer Profile

WP Boyka Developer Profile

drosophila

2 plugins · 70 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Boyka

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-boyka/js/common.js

Script Paths