WP-Safety

WP Copyright Security & Risk Analysis

wordpress.org/plugins/wp-copyright

Enforces copyright discipline by blurring all uploaded images as long as the associated copyright info is undefined.

60 active installs v2.0.4 PHP 5.6+ WP 4.6+ Updated Jan 23, 2019
blurcopyrightimagesmedia-managermedia-upload
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WP Copyright Safe to Use in 2026?

Generally Safe

Score 85/100

WP Copyright has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago
Risk Assessment

The "wp-copyright" v2.0.4 plugin presents a mixed security posture. On the positive side, the plugin demonstrates good practices by utilizing prepared statements for all its SQL queries and not making any external HTTP requests. The absence of known vulnerabilities in its history is also a strong indicator of a relatively secure past. However, significant concerns arise from the static analysis, particularly the presence of two AJAX handlers that lack authentication checks. This directly contributes to an exposed attack surface and creates a clear pathway for potential unauthorized actions.

The taint analysis revealed one flow with unsanitized paths, which is concerning even if it didn't reach critical or high severity. Coupled with the lack of nonce and capability checks on the unprotected AJAX handlers, this suggests a potential for privilege escalation or data manipulation if an attacker can trigger these handlers. While the plugin doesn't exhibit overtly dangerous functions or raw SQL queries, the identified entry points without proper authorization are the most pressing weaknesses. Overall, the plugin has some fundamental security strengths but suffers from critical oversights in its handling of AJAX endpoints.

Key Concerns

  • AJAX handlers without auth checks
  • Unsanitized paths in taint analysis
  • Missing nonce checks
  • Missing capability checks
  • Outputs not properly escaped (33%)
Vulnerabilities
None known

WP Copyright Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

WP Copyright Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
5
10 escaped
Nonce Checks
0
Capability Checks
0
File Operations
2
External Requests
0
Bundled Libraries
0

Output Escaping

67% escaped15 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<main> (main.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

WP Copyright Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_check_vaultmain.php:240
noprivwp_ajax_check_vaultmain.php:241
WordPress Hooks 14
actionadmin_noticesmain.php:39
filterattachment_fields_to_editmain.php:73
actionedit_attachmentmain.php:96
actionedit_attachmentmain.php:107
actionwp_enqueue_mediamain.php:268
actionadmin_print_footer_scriptsmain.php:269
filterwp_prepare_attachment_for_jsmain.php:449
actionadmin_initmain.php:461
filtermedia_send_to_editormain.php:590
filterwp_generate_attachment_metadatamain.php:660
actionadmin_initmain.php:847
actionadmin_noticesmain.php:848
actionadmin_menumain.php:871
actionadmin_initmain.php:872
Maintenance & Trust

WP Copyright Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29
Last updatedJan 23, 2019
PHP min version5.6
Downloads4K

Community Trust

Rating0/100
Number of ratings0
Active installs60
Alternatives

WP Copyright Alternatives

FSM Custom Featured Image Caption

FSM Custom Featured Image Caption

fsm-custom-featured-image-caption

A
92

Allows adding custom captions to the featured images of the posts.

5K No CVEs
Delete Unscaled Images

Delete Unscaled Images

delete-unscaled-images

A
92

Deletes original image files if they have been resized

600 No CVEs
PicDefense.io – Your Guard Against Image Copyright Infringement

PicDefense.io – Your Guard Against Image Copyright Infringement

picdefense-io-image-copyright-risk-checker

A
92

Compile list of images on your Wordpress site and submit to PicDefense.io for copyright risk analysis.

100 No CVEs
Image Source Overlay

Image Source Overlay

image-source-overlay

A
85

With Image Source Overlay you can manage image sources in media library. Plugin will then generate small overlay for every image crediting the origina &hellip;

60 No CVEs
QBank Connector

QBank Connector

qbank-dam-connector

A
92

Gain access to all your files in QBank that you can publish directly from Wordpress without leaving their interface.

30 No CVEs
Developer Profile

WP Copyright Developer Profile

zitrusblau

1 plugin · 60 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect WP Copyright

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-copyright/css/styles.css/wp-content/plugins/wp-copyright/js/zb-wpc-admin.js
Script Paths
/wp-content/plugins/wp-copyright/js/zb-wpc-admin.js
Version Parameters
wp-copyright/css/styles.css?ver=wp-copyright/js/zb-wpc-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
zb-wpc-admin-notice
Data Attributes
data-copyright
FAQ

Frequently Asked Questions about WP Copyright