WP-Safety

WP Editor Imgur Button Security & Risk Analysis

wordpress.org/plugins/wp-editor-imgur-button

Insert button upload image to imgur.com using api and add to comment box

10 active installs v1.1 PHP + WP 1.0+ Updated Aug 2, 2016
front-end-uploadimgurimgur-commentimgur-pluginimgur-uploader
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WP Editor Imgur Button Safe to Use in 2026?

Generally Safe

Score 85/100

WP Editor Imgur Button has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago
Risk Assessment

The wp-editor-imgur-button plugin version 1.1 presents a concerning security posture due to its unprotected AJAX handlers. While the plugin demonstrates good practices by utilizing prepared statements for all SQL queries and has a clean vulnerability history with no known CVEs, the absence of authentication checks on two AJAX entry points creates a significant attack surface. This could allow unauthenticated users to trigger potentially malicious actions or expose sensitive information if the AJAX actions are not inherently safe. The presence of one unsanitized path flow in the taint analysis, though not classified as critical or high severity, further indicates a potential for unexpected behavior or vulnerabilities that were not fully mitigated. The lack of nonce checks on these critical entry points exacerbates the risk, making it easier for attackers to forge requests. Overall, the plugin has some strengths in its coding practices like SQL sanitization and a lack of past vulnerabilities, but the unprotected AJAX endpoints are a substantial weakness that requires immediate attention.

Key Concerns

  • Unprotected AJAX handlers
  • Flows with unsanitized paths
  • No nonce checks on AJAX handlers
Vulnerabilities
None known

WP Editor Imgur Button Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

WP Editor Imgur Button Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
3 escaped
Nonce Checks
0
Capability Checks
2
File Operations
2
External Requests
1
Bundled Libraries
0

Output Escaping

75% escaped4 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths
imgur_uploader_action (imgur-upload.php:79)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

WP Editor Imgur Button Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_imgur_uploader_actionimgur-upload.php:112
noprivwp_ajax_imgur_uploader_actionimgur-upload.php:113
WordPress Hooks 13
filtercomment_form_defaultsimgur-upload.php:25
actioninitimgur-upload.php:26
actioninitimgur-upload.php:27
actioninitimgur-upload.php:28
filtermce_external_pluginsimgur-upload.php:32
filtermce_buttonsimgur-upload.php:33
actionadmin_headimgur-upload.php:37
actionadmin_enqueue_scriptsimgur-upload.php:38
actioninitimgur-upload.php:39
filtermce_external_pluginsimgur-upload.php:48
filtermce_buttonsimgur-upload.php:49
actionadmin_menuoption-file.php:3
actionadmin_initoption-file.php:7
Maintenance & Trust

WP Editor Imgur Button Maintenance & Trust

Maintenance Signals

WordPress version tested4.5.33
Last updatedAug 2, 2016
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

WP Editor Imgur Button Alternatives

Frontend File Manager Plugin

Frontend File Manager Plugin

nmedia-user-file-uploader

F
10

N-Media Frontend File Manager plugin enables WordPress site users to upload, manage, and share files directly from the frontend with secure storage an …

1K 3 unpatched
wp-imgur

wp-imgur

wp-imgur

A
85

CDN Plugin that serves your Media Library from Imgur.com.

10 No CVEs
wp-imgur-extra

wp-imgur-extra

wp-imgur-extra

A
85

CDN Plugin that serves your Media Library from Imgur.com.

10 No CVEs
WP Imgur Plus

WP Imgur Plus

wp-imgur-plus

A
85

Plugin based in WP Imgur Plus, allows to upload to Imgur the Images from Wordpress.

10 No CVEs
Image Upload for Imgur

Image Upload for Imgur

image-upload-for-imgur

A
100

Upload images in Block Editor directly to Imgur.

0 No CVEs
Developer Profile

WP Editor Imgur Button Developer Profile

codehay

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect WP Editor Imgur Button

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-editor-imgur-button/style/style.css/wp-content/plugins/wp-editor-imgur-button/js/button.js/wp-content/plugins/wp-editor-imgur-button/js/ajax-action.js
Script Paths
/wp-content/plugins/wp-editor-imgur-button/js/button.js/wp-content/plugins/wp-editor-imgur-button/js/ajax-action.js

HTML / DOM Fingerprints

JS Globals
sb_imgur_ajax
FAQ

Frequently Asked Questions about WP Editor Imgur Button