Title: [Plugin: WP ImageTagger] RunPHP or equivalent plugin security concerns Last modified: August 19, 2016 --- # [Plugin: WP ImageTagger] RunPHP or equivalent plugin security concerns * [Gene53](https://wordpress.org/support/users/gene53/) * (@gene53) * [16 years, 3 months ago](https://wordpress.org/support/topic/plugin-wp-imagetagger-runphp-or-equivalent-plugin-security-concerns/) * Hi, * I’m following the development of this plugin with interest but I will not use it on my site on account of “Make sure you can run PHP code from your page text( using plugins like runPHP)”. * Such plugins are a major security risk and as I’ve suggested before, a page tag( i.e. [imagetagger=parameters] would be the way to go. * Cheers, Gene * [http://wordpress.org/extend/plugins/wp-imagetagger/](http://wordpress.org/extend/plugins/wp-imagetagger/) Viewing 5 replies - 1 through 5 (of 5 total) * [phd38](https://wordpress.org/support/users/phd38/) * (@phd38) * [16 years, 3 months ago](https://wordpress.org/support/topic/plugin-wp-imagetagger-runphp-or-equivalent-plugin-security-concerns/#post-1378492) * Hi Gene, * I did not forget this aspect. It is the next thing I will focus on. * Although I already played a bit with this hook mechanism, I am not a specialist. Would you have recommended readings or any guidelines for this specific case ? * Then I will have to provide both implementations for keeping the compatibility, while recommending the short code method (I might decide to enforce it by printing a special advisory notice line in case the PHP function is called). * I will deprecate the PHP call. * Waiting to read your advices and guiding on short code implementation, Bruno * [phd38](https://wordpress.org/support/users/phd38/) * (@phd38) * [16 years, 3 months ago](https://wordpress.org/support/topic/plugin-wp-imagetagger-runphp-or-equivalent-plugin-security-concerns/#post-1378650) * Think I found the right page : * [http://codex.wordpress.org/Shortcode_API](http://codex.wordpress.org/Shortcode_API) * Shortcode implementation expected in 2.5.2. * Thread Starter [Gene53](https://wordpress.org/support/users/gene53/) * (@gene53) * [16 years, 3 months ago](https://wordpress.org/support/topic/plugin-wp-imagetagger-runphp-or-equivalent-plugin-security-concerns/#post-1378660) * Salut Bruno, ca va? * [http://codex.wordpress.org/Shortcode_API](http://codex.wordpress.org/Shortcode_API) is exactly what I had in mind, glad that you found it. * I’m really looking forward to version 2.5.2 * Best of luck, Gene * [phd38](https://wordpress.org/support/users/phd38/) * (@phd38) * [16 years, 3 months ago](https://wordpress.org/support/topic/plugin-wp-imagetagger-runphp-or-equivalent-plugin-security-concerns/#post-1378716) * … and here we go : * [http://downloads.wordpress.org/plugin/wp-imagetagger.2.5.2.zip](http://downloads.wordpress.org/plugin/wp-imagetagger.2.5.2.zip) * Tell me if this answers. It works fine on my end. * Thread Starter [Gene53](https://wordpress.org/support/users/gene53/) * (@gene53) * [16 years, 3 months ago](https://wordpress.org/support/topic/plugin-wp-imagetagger-runphp-or-equivalent-plugin-security-concerns/#post-1378796) * Sorry for the tardy reply, I was away for a couple of days. I’m about to download it and give it a try. * Thanks and congrats on the new version, Gene Viewing 5 replies - 1 through 5 (of 5 total) The topic ‘[Plugin: WP ImageTagger] RunPHP or equivalent plugin security concerns’ is closed to new replies. * 5 replies * 2 participants * Last reply from: [Gene53](https://wordpress.org/support/users/gene53/) * Last activity: [16 years, 3 months ago](https://wordpress.org/support/topic/plugin-wp-imagetagger-runphp-or-equivalent-plugin-security-concerns/#post-1378796) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics