Changelog

Get the latest changes to Media Hygiene
March 28, 2026
4.0.2
  • Security: Fixed missing authorization — all AJAX and admin-post handlers now properly terminate with HTTP 403 instead of silently returning (resolves CVE-2025-49979, CVE-2025-47469, CVE-2024-5855)
  • Security: Fixed SQL injection risk in whitelist, blacklist, and bulk action handlers — all queries now use `$wpdb->prepare()` with typed placeholders
  • Security: Fixed SQL injection in save-scan-content helper and Elementor data query — switched from string concatenation to `$wpdb->prepare()`
  • Security: Fixed SQL injection in download handler — LIMIT/OFFSET values cast to int and passed through `$wpdb->prepare()`; IN() clause values sanitized via `intval()`
  • Security: Fixed unescaped output in nonce failure handlers — replaced bare `die(__())` with `wp_die(esc_html__(), ”, array(‘response’ => 403))`
  • Security: Fixed potential email header injection in cron notification — recipient addresses now validated with `is_email()` before sending
  • Security: Fixed unescaped URLs in cron notification email — attachment URLs now wrapped in `esc_url()`
  • Fix: Corrected `MH_FILE_VERSION` constant to match plugin version for correct asset cache-busting
May 1, 2025
4.0.1
  • Security Release
Nov 26, 2024
4.0.0
  • Improved – Revamped the scanning process for Elementor to improve accuracy and efficiency.
  • New – Added a trash functionality feature, allowing users to easily delete and restore items as needed.
  • New – Move Menu Position on desired location in WordPress Backend.
July 03, 2024
3.0.1
  • Security Release
Apr 27, 2024
3.0.0
  • New – Allow to set number of results shown per page (use with caution, large number can cause website to crash due to limitations of WordPress and hosting environment)
  • New – Get email notifications for uploaded media files (weekly, biweekly, daily, monthly, quaterly) that have not been scanned
  • Improved – Recognize background image scanning when using background-url tag
Nov 20, 2023
2.0.0
  • Improved –  UI/UX for readability and access
  • Improved – Better performance
  • Updated – Compatible with PHP 8.1
  • Updated – Error log handling
  • Updated – Data privacy
  • Added – File exclusion for CSS created by plugins
  • Added – FAQ’s Tab in header
  • Added – Compatibile with Litespeed Cache Plugin
  • Bug Fix – Settings page loading issue
  • Bug Fix – Scan stuck issue
Sept 08, 2023
1.0.5
  • Better image detection in source code
  • Support for WP Engine server options
  • Feedback upon deactivation
  • UI/UX improvement in admin dashboard
July 12, 2023
1.0.4
  • Performance & Combability Improvement
June 17, 2023
1.0.3
  • Performance Improvement
April 25, 2023
1.0.2
  • Compatibility with Astra and Ocean WP theme
April 10, 2023
1.0.1

  • Improvements with Enfold theme
  • Better notice for scanning themes and plugins

April 6, 2023
1.0.0
  • Initial Release

Media Hygiene

Buy Now