Does Algori PDF Viewer have any unpatched vulnerabilities?

No. All known vulnerabilities in Algori PDF Viewer have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Algori PDF Viewer compatible with WordPress 6.6.5?

According to WordPress.org data, Algori PDF Viewer 1.0.8 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is Algori PDF Viewer compatible with PHP 5.6.0+?

Algori PDF Viewer requires PHP 5.6.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Algori PDF Viewer updated?

Algori PDF Viewer was last updated on Nov 7, 2024. Frequent updates are generally a positive security signal.

What is Algori PDF Viewer's security score?

Algori PDF Viewer has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Algori PDF Viewer Security & Risk Analysis

wordpress.org/plugins/algori-pdf-viewer

Algori PDF Viewer is a Gutenberg Block Plugin that enables you to easily display PDF documents directly on your website.

7K active installs v1.0.8 PHP 5.6.0+ WP 5.0.0+ Updated Nov 7, 2024

blockblock-editorgutenbergpdf-embedderpdf-viewer

A · Safe

CVEs total1

Unpatched0

Last CVENov 8, 2024

Plugin page Download

Safety Verdict

Is Algori PDF Viewer Safe to Use in 2026?

Generally Safe

Score 91/100

Algori PDF Viewer has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Nov 8, 2024Updated 1yr ago

Risk Assessment

The "algori-pdf-viewer" plugin, version 1.0.8, presents a mixed security posture. The static analysis reveals an impressively clean codebase with zero identified dangerous functions, raw SQL queries, unescaped output, file operations, external HTTP requests, or critical taint flows. This indicates a strong adherence to secure coding principles in these specific areas.

However, the plugin's vulnerability history is a significant concern. With one known CVE, specifically a Cross-Site Scripting (XSS) vulnerability, and a recent disclosure date, it highlights a potential for attackers to exploit weaknesses. The fact that this vulnerability is currently patched is positive, but the existence of past XSS issues suggests a potential for similar vulnerabilities to arise again if not diligently addressed.

The lack of identified entry points and unprotected handlers is a strength, as it limits the plugin's direct attack surface. Nevertheless, the presence of a past XSS vulnerability, even if patched, warrants careful consideration, as it points to a historical weakness in input sanitization or output encoding in certain scenarios. The overall security is good in terms of current static analysis findings, but the historical context necessitates ongoing vigilance.

Key Concerns

Past XSS vulnerability with recent disclosure

Vulnerabilities

Algori PDF Viewer Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2018-5158medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

pdf.js < 2.0.943 - Authenticated (Author+) Stored Cross-Site Scripting

Nov 8, 2024 Patched in 1.0.8 (0d)

Code Analysis

Analyzed Mar 16, 2026

Algori PDF Viewer Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Algori PDF Viewer Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actioninitsrc\init.php:95

Maintenance & Trust

Algori PDF Viewer Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedNov 7, 2024

PHP min version5.6.0

Downloads102K

Community Trust

Rating86/100

Number of ratings9

Active installs7K

Alternatives

Algori PDF Viewer Alternatives

Classic Editor

classic-editor

100

Enables the previous "classic" editor and the old-style Edit Post screen with TinyMCE, Meta Boxes, etc. Supports all plugins that extend this screen.

9.0M No CVEs

Starter Templates – AI-Powered Templates for Elementor & Gutenberg

astra-sites

The growing library of 300+ ready-to-use templates that work with all WordPress themes including Astra, Hello, OceanWP, GeneratePress and more

2.0M 7 CVEs

Advanced Editor Tools

tinymce-advanced

100

Extends and enhances the block editor (Gutenberg) and the classic editor (TinyMCE).

2.0M 1 CVE

Disable Gutenberg

disable-gutenberg

100

Disable Gutenberg Block Editor and restore the Classic Editor and original Edit Post screen (TinyMCE, meta boxes, etc.).

600K No CVEs

Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns

essential-blocks

Gutenberg block editor with AI. 70+ Gutenberg blocks, patterns, WooCommerce blocks, post grid, gallery, menu with Gutenberg block library.

200K 28 CVEs

Developer Profile

Algori PDF Viewer Developer Profile

Kevin Bazira

5 plugins · 15K total installs

trust score

Avg Security Score

90/100

Avg Patch Time

0 days

View full developer profile

Detection Fingerprints

How We Detect Algori PDF Viewer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/algori-pdf-viewer-lite/build/index.css/wp-content/plugins/algori-pdf-viewer-lite/build/index.js

Script Paths

/wp-content/plugins/algori-pdf-viewer-lite/build/index.js

Version Parameters

algori-pdf-viewer-lite/build/index.css?ver=algori-pdf-viewer-lite/build/index.js?ver=

HTML / DOM Fingerprints

CSS Classes

algori-pdf-viewer-block

FAQ