Does All Embed – Multi-Source Embed Widgets for Elementor have any unpatched vulnerabilities?

No. All known vulnerabilities in All Embed – Multi-Source Embed Widgets for Elementor have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is All Embed – Multi-Source Embed Widgets for Elementor compatible with WordPress 6.9.4?

According to WordPress.org data, All Embed – Multi-Source Embed Widgets for Elementor 1.1.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is All Embed – Multi-Source Embed Widgets for Elementor compatible with PHP 7.1+?

All Embed – Multi-Source Embed Widgets for Elementor requires PHP 7.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is All Embed – Multi-Source Embed Widgets for Elementor's security score?

All Embed – Multi-Source Embed Widgets for Elementor has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

All Embed – Multi-Source Embed Widgets for Elementor Security & Risk Analysis

wordpress.org/plugins/all-embed-addons-for-elementor

Easily embed a variety of content into your Elementor designs with versatile widgets. Supports video, audio, forms, and more from popular platforms.

500 active installs v1.1.6 PHP 7.1+ WP 4.5+ Updated Mar 12, 2026

elementorelementor-addonembedvideoyoutube

A · Safe

CVEs total1

Unpatched0

Last CVEJan 24, 2025

Download

Safety Verdict

Is All Embed – Multi-Source Embed Widgets for Elementor Safe to Use in 2026?

Generally Safe

Score 99/100

All Embed – Multi-Source Embed Widgets for Elementor has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 24, 2025Updated 23d ago

Risk Assessment

The "all-embed-addons-for-elementor" v1.1.6 plugin exhibits a generally good security posture, with several positive indicators. The absence of unprotected AJAX handlers and REST API routes, along with 100% SQL queries using prepared statements, is commendable. The high percentage of properly escaped output (94%) and the presence of nonce and capability checks on its entry points further strengthen its defenses. The taint analysis also reveals no critical or high-severity unsanitized flows, suggesting a low risk of direct code execution or data manipulation through common web attack vectors.

However, a single known CVE, even if currently patched, warrants attention. While the static analysis reports no immediate critical flaws, the history of a medium-severity vulnerability (specifically Cross-Site Scripting) indicates a past weakness that could potentially resurface if code quality degrades or new attack methods emerge. The bundled Freemius library also presents a potential, albeit minor, risk if it's an outdated version and has known vulnerabilities not directly tied to this plugin's custom code. Overall, the plugin is well-implemented regarding modern security practices, but its past vulnerability history necessitates ongoing vigilance.

Key Concerns

Bundled outdated library (Freemius v1.0)
Past medium severity vulnerability (XSS)

Vulnerabilities

All Embed – Multi-Source Embed Widgets for Elementor Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-24595medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

All Embed – Elementor Addons <= 1.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

Jan 24, 2025 Patched in 1.1.4 (5d)

Code Analysis

Analyzed Mar 16, 2026

All Embed – Multi-Source Embed Widgets for Elementor Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

60 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

Output Escaping

94% escaped64 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

aeafeGetBlocks (AEAFEAdminMenu.php:51)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

All Embed – Multi-Source Embed Widgets for Elementor Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 3

authwp_ajax_bptbGetBlocksAEAFEAdminMenu.php:9

authwp_ajax_allembed_install_pluginall-embed.php:106

authwp_ajax_allembed_activate_pluginall-embed.php:107

WordPress Hooks 14

actionadmin_menuAEAFEAdminMenu.php:7

actionadmin_enqueue_scriptsAEAFEAdminMenu.php:8

actionadmin_headAEAFEAdminMenu.php:10

actioninitall-embed.php:102

actionplugins_loadedall-embed.php:104

actionadmin_enqueue_scriptsall-embed.php:105

actionadmin_noticesall-embed.php:138

actionadmin_noticesall-embed.php:143

actionadmin_noticesall-embed.php:148

actionelementor/frontend/after_register_stylesplugin.php:287

actionadmin_enqueue_scriptsplugin.php:288

actionelementor/widgets/registerplugin.php:291

actionelementor/elements/categories_registeredplugin.php:294

actionelementor/editor/after_enqueue_stylesplugin.php:295

Maintenance & Trust

All Embed – Multi-Source Embed Widgets for Elementor Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 12, 2026

PHP min version7.1

Downloads8K

Community Trust

Rating100/100

Number of ratings1

Active installs500

Alternatives

All Embed – Multi-Source Embed Widgets for Elementor Alternatives

Media Player Addons for Elementor – Audio and Video Widgets for Elementor

media-player-addons-for-elementor

Extend Elementor with powerful, customizable media players for audio, video, streaming & playlists.

1K 1 CVE

Prime Slider – Addons for Elementor

bdthemes-prime-slider-lite

Create responsive sliders using Elementor for hero sections, posts, logos, images, products, testimonials, and more.

100K 15 CVEs

Video Gallery – YouTube Playlist, Channel Gallery by YotuWP

yotuwp-easy-youtube-embed

Modern responsive YouTube video gallery helps your website getting noticed from visitors, increase the reach and stand out from the competitors.

20K 5 CVEs

Marquee Addons for Elementor – Essential Motion Widgets & Templates

marquee-addons-for-elementor

Marquee Addons is a smooth video, text, image, and testimonial marquee carousel loop plugin for Elementor on WordPress

10K 2 CVEs

Embeds for YouTube

youtube-embed

🎥 An incredibly fast, simple, yet powerful, method of embedding YouTube videos into your WordPress site.

10K 1 unpatched

Developer Profile

All Embed – Multi-Source Embed Widgets for Elementor Developer Profile

colorlibplugins

120 plugins · 738K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

138 days

View full developer profile

Detection Fingerprints

How We Detect All Embed – Multi-Source Embed Widgets for Elementor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/all-embed-addons-for-elementor/assets/css/style.css/wp-content/plugins/all-embed-addons-for-elementor/assets/js/all-embed.js/wp-content/plugins/all-embed-addons-for-elementor/assets/js/plugin-install.js

Script Paths

/wp-content/plugins/all-embed-addons-for-elementor/assets/js/all-embed.js/wp-content/plugins/all-embed-addons-for-elementor/assets/js/plugin-install.js

Version Parameters

all-embed-addons-for-elementor/assets/css/style.css?ver=all-embed-addons-for-elementor/assets/js/all-embed.js?ver=all-embed-addons-for-elementor/assets/js/plugin-install.js?ver=1.0

HTML / DOM Fingerprints

CSS Classes

allembed-accordionsallembed-tab-wrapper

Data Attributes

data-settingsdata-tabdata-accordiondata-item

JS Globals

aeafe_fsallembedInstall

FAQ