Does Kaltura All-in-One Video Plugin for WordPress have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Kaltura All-in-One Video Plugin for WordPress compatible with WordPress 4.6.30?

According to WordPress.org data, Kaltura All-in-One Video Plugin for WordPress 2.7 has been tested up to WordPress 4.6.30. Check the plugin's changelog for the latest compatibility information.

How often is Kaltura All-in-One Video Plugin for WordPress updated?

Kaltura All-in-One Video Plugin for WordPress was last updated on Sep 23, 2016. Frequent updates are generally a positive security signal.

What is Kaltura All-in-One Video Plugin for WordPress's security score?

Kaltura All-in-One Video Plugin for WordPress has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Kaltura All-in-One Video Plugin for WordPress Security & Risk Analysis

wordpress.org/plugins/all-in-one-video-pack

Easily add full video capabilities to your blog.

100 active installs v2.7 PHP + WP 2.5.2+ Updated Sep 23, 2016

adminadvertisingaudiocameracollaboration

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Kaltura All-in-One Video Plugin for WordPress Safe to Use in 2026?

Generally Safe

Score 85/100

Kaltura All-in-One Video Plugin for WordPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The static analysis of "all-in-one-video-pack" v2.7 reveals a generally strong security posture with no identified attack surface points, dangerous functions, or SQL injection vulnerabilities due to the use of prepared statements. The plugin also shows good practices in output escaping, with 82% of outputs being properly escaped, and no concerning taint analysis results. The absence of any recorded CVEs further suggests a mature and well-maintained codebase.

However, the complete absence of nonce checks and capability checks across all identified entry points (even though there are none reported) is a significant concern. While the current analysis shows no direct attack vectors, this oversight could lead to severe vulnerabilities if any new entry points are introduced or if the attack surface is larger than reported. The reliance on bundled libraries like TinyMCE also warrants attention for potential outdated versions or undiscovered vulnerabilities within them.

Overall, the plugin exhibits good fundamental security practices, particularly regarding data sanitization and output handling. The lack of historical vulnerabilities is a positive indicator. Nevertheless, the missing authentication and authorization checks are a critical gap that significantly lowers its security score and requires immediate attention to prevent potential exploitation in the future.

Key Concerns

No nonce checks
No capability checks
Bundled library (TinyMCE)
Low output escaping rate (82%)

Vulnerabilities

None known

Kaltura All-in-One Video Plugin for WordPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Kaltura All-in-One Video Plugin for WordPress Release Timeline

v2.7Current

v2.5.1

v2.5

v2.4.4

v2.4.3

v2.4.2

v2.4.1

v2.4

v2.3.1

v2.3

v2.2

v2.1

v2.0

Code Analysis

Analyzed Mar 16, 2026

Kaltura All-in-One Video Plugin for WordPress Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

212 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

TinyMCE

Output Escaping

82% escaped259 total outputs

Attack Surface

Kaltura All-in-One Video Plugin for WordPress Attack Surface

Entry Points0

Unprotected0

Maintenance & Trust

Kaltura All-in-One Video Plugin for WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested4.6.30

Last updatedSep 23, 2016

PHP min version

Downloads227K

Community Trust

Rating22/100

Number of ratings10

Active installs100

Alternatives

Kaltura All-in-One Video Plugin for WordPress Alternatives

Annoto Plugin for WordPress

annoto

Easily turn you video to social and collaborative.

10 No CVEs

Peter’s Post Notes

peters-post-notes

Add notes to the "edit post" and "edit page" sidebars. Collaborators can also share notes on the WordPress dashboard.

3K No CVEs

Admin Page Notes

admin-page-notes

100

Gives administrators the ability to add notes to posts of any post type (including pages) that are prominently displayed for users editing the site.

800 No CVEs

Collab Notes

collab-notes

Collab Notes allows administrators to add private notes to pages and posts, with customizable user role permissions.

30 No CVEs

Data Mafia Dash Note

datamafia-dash-note

Dash Note is a simple editable admin dashboard widget for presenting Wordpress contributors key information.

10 No CVEs

Developer Profile

Kaltura All-in-One Video Plugin for WordPress Developer Profile

kaltura

2 plugins · 130 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Kaltura All-in-One Video Plugin for WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/all-in-one-video-pack/all-in-one-video-pack.php/wp-content/plugins/all-in-one-video-pack/chunked-file-upload-jquery/css/jquery.fileupload-ui-kaltura.css/wp-content/plugins/all-in-one-video-pack/chunked-file-upload-jquery/js/jquery.fileupload-kaltura.js/wp-content/plugins/all-in-one-video-pack/chunked-file-upload-jquery/js/jquery.fileupload-kaltura-base.js

Script Paths

/wp-content/plugins/all-in-one-video-pack/chunked-file-upload-jquery/js/jquery.fileupload-kaltura.js/wp-content/plugins/all-in-one-video-pack/chunked-file-upload-jquery/js/jquery.fileupload-kaltura-base.js

Version Parameters

/wp-content/plugins/all-in-one-video-pack/all-in-one-video-pack.php?ver=/wp-content/plugins/all-in-one-video-pack/chunked-file-upload-jquery/css/jquery.fileupload-ui-kaltura.css?ver=/wp-content/plugins/all-in-one-video-pack/chunked-file-upload-jquery/js/jquery.fileupload-kaltura.js?ver=/wp-content/plugins/all-in-one-video-pack/chunked-file-upload-jquery/js/jquery.fileupload-kaltura-base.js?ver=

HTML / DOM Fingerprints

CSS Classes

entry_detailsuploadBox

HTML Comments

<!-- to ensure security of your account, always generate the KS on the backend, and pass a generated KS to the widget, do not generate a KS in the client side as this will expose your secret keys / passwords. -->

<!-- additionally, make sure your KS is of type user, and that it permits upload and add actions on uploadToken and entry services. -->

+5 more

Data Attributes

uploadBoxIdmaxChunkSizedynamicChunkSizeInitialChunkSizedynamicChunkSizeThresholddynamixChunkSizeMaxTimehost+12 more

JS Globals

kalturaAutoloaderKaltura_AutoloaderKaltura_AllInOneVideoPackPluginwidgetcategoryIduploadManager

REST Endpoints

/api_v3/?service=uploadToken&action=upload&format=1

FAQ