Does Artistography have any unpatched vulnerabilities?

No. All known vulnerabilities in Artistography have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Artistography compatible with WordPress 4.1.42?

According to WordPress.org data, Artistography 0.3.3-alpha2 has been tested up to WordPress 4.1.42. Check the plugin's changelog for the latest compatibility information.

How often is Artistography updated?

Artistography was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Artistography's security score?

Artistography has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Artistography Security & Risk Analysis

wordpress.org/plugins/artistography

Organizes a portfolio of music, videos, and images on your blog/website with PayPal eCommerce.

10 active installs v0.3.3-alpha2 PHP + WP 3.0.1+ Updated Unknown

artistartistographydiscographymediamusic

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Artistography Safe to Use in 2026?

Generally Safe

Score 100/100

Artistography has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The Artistography plugin v0.3.3-alpha2 presents a mixed security picture. On the positive side, it boasts zero known CVEs and has a limited attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events that lack proper authentication or permission checks. The plugin also primarily uses prepared statements for its SQL queries, which is a good practice. However, significant concerns arise from the static analysis. The complete absence of output escaping across all identified outputs is a critical vulnerability, potentially leading to cross-site scripting (XSS) attacks. Furthermore, the presence of the 'exec' function, a dangerous function, coupled with three taint flows with unsanitized paths, indicates a high risk of arbitrary code execution or command injection, even though the static analysis did not categorize them as critical. The lack of nonce checks and a very limited capability check (only one) on its entry points are also worrying, as they suggest potential authorization bypass issues if any entry points are discovered or introduced later. The vulnerability history being clean is a positive sign, but it does not negate the serious coding flaws identified in the current version.

Key Concerns

0% output escaping
Use of dangerous function 'exec'
3 unsanitized path taint flows
0 nonce checks
1 capability check (low coverage)

Vulnerabilities

None known

Artistography Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Artistography Code Analysis

Dangerous Functions

Raw SQL Queries

18 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

execexec("cp $explorer_path $download_path/");artistography.php:250

exec$sizeInBytes=exec("ls -l '$file' | awk '{print $5}'");downloads\index.php:2152

SQL Query Safety

95% prepared19 total queries

Output Escaping

0% escaped57 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths

showImage (downloads\index.php:1526)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Artistography Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

filterget_pagesartistography.php:708

actionwp_print_footer_scriptsartistography.php:710

actionwp_enqueue_scriptsartistography.php:717

actioninitartistography.php:724

actionwp_enqueue_scriptsartistography.php:833

actionadmin_menuartistography.php:836

Maintenance & Trust

Artistography Maintenance & Trust

Maintenance Signals

WordPress version tested4.1.42

Last updatedUnknown

PHP min version

Downloads5K

Community Trust

Rating70/100

Number of ratings2

Active installs10

Alternatives

Artistography Alternatives

Simple Discography

simple-discography

Simple Discography is a easy to use plugin that will allow you to manage the music tracks for an album or albums.

80 No CVEs

WDES rtMedia Music

wdes-rtmedia-music

WDES rtMedia Music for your rtMedia, Buddypress needs.

10 No CVEs

Featured Audio

featured-audio

Add featured audio to your posts and pages, like featured images.

500 No CVEs

Transcoder

transcoder

Transcoding services for ANY WordPress website. Convert audio/video files of any format to a web-friendly format (mp3/mp4).

500 2 CVEs

Musician's Pack for Elementor – Music Website Widgets & Templates

music-pack-for-elementor

Create stunning music websites with Musician's Pack for Elementor! Powerful widgets & ready-made templates for musicians, bands, DJs, and producers.

400 1 unpatched

Developer Profile

Artistography Developer Profile

MistahWrite

1 plugin · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Artistography

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/artistography/css/images/300.GIF/wp-content/plugins/artistography/css/images/download.gif/wp-content/plugins/artistography/css/images/addtocartcc-orange.png/wp-content/plugins/artistography/css/images/yellow_checkout.png/wp-content/plugins/artistography/css/images/buynowcc-orange-2.png/wp-content/plugins/artistography/css/images/1x1.png

HTML / DOM Fingerprints

CSS Classes

artistography-artist-photo

Data Attributes

data-artistography-item-id

JS Globals

artistography_plugin_dirartistography_plugin_lang_dir

Shortcode Output

[artistography_download][artistography_show_cart][artistography_show_checkout][artistography_show_thankyou]

FAQ