WP-Safety

Audio Album Security & Risk Analysis

wordpress.org/plugins/audio-album

Displays a collection of audio tracks as an audio album using the native WordPress audio features. Includes a customizer section.

4K active installs v1.5.1 PHP + WP 4.9+ Updated Jun 23, 2025
albumaudiomp3musicplaylist
99
A · Safe
CVEs total1
Unpatched0
Last CVEMar 27, 2025
Plugin page Download
Safety Verdict

Is Audio Album Safe to Use in 2026?

Generally Safe

Score 99/100

Audio Album has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Mar 27, 2025Updated 9mo ago
Risk Assessment

The "audio-album" v1.5.1 plugin exhibits a generally good security posture based on the static analysis. The absence of dangerous functions, fully prepared SQL queries, and properly escaped output are significant strengths. Furthermore, the plugin demonstrates awareness of security best practices by including nonce checks, even though capability checks are absent on the identified entry points. The complete lack of identified taint flows with unsanitized paths is also a positive indicator. However, the vulnerability history reveals one known CVE, specifically a medium severity Cross-Site Scripting vulnerability, which, while currently patched, points to a past weakness in input sanitization for web page generation. The absence of capability checks on shortcodes is a potential concern, as any user could potentially trigger these functionalities without proper authorization, although the static analysis indicates these shortcodes do not have exploitable paths without authentication in their current state.

Key Concerns

  • One past medium severity XSS vulnerability
  • Missing capability checks on shortcodes
Vulnerabilities
1

Audio Album Security Vulnerabilities

CVEs by Year

1 CVE in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2025-30780medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Audio Album <= 1.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Mar 27, 2025 Patched in 1.5.1 (7d)
Code Analysis
Analyzed Mar 16, 2026

Audio Album Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
23 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped23 total outputs
Attack Surface

Audio Album Attack Surface

Entry Points3
Unprotected0

Shortcodes 3

[audioheading] audio-album.php:276
[audioalbum] audio-album.php:315
[audiotrack] audio-album.php:411
WordPress Hooks 13
actionplugins_loadedaudio-album.php:42
filterplugin_row_metaaudio-album.php:56
actionwp_enqueue_scriptsaudio-album.php:150
actionwp_enqueue_scriptsaudio-album.php:235
filtertemplate_includeaudio-album.php:420
actioncustomize_registerincludes\customizer.php:154
actioncustomize_controls_print_footer_scriptsincludes\customizer.php:182
actioncustomize_controls_enqueue_scriptsincludes\customizer.php:193
actioncustomize_preview_initincludes\customizer.php:204
filterbody_classtemplates\genesis-audioalbum-popup.php:13
actiongenesis_after_contenttemplates\genesis-audioalbum-popup.php:50
filtergenesis_pre_get_option_site_layouttemplates\genesis-audioalbum-popup.php:61
actionwp_enqueue_scriptstemplates\genesis-audioalbum-popup.php:72
Maintenance & Trust

Audio Album Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJun 23, 2025
PHP min version
Downloads108K

Community Trust

Rating100/100
Number of ratings12
Active installs4K
Alternatives

Audio Album Alternatives

Cue by AudioTheme.com

Cue by AudioTheme.com

cue

A
91

Delightful and reliable audio playlists.

6K 1 CVE
Audio Player with Playlist Ultimate

Audio Player with Playlist Ultimate

audio-player-with-playlist-ultimate

A
100

Audio Player with Playlist Ultimate is a Music/Audio Player with Playlist and options like shuffle, repeat, volume control, progress-bar, song info.

600 1 CVE
MP3 VPlayer

MP3 VPlayer

mp3-vplayer

A
100

A sleek, Amazon Music-inspired MP3 player with playlist support for any taxonomy.

10 No CVEs
MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar

MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar

mp3-music-player-by-sonaar

A
92

The most advanced Audio Player for Music & Podcast. For Elementor, Gutenberg, WooCommerce and more. Add unlimited players to any pages!

20K 13 CVEs
Music Player for Elementor – Audio Player & Podcast Player

Music Player for Elementor – Audio Player & Podcast Player

music-player-for-elementor

A
98

Audio Player for Elementor – the go-to plugin for adding MP3s, podcasts & playlists. Fully customizable, WooCommerce-ready, and mobile-friendly.

10K 2 CVEs
Developer Profile

Audio Album Developer Profile

cubecolour

17 plugins · 21K total installs

99
trust score
Avg Security Score
99/100
Avg Patch Time
7 days
View full developer profile
Detection Fingerprints

How We Detect Audio Album

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/audio-album/css/audioalbum.css/wp-content/plugins/audio-album/js/audiotrackpopup.js
Script Paths
/wp-content/plugins/audio-album/js/audiotrackpopup.js
Version Parameters
audioalbum.css?ver=audiotrackpopup.js?ver=

HTML / DOM Fingerprints

CSS Classes
audioalbumaudioheadingtracksongtitlesongwriteraudiobuttonalbumtrack
HTML Comments
Copyright 2013-2025 Michael Atkinsmichael@cubecolour.co.ukLicenced under the GNU GPL:This program is free software; you can redistribute it and/or modify+30 more
Data Attributes
data-audio-album-titledata-audio-album-labeldata-audio-album-catalogdata-audio-album-bgcolor
JS Globals
window.cc_audioalbum_versionwindow.audioalbumscript
Shortcode Output
<h1 class="audioheading"><p class="audioheading"><h2 class="audioalbum"><p class="audioalbum">
FAQ

Frequently Asked Questions about Audio Album