Does CP Media Player – Audio Player and Video Player have any unpatched vulnerabilities?

No. All known vulnerabilities in CP Media Player – Audio Player and Video Player have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is CP Media Player – Audio Player and Video Player compatible with WordPress 6.9.4?

According to WordPress.org data, CP Media Player – Audio Player and Video Player 1.2.8 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is CP Media Player – Audio Player and Video Player updated?

CP Media Player – Audio Player and Video Player was last updated on Dec 30, 2025. Frequent updates are generally a positive security signal.

What is CP Media Player – Audio Player and Video Player's security score?

CP Media Player – Audio Player and Video Player has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

CP Media Player – Audio Player and Video Player Security & Risk Analysis

wordpress.org/plugins/audio-and-video-player

CP Media Player - Audio and Video Player supported by major browsers, such as IE, Firefox, Opera, Safari, Chrome, and mobile devices: iPhone, iPad, An …

3K active installs v1.2.8 PHP + WP 3.0.5+ Updated Dec 30, 2025

audio-playerm4amp4music-playervideo-player

A · Safe

CVEs total1

Unpatched0

Last CVEJan 29, 2024

Plugin page Download

Safety Verdict

Is CP Media Player – Audio Player and Video Player Safe to Use in 2026?

Generally Safe

Score 100/100

CP Media Player – Audio Player and Video Player has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 29, 2024Updated 3mo ago

Risk Assessment

The "audio-and-video-player" plugin v1.2.8 exhibits a generally strong security posture with a low overall risk. The plugin demonstrates good practices by employing prepared statements for most SQL queries and properly escaping the vast majority of its outputs. The absence of critical or high severity vulnerabilities in past CVEs, and the fact that the sole medium vulnerability is patched, is a positive indicator. Furthermore, the plugin correctly implements nonce checks on its AJAX handlers and capability checks, significantly reducing the risk of common attacks.

Key Concerns

Presence of unserialize function
Taint flows with unsanitized paths
SQL queries not using prepared statements
Output escaping not properly implemented
External HTTP requests
One medium vulnerability in history

Vulnerabilities

CP Media Player – Audio Player and Video Player Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-31941medium · 4.3Cross-Site Request Forgery (CSRF)

CP Media Player <= 1.1.3 - Cross-Site Request Forgery to Player Deletion and Duplication

Jan 29, 2024 Patched in 1.2.0 (79d)

Code Analysis

Analyzed Mar 16, 2026

CP Media Player – Audio Player and Video Player Code Analysis

Dangerous Functions

Raw SQL Queries

13 prepared

Unescaped Output

154 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$config = @unserialize( $player->config );codepeople-media-player.clss.php:334

unserialize$config_tmp = unserialize( $player->config );codepeople-media-player.clss.php:571

unserialize$playlist_tmp = unserialize( $player->playlist );codepeople-media-player.clss.php:577

unserialize$config_obj = ( isset( $player->config ) ) ? unserialize( $player->config ) : new stdClass();codepeople-media-player.clss.php:1189

unserialize$this->current_player_playlist = ( isset( $player->playlist ) ) ? unserialize( $player->playlist ) :codepeople-media-player.clss.php:1223

SQL Query Safety

93% prepared14 total queries

Output Escaping

93% escaped165 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths

get_player (codepeople-media-player.clss.php:975)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

CP Media Player – Audio Player and Video Player Attack Surface

Entry Points9

Unprotected0

AJAX Handlers 1

authwp_ajax_cp_feedbackfeedback\cp-feedback.php:23

Shortcodes 8

[codepeople-html5-media-player] codepeople-media-player.clss.php:1009

[cpm-player] codepeople-media-player.clss.php:1010

[codepeople-html5-playlist-item] codepeople-media-player.clss.php:1011

[cpm-item] codepeople-media-player.clss.php:1012

[codepeople-html5-media-player] codepeople-media-player.php:99

[cpm-player] codepeople-media-player.php:100

[codepeople-html5-playlist-item] codepeople-media-player.php:101

[cpm-item] codepeople-media-player.php:102

WordPress Hooks 16

actionadmin_bar_menubanner.php:105

actionenqueue_block_editor_assetsbuilders\page-builders.php:11

actionelementor/widgets/registerbuilders\page-builders.php:12

actionelementor/elements/categories_registeredbuilders\page-builders.php:13

actionelementor/controls/registerbuilders\page-builders.php:14

actioninitcodepeople-media-player.php:24

filterget_post_metadatacodepeople-media-player.php:25

filteroption_sbp_settingscodepeople-media-player.php:47

actionwpmu_new_blogcodepeople-media-player.php:54

actionadmin_menucodepeople-media-player.php:70

actioninitcodepeople-media-player.php:89

filterwidget_textcodepeople-media-player.php:98

actionmedia_buttonscodepeople-media-player.php:109

actionadmin_enqueue_scriptscodepeople-media-player.php:112

actionadmin_enqueue_scriptsfeedback\cp-feedback.php:22

actionadmin_footerfeedback\cp-feedback.php:32

Maintenance & Trust

CP Media Player – Audio Player and Video Player Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 30, 2025

PHP min version

Downloads282K

Community Trust

Rating88/100

Number of ratings46

Active installs3K

Alternatives

CP Media Player – Audio Player and Video Player Alternatives

HTML5 Video Player – Embed and Play Videos in Custom Player

html5-video-player

HTML5 Video Player Plugin lets you embed responsive videos in WordPress. It’s easy to use, fast, and supports MP4, WebM, OGG, FLV, Youtube and Vimeo.

20K 8 CVEs

MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar

mp3-music-player-by-sonaar

The most advanced Audio Player for Music & Podcast. For Elementor, Gutenberg, WooCommerce and more. Add unlimited players to any pages!

20K 13 CVEs

Music Player for Elementor – Audio Player & Podcast Player

music-player-for-elementor

Audio Player for Elementor – the go-to plugin for adding MP3s, podcasts & playlists. Fully customizable, WooCommerce-ready, and mobile-friendly.

10K 2 CVEs

Lean Player – Video and Audio Player for WordPress, Elementor, Block Editor and Classic Editor

az-video-and-audio-player-addon-for-elementor

100

WordPress Video Player & Audio Player plugin - simple, lightweight and customizable HTML5, YouTube, Vimeo & mp3 media player that supports all devices

3K No CVEs

Super Video player – Fully Customizable Video Player with Playlist

super-video-player

100

Improve WordPress user experience with Super Video Player plugin. Self-hosted, supports mp4/OGG, captions, and subtitle for engagement.

2K No CVEs

Developer Profile

CP Media Player – Audio Player and Video Player Developer Profile

codepeople

34 plugins · 89K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

964 days

View full developer profile

Detection Fingerprints

How We Detect CP Media Player – Audio Player and Video Player

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/audio-and-video-player/feedback/cp-feedback.js/wp-content/plugins/audio-and-video-player/feedback/cp-feedback.css/wp-content/plugins/audio-and-video-player/admin/js/admin.js/wp-content/plugins/audio-and-video-player/admin/css/admin.css/wp-content/plugins/audio-and-video-player/admin/css/responsive.css

Script Paths

/wp-content/plugins/audio-and-video-player/builders/elementor.js

Version Parameters

audio-and-video-player/feedback/cp-feedback.js?ver=audio-and-video-player/feedback/cp-feedback.css?ver=audio-and-video-player/admin/js/admin.js?ver=audio-and-video-player/admin/css/admin.css?ver=audio-and-video-player/admin/css/responsive.css?ver=audio-and-video-player/builders/elementor.js?ver=

HTML / DOM Fingerprints

CSS Classes

cpmp-player-wrappercpmp-audio-playercpmp-video-playerelementor-control-cpmmediabuttonelementor-control-cpmskinselect

HTML Comments

Data Attributes

data-cpmp-playdata-cpmp-volumedata-cpmp-loopdata-cpmp-autoplaydata-cpmp-controlsdata-cpmp-poster+1 more

JS Globals

CPMP_VERSION

Shortcode Output

[codepeople-html5-media-player][cpm-player][codepeople-html5-playlist-item][cpm-item]

FAQ