Does BNE Gallery Extended have any unpatched vulnerabilities?

No. All known vulnerabilities in BNE Gallery Extended have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is BNE Gallery Extended compatible with WordPress 6.7.5?

According to WordPress.org data, BNE Gallery Extended 1.2.2 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is BNE Gallery Extended updated?

BNE Gallery Extended was last updated on Nov 19, 2024. Frequent updates are generally a positive security signal.

What is BNE Gallery Extended's security score?

BNE Gallery Extended has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

BNE Gallery Extended Security & Risk Analysis

wordpress.org/plugins/bne-gallery-extended

Simple add-on to the default WordPress gallery shortcode, [gallery], to include a 3D Carousel and Masonry display option.

1K active installs v1.2.2 PHP + WP 4.5+ Updated Nov 19, 2024

carousel-gallerygallerymasonry-gallerywordpress-gallery

A · Safe

CVEs total1

Unpatched0

Last CVENov 25, 2024

Download

Safety Verdict

Is BNE Gallery Extended Safe to Use in 2026?

Generally Safe

Score 91/100

BNE Gallery Extended has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Nov 25, 2024Updated 1yr ago

Risk Assessment

The static analysis of bne-gallery-extended v1.2.2 reveals a strong adherence to secure coding practices. There are no identified dangerous functions, all SQL queries utilize prepared statements, and all output is properly escaped. Furthermore, the absence of file operations and external HTTP requests, coupled with a clean taint analysis, suggests a low risk of common vulnerabilities originating from these areas. The plugin also exhibits a zero-size attack surface, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events, which is a significant security strength.

Despite the excellent static analysis results, the plugin has a documented history of one medium-severity vulnerability related to Cross-Site Scripting, last patched in late 2024. While there are no currently unpatched vulnerabilities, this history indicates a potential for input sanitization issues to arise. The lack of nonce and capability checks across the (currently non-existent) entry points is noted, but given the absence of any entry points, this does not represent an immediate risk. Overall, the plugin appears secure based on static analysis, but the past XSS vulnerability warrants continued vigilance and prompt patching of any future issues.

Key Concerns

Past medium severity XSS vulnerability
No nonce checks on potential entry points
No capability checks on potential entry points

Vulnerabilities

BNE Gallery Extended Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-11119medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

BNE Gallery Extended <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via gallery Shortcode

Nov 25, 2024 Patched in 1.2.2 (1d)

Code Analysis

Analyzed Mar 16, 2026

BNE Gallery Extended Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

11 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped11 total outputs

Attack Surface

BNE Gallery Extended Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

filterpost_gallerybne-gallery-extended.php:61

actionwp_headbne-gallery-extended.php:64

actionprint_media_templatesbne-gallery-extended.php:67

Maintenance & Trust

BNE Gallery Extended Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedNov 19, 2024

PHP min version

Downloads24K

Community Trust

Rating100/100

Number of ratings13

Active installs1K

Alternatives

BNE Gallery Extended Alternatives

Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery

nextgen-gallery

The most popular gallery plugin that lets you create galleries and albums in seconds.

400K 38 CVEs

Photo Gallery by 10Web – Mobile-Friendly Image Gallery

photo-gallery

Photo Gallery is a powerful image gallery plugin with a list of advanced options for creating responsive image galleries with beautiful lightbox.

200K 61 CVEs

Envira Gallery – Image Photo Gallery, Albums, Video Gallery, Slideshows & More

envira-gallery-lite

Envira Gallery is a fast, easy and powerful gallery builder with lightbox, masonry and grid layouts, albums, videos, and responsive displays and more

100K 10 CVEs

Modula Image Gallery – Photo Grid & Video Gallery

modula-best-grid-gallery

Create responsive image galleries with drag-and-drop grid builder. Custom layouts, video support, AI optimization. Works with any theme.

100K 14 CVEs

Visual Portfolio, Photo Gallery & Post Grid

visual-portfolio

Modern photo gallery and portfolio plugin with advanced layouts editor. Clean gallery styles with powerful settings in the Gutenberg block.

60K 4 CVEs

Developer Profile

BNE Gallery Extended Developer Profile

Kerry

2 plugins · 2K total installs

trust score

Avg Security Score

88/100

Avg Patch Time

181 days

View full developer profile

Detection Fingerprints

How We Detect BNE Gallery Extended

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bne-gallery-extended/assets/js/roundabout.min.js/wp-content/plugins/bne-gallery-extended/assets/css/bne-gallery-extended.css

Script Paths

/wp-content/plugins/bne-gallery-extended/assets/js/roundabout.min.js

Version Parameters

bne-gallery-extended/assets/css/bne-gallery-extended.css?ver=bne-gallery-extended/assets/js/roundabout.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

bne-gallery-extendedbne-gallery-carousel-wrapperbne-gallery-loaderroundabout-navfa-arrow-circle-leftfa-arrow-circle-rightcarousel-sliderslide+4 more

HTML Comments

+40 more

Data Attributes

data-gallery-iddata-gallery-displaydata-gallery-settings

JS Globals

jQuery

Shortcode Output

<div id="bne-carousel-<div class="bne-gallery-extended bne-gallery-carousel-wrapper clearfix"><div class="bne-gallery-loader"><div class="bounce1"></div><div class="bounce2"></div><div class="bounce3"></div></div><a href="#" title="Previous" class="prev"><i class="fa fa-arrow-circle-left"></i></a>

FAQ