Does Target Video Easy Publish have any unpatched vulnerabilities?

Yes — Target Video Easy Publish currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Target Video Easy Publish compatible with WordPress 6.8.5?

According to WordPress.org data, Target Video Easy Publish 3.8.9 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is Target Video Easy Publish updated?

Target Video Easy Publish was last updated on Jan 22, 2026. Frequent updates are generally a positive security signal.

What is Target Video Easy Publish's security score?

Target Video Easy Publish has a WP-Safety security score of 72/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Target Video Easy Publish Security & Risk Analysis

wordpress.org/plugins/brid-video-easy-publish

Seamlessly embed your videos (YouTube, streaming, HTML5, Flash) using TargetVideo video players into your WordPress site or blog.

60 active installs v3.8.9 PHP + WP 6.0+ Updated Jan 22, 2026

vastvideo-libraryvideo-monetizationvideo-playervpaid

B · Generally Safe

CVEs total5

Unpatched1

Last CVEJan 27, 2026

Plugin page Download

Safety Verdict

Is Target Video Easy Publish Safe to Use in 2026?

Mostly Safe

Score 72/100

Target Video Easy Publish is generally safe to use. 5 past CVEs were resolved. Keep it updated.

5 known CVEs 1 unpatched Last CVE: Jan 27, 2026Updated 2mo ago

Risk Assessment

The "brid-video-easy-publish" plugin, version 3.8.9, presents a mixed security profile. On the positive side, the static analysis shows a very limited attack surface with no apparent AJAX handlers, REST API routes, shortcodes, or cron events, and all identified SQL queries utilize prepared statements. The absence of file operations and external HTTP requests also contributes to a reduced risk of certain attack vectors. However, the significant concern is the complete lack of output escaping for all 609 detected outputs. This indicates a high likelihood of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the website. Furthermore, the plugin has a history of significant vulnerabilities, with 5 known CVEs, one of which remains unpatched. The common vulnerability types, including Code Injection and XSS, coupled with the recent unpatched vulnerability, suggest a pattern of insecure coding practices that have not been fully addressed. The bundled Guzzle library also warrants attention, as outdated bundled libraries can introduce exploitable flaws.

Key Concerns

Unpatched CVEs exist
No output escaping detected
Bundled library (Guzzle) detected
Zero capability checks found
Zero nonce checks found

Vulnerabilities

Target Video Easy Publish Security Vulnerabilities

CVEs by Year

4 CVEs in 2025 · unpatched

2025

1 CVE in 2026

2026

Patched Has unpatched

Severity Breakdown

Medium

5 total CVEs

CVE-2025-8072medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Target Video Easy Publish <= 3.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via placeholder_img Parameter

Jan 27, 2026 Patched in 3.8.9 (1d)

CVE-2025-5237medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Target Video Easy Publish <= 3.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter

Jun 17, 2025 Patched in 3.8.6 (1d)

CVE-2025-32688medium · 5.4Improper Control of Generation of Code ('Code Injection')

Target Video Easy Publish <= 3.8.5 - Authenticated (Subscriber+) Arbitrary Shortcode Execution

Apr 17, 2025Unpatched

CVE-2024-13561medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Target Video Easy Publish <= 3.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via brid_override_yt Shortcode

Jan 28, 2025 Patched in 3.8.4 (1d)

CVE-2024-12076medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Target Video Easy Publish <= 3.8.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Jan 24, 2025 Patched in 3.8.4 (1d)

Code Analysis

Analyzed Mar 16, 2026

Target Video Easy Publish Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

609

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Guzzle

Output Escaping

0% escaped609 total outputs

Attack Surface

Target Video Easy Publish Attack Surface

Entry Points0

Unprotected0

Maintenance & Trust

Target Video Easy Publish Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJan 22, 2026

PHP min version

Downloads46K

Community Trust

Rating74/100

Number of ratings6

Active installs60

Alternatives

Target Video Easy Publish Alternatives

Fluid Player

fluid-player

The plugin makes it easy to embed the VAST ready Fluid Player video player.

400 No CVEs

All-in-One Video Gallery

all-in-one-video-gallery

The ultimate video player & video gallery plugin for YouTubers, Video Bloggers, Course Creators, Podcasters, and anyone embedding videos on websites.

20K 11 CVEs

FV Flowplayer Video Player

fv-wordpress-flowplayer

WordPress's most reliable, easy to use and feature-rich video player. Supports responsive design, HTML5, playlists, ads, stats, Vimeo and YouTube.

20K 23 CVEs

HTML5 Video Player – Embed and Play Videos in Custom Player

html5-video-player

HTML5 Video Player Plugin lets you embed responsive videos in WordPress. It’s easy to use, fast, and supports MP4, WebM, OGG, FLV, Youtube and Vimeo.

20K 8 CVEs

Videopack

video-embed-thumbnail-generator

Makes video thumbnails, allows resolution switching, and embeds responsive self-hosted videos and galleries.

10K 4 CVEs

Developer Profile

Target Video Easy Publish Developer Profile

Nebojsa

1 plugin · 60 total installs

trust score

Avg Security Score

72/100

Avg Patch Time

1 days

View full developer profile

Detection Fingerprints

How We Detect Target Video Easy Publish

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/brid-video-easy-publish/lib/css/brid-style.css/wp-content/plugins/brid-video-easy-publish/lib/css/jquery-ui.css/wp-content/plugins/brid-video-easy-publish/lib/js/brid-admin.js/wp-content/plugins/brid-video-easy-publish/lib/js/brid-public.js/wp-content/plugins/brid-video-easy-publish/lib/js/brid-upload.js/wp-content/plugins/brid-video-easy-publish/lib/js/jquery-ui.js/wp-content/plugins/brid-video-easy-publish/lib/js/jquery.min.js

Script Paths

//services.brid.tv/js/brid.player.min.js

Version Parameters

brid-video-easy-publish/style.css?ver=brid-video-easy-publish/admin.js?ver=brid-video-easy-publish/public.js?ver=brid-video-easy-publish/upload.js?ver=

HTML / DOM Fingerprints

CSS Classes

brid_wrapbrid_options

HTML Comments

+2 more

Data Attributes

data-brid-videodata-brid-playlist

JS Globals

brid_optionsBrid

Shortcode Output

[brid_video][brid_playlist]

FAQ