WP-Safety

CatFolders Document Gallery & PDF Library Security & Risk Analysis

wordpress.org/plugins/catfolders-document-gallery

Display WordPress PDF gallery and file gallery from folders. Comes with a clean, searchable & sortable list/grid layout.

3K active installs v2.0.5 PHP 7.0+ WP 6.1+ Updated Mar 17, 2026
document-librarydocument-managementdocumentsdownloadspdf
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is CatFolders Document Gallery & PDF Library Safe to Use in 2026?

Generally Safe

Score 100/100

CatFolders Document Gallery & PDF Library has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "catfolders-document-gallery" v2.0.4 plugin exhibits a generally good security posture, adhering to several best practices. The absence of known vulnerabilities in its history and the presence of capability checks and a nonce check are positive indicators. Furthermore, the plugin demonstrates a commitment to secure coding by predominantly using prepared statements for SQL queries and properly escaping a high percentage of its outputs. The limited attack surface, consisting of a single shortcode without apparent direct unprotected entry points, further contributes to its perceived security.

However, the static analysis reveals two concerning signals: the use of the `exec` function, which can be a significant risk if not handled with extreme care, and the presence of SQL queries that are not always prepared. While the overall percentage of prepared statements is high, any instance of unsanitized SQL is a potential vector for SQL injection. The lack of recorded vulnerabilities in its history is a positive sign, but it doesn't entirely mitigate the risks identified in the code analysis. A comprehensive security assessment would require a deeper dive into how the `exec` function and the non-prepared SQL queries are utilized to determine the actual exploitability of these potential weaknesses.

Key Concerns

  • Use of dangerous function 'exec'
  • SQL queries without prepared statements
Vulnerabilities
None known

CatFolders Document Gallery & PDF Library Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

CatFolders Document Gallery & PDF Library Release Timeline

v2.0.5Current
v2.0.4
v2.0.3
v2.0.2
v2.0.1
v2.0.0
v1.5.2
v1.5.1
v1.4.9
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4
v1.3
v1.2
Code Analysis
Analyzed Mar 16, 2026

CatFolders Document Gallery & PDF Library Code Analysis

Dangerous Functions
2
Raw SQL Queries
3
6 prepared
Unescaped Output
19
72 escaped
Nonce Checks
1
Capability Checks
3
File Operations
0
External Requests
0
Bundled Libraries
1

Dangerous Functions Found

execexec( 'convert -version', $output, $result_code );includes\Engine\Thumbnail\Thumbnail.php:73
execexec( 'which gs', $output, $result_code );includes\Engine\Thumbnail\Thumbnail.php:116

Bundled Libraries

DataTables

SQL Query Safety

67% prepared9 total queries

Output Escaping

79% escaped91 total outputs
Attack Surface

CatFolders Document Gallery & PDF Library Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[catf_dg] includes\Engine\Shortcode.php:16
WordPress Hooks 17
actionadmin_initcatfolders-document-gallery.php:25
actionadmin_initcatfolders-document-gallery.php:35
actionadmin_noticescatfolders-document-gallery.php:87
actionplugins_loadedcatfolders-document-gallery.php:98
actioninitincludes\Engine\AssetsManager.php:19
actionadmin_enqueue_scriptsincludes\Engine\AssetsManager.php:20
actionwp_enqueue_scriptsincludes\Engine\AssetsManager.php:21
actioninitincludes\Engine\Blocks\Blocks.php:14
actionwp_headincludes\Engine\Blocks\Blocks.php:15
actionadmin_menuincludes\Engine\PostType.php:13
actioninitincludes\Engine\PostType.php:14
actionadd_meta_boxesincludes\Engine\PostType.php:15
actionsave_postincludes\Engine\PostType.php:16
actionrest_api_initincludes\Engine\RestAPI.php:17
actioninitincludes\Engine\Shortcode.php:12
actionadmin_noticesincludes\Fallback.php:4
actionadmin_noticesincludes\FallbackMinimumWp.php:7
Maintenance & Trust

CatFolders Document Gallery & PDF Library Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 17, 2026
PHP min version7.0
Downloads31K

Community Trust

Rating88/100
Number of ratings12
Active installs3K
Alternatives

CatFolders Document Gallery & PDF Library Alternatives

Filr – Secure document library

Filr – Secure document library

filr-protection

C
62

Easily Create a Secure Document Library with Filr

800 1 unpatched
Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files

Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files

embed-any-document

A
95

Embed PDF, DOC, PPT and XLS documents easily on your WordPress website with the help of Google Docs Viewer or Microsoft Office Online.

50K 4 CVEs
Document Embedder – Embed PDFs, Word, Excel, and Other Files

Document Embedder – Embed PDFs, Word, Excel, and Other Files

document-emberdder

A
93

Document Embedder lets you display PDF, DOCX, PPTX, XLSX, and other files in WordPress sites with a responsive viewer and optional download button.

10K 4 CVEs
Document Gallery

Document Gallery

document-gallery

A
100

This plugin generates thumbnails for documents and displays them in a gallery-like format for easy sharing.

9K No CVEs
FileBird Document Library

FileBird Document Library

filebird-document-library

A
99

Create WordPress document library using FileBird and Gutenberg or any WordPress page builder.

5K 1 CVE
Developer Profile

CatFolders Document Gallery & PDF Library Developer Profile

CatFolders

2 plugins · 9K total installs

93
trust score
Avg Security Score
99/100
Avg Patch Time
23 days
View full developer profile
Detection Fingerprints

How We Detect CatFolders Document Gallery & PDF Library

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/catfolders-document-gallery/assets/css/dataTables/jquery.dataTables.min.css/wp-content/plugins/catfolders-document-gallery/assets/css/styles.min.css/wp-content/plugins/catfolders-document-gallery/assets/css/dataTables/responsive.dataTables.min.css/wp-content/plugins/catfolders-document-gallery/build/apps/app.css/wp-content/plugins/catfolders-document-gallery/assets/js/dataTables/jquery.dataTables.min.js/wp-content/plugins/catfolders-document-gallery/assets/js/dataTables/dataTables.responsive.min.js/wp-content/plugins/catfolders-document-gallery/assets/js/dataTables/natural.min.js/wp-content/plugins/catfolders-document-gallery/assets/js/dataTables/filesize.min.js+3 more
Script Paths
/wp-content/plugins/catfolders-document-gallery/assets/js/dataTables/jquery.dataTables.min.js/wp-content/plugins/catfolders-document-gallery/assets/js/dataTables/dataTables.responsive.min.js/wp-content/plugins/catfolders-document-gallery/assets/js/dataTables/natural.min.js/wp-content/plugins/catfolders-document-gallery/assets/js/dataTables/filesize.min.js/wp-content/plugins/catfolders-document-gallery/build/apps/app.js/wp-content/plugins/catfolders-document-gallery/assets/js/shortcode/events.js+1 more
Version Parameters
catfolders-document-gallery/assets/css/dataTables/jquery.dataTables.min.css?ver=catfolders-document-gallery/assets/css/styles.min.css?ver=catfolders-document-gallery/assets/css/dataTables/responsive.dataTables.min.css?ver=catfolders-document-gallery/build/apps/app.css?ver=catfolders-document-gallery/assets/js/dataTables/jquery.dataTables.min.js?ver=catfolders-document-gallery/assets/js/dataTables/dataTables.responsive.min.js?ver=catfolders-document-gallery/assets/js/dataTables/natural.min.js?ver=catfolders-document-gallery/assets/js/dataTables/filesize.min.js?ver=catfolders-document-gallery/build/apps/app.js?ver=catfolders-document-gallery/assets/js/shortcode/events.js?ver=catfolders-document-gallery/build/view.js?ver=

HTML / DOM Fingerprints

CSS Classes
catf-dg-gallery-containercatf-dg-gallery-item
HTML Comments
<!-- START CatFolders Document Gallery shortcode --><!-- END CatFolders Document Gallery shortcode --><!-- CatFolders Document Gallery Options -->
Data Attributes
data-catf-dg-optionsdata-catf-dg-id
JS Globals
catf_dg_gallery_data
REST Endpoints
/wp-json/catf-dg/v1/gallery
Shortcode Output
[catfolders_document_gallery]
FAQ

Frequently Asked Questions about CatFolders Document Gallery & PDF Library