Does Deezer Widget have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Deezer Widget compatible with WordPress 3.4.2?

According to WordPress.org data, Deezer Widget 1.0 has been tested up to WordPress 3.4.2. Check the plugin's changelog for the latest compatibility information.

How often is Deezer Widget updated?

Deezer Widget was last updated on Aug 21, 2012. Frequent updates are generally a positive security signal.

What is Deezer Widget's security score?

Deezer Widget has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Deezer Widget Security & Risk Analysis

wordpress.org/plugins/deezer-widget

A Deezer play button widget.

20 active installs v1.0 PHP + WP 3.4+ Updated Aug 21, 2012

deezermusicplaylistradiowidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Deezer Widget Safe to Use in 2026?

Generally Safe

Score 85/100

Deezer Widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago

Risk Assessment

The 'deezer-widget' plugin version 1.0 exhibits a generally good security posture, with no known vulnerabilities or exploitable attack vectors identified in its historical data. The absence of CVEs suggests a history of secure development or diligent patching. Static analysis reveals a very small attack surface with zero entry points, which is a significant positive. Furthermore, all SQL queries are properly prepared, indicating a safeguard against SQL injection. However, there are notable concerns within the code. The presence of three instances of the `create_function` function is a significant risk, as this deprecated PHP function can be a vector for code injection if user input is not meticulously sanitized before being passed to it. Additionally, the plugin has a low rate of properly escaped output (39%), meaning a substantial portion of its output could be vulnerable to Cross-Site Scripting (XSS) attacks. The lack of any nonce or capability checks, while not immediately exploitable given the zero entry points, represents a weakness in fundamental WordPress security practices that could become a problem if the plugin's architecture were to change or expand in the future.

Key Concerns

Dangerous function 'create_function' used
Low percentage of output properly escaped
No nonce checks implemented
No capability checks implemented

Vulnerabilities

None known

Deezer Widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Deezer Widget Release Timeline

No version history available.

Code Analysis

Analyzed Apr 16, 2026

Deezer Widget Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

46 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_functionadd_action( 'widgets_init', create_function( '', 'register_widget( "Deezer_Playlist" );' ) );deezer.php:35

create_functionadd_action( 'widgets_init', create_function( '', 'register_widget( "Deezer_Radio" );' ) );deezer.php:36

create_functionadd_action( 'widgets_init', create_function( '', 'register_widget( "Deezer_Album" );' ) );deezer.php:37

Output Escaping

39% escaped117 total outputs

Attack Surface

Deezer Widget Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actionwidgets_initdeezer.php:35

actionwidgets_initdeezer.php:36

actionwidgets_initdeezer.php:37

Maintenance & Trust

Deezer Widget Maintenance & Trust

Maintenance Signals

WordPress version tested3.4.2

Last updatedAug 21, 2012

PHP min version

Downloads6K

Community Trust

Rating100/100

Number of ratings1

Active installs20

Alternatives

Deezer Widget Alternatives

Radiojar Audio Player

radiojar-player

Audio player plugin for Radiojar platform , just by dragging the widget or added shortcode [rj-player].

100 No CVEs

Rock & Pop Radio

rock-pop-radio

We aim to caress your auditory receptors, bringing you to a harmonized climax, leaving you wanting more. Allow us to pound your ears with our energeti …

10 No CVEs

Music Player for Elementor – Audio Player & Podcast Player

music-player-for-elementor

Audio Player for Elementor – the go-to plugin for adding MP3s, podcasts & playlists. Fully customizable, WooCommerce-ready, and mobile-friendly.

10K 2 CVEs

Cue by AudioTheme.com

cue

Delightful and reliable audio playlists.

6K 1 CVE

My YouTube Channel

youtube-channel

Show video thumbnails or playable video block of recent YouTube Playlist, Channel (User Uploads) videos.

5K 4 CVEs

Developer Profile

Deezer Widget Developer Profile

Adrien

1 plugin · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Deezer Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/deezer-widget/

HTML / DOM Fingerprints

CSS Classes

deezer-playlistdeezer-radiodeezer-album

HTML Comments

**************************************************************************

* 
*
* Deezer Widget
* Plugin URI:   http://wordpress.org/extend/plugins/deezer-widget/
* Description:  Three widgets to play: playlist, album or radio from Deezer
* Version:      1.0
* Author:       Adrien P.
* Author URI:   http://perraudeaua.com/
* License:      GPLv2 or later
* 
* Copyright 2012 Adrien PERRAUDEAU
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
*
**************************************************************************/

* 
*
*                              Deezer Playlist
*
**************************************************************************/

* 
*
*                              Deezer Radio
*
**************************************************************************/

+1 more

Data Attributes

id="deezer-playlist"name="deezer-playlist"id="deezer-radio"name="deezer-radio"id="deezer-album"name="deezer-album"

FAQ