WP-Safety

DS Simple Gallery Security & Risk Analysis

wordpress.org/plugins/ds-simple-gallery

Gallery plugin with custom post type to manage albums and galleries.

10 active installs v1.0 PHP + WP 3.0+ Updated Dec 27, 2016
albumsgallerygallery-albumsphoto-gallerysimple-gallery
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is DS Simple Gallery Safe to Use in 2026?

Generally Safe

Score 85/100

DS Simple Gallery has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago
Risk Assessment

The ds-simple-gallery v1.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices in handling SQL queries, utilizing prepared statements exclusively, and generally good output escaping (81%). The absence of known CVEs and a clean vulnerability history are also strong indicators of a well-maintained or less-targeted plugin.

However, significant concerns arise from the static analysis. The plugin exposes two AJAX handlers without any authentication or capability checks, creating a substantial attack surface for unauthorized actions. Furthermore, the presence of the `unserialize` function, especially when coupled with potentially user-controlled input, is a critical vulnerability risk, as it can lead to Remote Code Execution if not handled with extreme care. The taint analysis revealing unsanitized paths in all analyzed flows, while not reaching critical or high severity, suggests potential for unexpected behavior or vulnerabilities if input validation is insufficient.

While the lack of historical vulnerabilities is reassuring, it doesn't negate the immediate risks identified in the current version. The combination of unprotected entry points and dangerous functions points to a need for immediate review and patching. The plugin's strengths lie in its SQL handling and output escaping, but these are overshadowed by the identified security weaknesses that require prompt attention.

Key Concerns

  • Unprotected AJAX handlers
  • Dangerous function: unserialize
  • Flows with unsanitized paths
  • Missing capability checks
Vulnerabilities
None known

DS Simple Gallery Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

DS Simple Gallery Code Analysis

Dangerous Functions
2
Raw SQL Queries
0
1 prepared
Unescaped Output
19
83 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

unserialize$gallery = (is_string($gallery)) ? @unserialize($gallery) : $gallery;wp-gallery.php:183
unserialize$gallery = (is_string($gallery)) ? @unserialize($gallery) : $gallery;wp-gallery.php:304

SQL Query Safety

100% prepared1 total queries

Output Escaping

81% escaped102 total outputs
Data Flows
4 unsanitized

Data Flow Analysis

4 flows4 with unsanitized paths
wrsg_optionsframework_mlu_js_popup (admin\options-medialibrary-uploader.php:239)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

DS Simple Gallery Attack Surface

Entry Points4
Unprotected2

AJAX Handlers 2

authwp_ajax_wrsimplegallery_get_thumbnailwp-gallery.php:58
authwp_ajax_wrsimplegallery_get_all_thumbnailwp-gallery.php:59

Shortcodes 2

[wrsgallery] wp-gallery.php:53
[wrsalbum] wp-gallery.php:359
WordPress Hooks 40
actioninitadmin\options-framework.php:31
actionadmin_menuadmin\options-framework.php:34
actionadmin_initadmin\options-framework.php:35
actionadmin_initadmin\options-framework.php:36
actioninitadmin\options-framework.php:41
actionadmin_headadmin\options-framework.php:160
actionwp_before_admin_bar_renderadmin\options-framework.php:328
actionadmin_headadmin\options-medialibrary-uploader.php:231
filtermedia_upload_tabsadmin\options-medialibrary-uploader.php:232
filterwrsg_of_sanitize_textadmin\options-sanitize.php:5
filterwrsg_of_sanitize_textareaadmin\options-sanitize.php:15
filterwrsg_of_sanitize_infoadmin\options-sanitize.php:19
filterwrsg_of_sanitize_selectadmin\options-sanitize.php:23
filterwrsg_of_sanitize_radioadmin\options-sanitize.php:27
filterwrsg_of_sanitize_imagesadmin\options-sanitize.php:31
filterwrsg_of_sanitize_checkboxadmin\options-sanitize.php:43
filterwrsg_of_sanitize_multicheckadmin\options-sanitize.php:61
filterwrsg_of_sanitize_coloradmin\options-sanitize.php:65
filterwrsg_of_sanitize_uploadadmin\options-sanitize.php:77
filterwrsg_of_sanitize_infoadmin\options-sanitize.php:87
filterwrsg_of_sanitize_infoadmin\options-sanitize.php:97
filterwrsg_of_sanitize_backgroundadmin\options-sanitize.php:129
filterwrsg_of_background_repeatadmin\options-sanitize.php:138
filterwrsg_of_background_positionadmin\options-sanitize.php:147
filterwrsg_of_background_attachmentadmin\options-sanitize.php:156
filterwrsg_of_sanitize_typographyadmin\options-sanitize.php:176
filterwrsg_of_font_faceadmin\options-sanitize.php:187
filterwrsg_of_font_styleadmin\options-sanitize.php:197
filterwrsg_of_font_faceadmin\options-sanitize.php:207
actionadmin_print_scripts-post.phpwp-gallery.php:43
actionadmin_print_scripts-post-new.phpwp-gallery.php:44
actionadmin_print_styleswp-gallery.php:45
actionwp_print_scriptswp-gallery.php:46
actionwp_print_styleswp-gallery.php:47
actioninitwp-gallery.php:48
actioninitwp-gallery.php:49
filterthe_contentwp-gallery.php:50
actionadd_meta_boxeswp-gallery.php:55
actionadmin_initwp-gallery.php:56
actionsave_postwp-gallery.php:57
Maintenance & Trust

DS Simple Gallery Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32
Last updatedDec 27, 2016
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

DS Simple Gallery Alternatives

Simple Gallery with Filter

Simple Gallery with Filter

simple-gallery-with-filter

A
99

Create simple gallery with filter option by using this plugin. Very simple create isotope filter gallery you can use for gallery, portfolio, team, ser …

100 1 CVE
IA Magic Galleries

IA Magic Galleries

ia-magic-galleries

A
100

Transform your WordPress into a visually stunning showcase with IA Magic Galleries. Enjoy beautiful, responsive galleries that captivate.

30 No CVEs
Photo Gallery by 2J

Photo Gallery by 2J

2j-photo-gallery

A
85

Photo gallery with light style design photo gallery. Simple config photo gallery and interface settings of the photo gallery.

10 No CVEs
Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery

Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery

nextgen-gallery

B
76

The most popular gallery plugin that lets you create galleries and albums in seconds.

400K 37 CVEs
Photo Gallery by 10Web – Mobile-Friendly Image Gallery

Photo Gallery by 10Web – Mobile-Friendly Image Gallery

photo-gallery

D
39

Photo Gallery is a powerful image gallery plugin with a list of advanced options for creating responsive image galleries with beautiful lightbox.

200K 1 unpatched
Developer Profile

DS Simple Gallery Developer Profile

DotsquaresLtd

6 plugins · 110 total installs

86
trust score
Avg Security Score
88/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect DS Simple Gallery

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ds-simple-gallery/wp-gallery-admin.css/wp-content/plugins/ds-simple-gallery/wp-gallery-admin.js/wp-content/plugins/ds-simple-gallery/plupload.full.min.js
Script Paths
/wp-content/plugins/ds-simple-gallery/wp-gallery-admin.js/wp-content/plugins/ds-simple-gallery/plupload.full.min.js
Version Parameters
ds-simple-gallery/wp-gallery-admin.css?ver=ds-simple-gallery/wp-gallery-admin.js?ver=ds-simple-gallery/plupload.full.min.js?ver=

HTML / DOM Fingerprints

HTML Comments
<!-- Register the Custom Music Review Post Type -->
Data Attributes
id="wrsg-plupload-browse-button"
JS Globals
POST_IDWPSGwpUploaderInit
Shortcode Output
[wrsgallery]
FAQ

Frequently Asked Questions about DS Simple Gallery