Does Easy YouTube Gallery have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Easy YouTube Gallery compatible with WordPress 6.7.5?

According to WordPress.org data, Easy YouTube Gallery 1.0.5 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is Easy YouTube Gallery updated?

Easy YouTube Gallery was last updated on Jan 17, 2025. Frequent updates are generally a positive security signal.

What is Easy YouTube Gallery's security score?

Easy YouTube Gallery has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Easy YouTube Gallery Security & Risk Analysis

wordpress.org/plugins/easy-youtube-gallery

Quick and easy make gallery for custom set of YouTube videos provided in shortcode, and autoplay video on click in Magnific PopUp lightbox.

500 active installs v1.0.5 PHP + WP 3.9.0+ Updated Jan 17, 2025

gallerylightboxthumbnailvideoyoutube

A · Safe

CVEs total1

Unpatched0

Last CVEJan 24, 2025

Plugin page Download

Safety Verdict

Is Easy YouTube Gallery Safe to Use in 2026?

Generally Safe

Score 91/100

Easy YouTube Gallery has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Jan 24, 2025Updated 1yr ago

Risk Assessment

The "easy-youtube-gallery" v1.0.5 plugin generally exhibits good security practices based on the static analysis, with no detected dangerous functions, all SQL queries using prepared statements, and all output properly escaped. The plugin also includes capability checks and avoids file operations and external HTTP requests, which are positive indicators. However, the absence of nonce checks on its entry points, particularly the shortcodes, presents a potential concern as it leaves these functions vulnerable to cross-site request forgery (CSRF) attacks if an attacker can trick a logged-in user into triggering them. The vulnerability history shows a single medium-severity Cross-site Scripting (XSS) vulnerability reported relatively recently. While this vulnerability is reported as unpatched, the fact that there's only one and it's medium severity suggests a generally stable codebase, but the lack of recent updates and the lingering XSS risk warrant caution.

Key Concerns

Missing nonce checks on shortcodes
Medium severity XSS vulnerability historically

Vulnerabilities

1 published

Easy YouTube Gallery Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-24721medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Easy YouTube Gallery <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Jan 24, 2025 Patched in 1.0.5 (5d)

Version History

Easy YouTube Gallery Release Timeline

v1.0.5Current

v1.0.41 CVE

v1.0.31 CVE

v1.0.21 CVE

v1.0.11 CVE

v1.0.01 CVE

Code Analysis

Analyzed Mar 16, 2026

Easy YouTube Gallery Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

7 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

TinyMCE

Output Escaping

100% escaped7 total outputs

Attack Surface

Easy YouTube Gallery Attack Surface

Entry Points3

Unprotected0

Shortcodes 3

[easy_youtube_gallery] classes\techwebux\eytg\class-main.php:35

[eytg] classes\techwebux\eytg\class-main.php:36

[eyg] classes\techwebux\eytg\class-main.php:37

WordPress Hooks 4

actionwp_enqueue_scriptsclasses\techwebux\eytg\class-main.php:40

actionadmin_enqueue_scriptsclasses\techwebux\eytg\class-main.php:43

filtermce_external_pluginsclasses\techwebux\eytg\class-main.php:46

filtermce_buttonsclasses\techwebux\eytg\class-main.php:47

Maintenance & Trust

Easy YouTube Gallery Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 17, 2025

PHP min version

Downloads14K

Community Trust

Rating100/100

Number of ratings9

Active installs500

Alternatives

Easy YouTube Gallery Alternatives

Video Grid

video-grid

This is a beautiful responsive video grid with responsive lightbox for WordPress blogs and sites. Admin can manage any number of videos into the grid.

1K 2 CVEs

video carousel slider with lightbox

wp-responsive-video-gallery-with-lightbox

This is a beautiful responsive video carousel slider with responsive lightbox for WordPress blogs and sites. Admin can manage any number of videos int …

1K 3 CVEs

Video-Link-Gallery

video-link-gallery

Video-Gallery defined by shortcodes for youtube, vimeo and direct links, opening videos in a lightbox (default-lightbox: "PhotoSwipe")

0 No CVEs

Mixed Media Gallery Blocks

simply-gallery-block

Create mixed media galleries with images, HTML5 video, YouTube, Vimeo, and VideoPress — all in one gallery by Simply Gallery.

40K 8 CVEs

All-in-One Video Gallery

all-in-one-video-gallery

The ultimate video player & video gallery plugin for YouTubers, Video Bloggers, Course Creators, Podcasters, and anyone embedding videos on websites.

20K 11 CVEs

Developer Profile

Easy YouTube Gallery Developer Profile

Aleksandar Urošević

8 plugins · 108K total installs

trust score

Avg Security Score

90/100

Avg Patch Time

180 days

View full developer profile

Detection Fingerprints

How We Detect Easy YouTube Gallery

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/easy-youtube-gallery/assets/lib/magnific-popup/magnific-popup.min.css/wp-content/plugins/easy-youtube-gallery/assets/lib/magnific-popup/jquery.magnific-popup.min.js/wp-content/plugins/easy-youtube-gallery/assets/js/eytg.min.js/wp-content/plugins/easy-youtube-gallery/assets/css/eytg.min.css/wp-content/plugins/easy-youtube-gallery/assets/css/admin.min.css

Script Paths

/wp-content/plugins/easy-youtube-gallery/assets/js/eytg.min.js

Version Parameters

easy-youtube-gallery/assets/css/admin.min.css?ver=easy-youtube-gallery/assets/lib/magnific-popup/magnific-popup.min.css?ver=easy-youtube-gallery/assets/lib/magnific-popup/jquery.magnific-popup.min.js?ver=easy-youtube-gallery/assets/js/eytg.min.js?ver=easy-youtube-gallery/assets/css/eytg.min.css?ver=

HTML / DOM Fingerprints

CSS Classes

eytg-errormfp-hide

Data Attributes

data-mfp-src

Shortcode Output

<p class="eytg-error">You have not provided any valid YouTube video ID's within the Easy YouTube Gallery shortcode!</p>

FAQ

Easy YouTube Gallery Security & Risk Analysis

Is Easy YouTube Gallery Safe to Use in 2026?

Generally Safe

Key Concerns

Easy YouTube Gallery Security Vulnerabilities

CVEs by Year

Severity Breakdown

Easy YouTube Gallery Release Timeline

Easy YouTube Gallery Code Analysis

Bundled Libraries

Output Escaping

Easy YouTube Gallery Attack Surface

Shortcodes 3

Easy YouTube Gallery Maintenance & Trust

Maintenance Signals

Community Trust

Easy YouTube Gallery Alternatives

Video Grid

video carousel slider with lightbox

Video-Link-Gallery

Mixed Media Gallery Blocks

All-in-One Video Gallery

Easy YouTube Gallery Developer Profile

How We Detect Easy YouTube Gallery

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Easy YouTube Gallery