Does Easygram have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Easygram compatible with WordPress 3.4.2?

According to WordPress.org data, Easygram 1.0.1 has been tested up to WordPress 3.4.2. Check the plugin's changelog for the latest compatibility information.

How often is Easygram updated?

Easygram was last updated on Oct 26, 2012. Frequent updates are generally a positive security signal.

What is Easygram's security score?

Easygram has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Easygram Security & Risk Analysis

wordpress.org/plugins/easygram

Easygram is a free WordPress Instagram Photo plugin.

30 active installs v1.0.1 PHP + WP 3.3+ Updated Oct 26, 2012

albumseasygraminstagraminstagrammersphotos

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Easygram Safe to Use in 2026?

Generally Safe

Score 85/100

Easygram has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago

Risk Assessment

The Easygram plugin v1.0.1 presents a mixed security profile. On the positive side, there are no known CVEs, no unpatched vulnerabilities, and the static analysis reveals a very small attack surface with no readily apparent entry points like AJAX handlers, REST API routes, or shortcodes. The use of prepared statements for the single SQL query is also a good practice. However, significant concerns arise from the code analysis, particularly the low percentage of properly escaped output (3%). This indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, where malicious scripts could be injected into the site and executed by users. Additionally, while the taint analysis shows no critical or high-severity issues, the presence of flows with unsanitized paths suggests potential for unexpected behavior or data leakage if not handled carefully. The absence of capability checks on any potential entry points is also a weakness, even if the attack surface is currently minimal.

Key Concerns

Low percentage of properly escaped output
Flows with unsanitized paths
No capability checks on potential entry points

Vulnerabilities

None known

Easygram Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Easygram Release Timeline

v1.0.1Current

Code Analysis

Analyzed Mar 16, 2026

Easygram Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared1 total queries

Output Escaping

3% escaped39 total outputs

Data Flows · Security

3 unsanitized

Data Flow Analysis

5 flows3 with unsanitized paths

attach_images (functions\class.php:274)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Easygram Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 13

actionadmin_print_scriptsfunctions\class.php:312

filtermedia_upload_tabsfunctions\class.php:315

actionmedia_upload_egfunctions\class.php:316

actionadmin_initfunctions\class.php:319

actionadmin_noticesfunctions\settings.php:339

actionadmin_print_stylesfunctions\settings.php:342

actionadmin_print_scriptsfunctions\settings.php:343

actionadmin_menufunctions\settings.php:346

actionadmin_initfunctions\settings.php:349

actionadmin_initfunctions\settings.php:353

actionplugins_loadedindex.php:24

actionplugins_loadedindex.php:37

actionadmin_initindex.php:52

Maintenance & Trust

Easygram Maintenance & Trust

Maintenance Signals

WordPress version tested3.4.2

Last updatedOct 26, 2012

PHP min version

Downloads8K

Community Trust

Rating60/100

Number of ratings1

Active installs30

Alternatives

Easygram Alternatives

Smash Balloon Social Photo Feed – Easy Social Feeds Plugin

instagram-feed

Formerly "Instagram Feed". Display clean, customizable, and responsive Instagram feeds from multiple accounts. Supports Instagram oEmbeds.

1.0M 4 CVEs

WPZOOM Social Feed Widget & Block

instagram-widget-by-wpzoom

100

Instagram feed plugin for WordPress: Display your Instagram photos, videos & reels. Easy setup with Gutenberg block, widget, shortcode & Elementor

60K 1 CVE

Easy Social Feed – Social Photos Gallery and Post Feed for WordPress

easy-facebook-likebox

Display Instagram, Facebook & YouTube feeds with photos, videos, reels, events & galleries. Fast, responsive & easy to set up.

30K 10 CVEs

Widgets for Social Photo Feed

social-photo-feed-widget

Instagram Feed Widgets. Display your Instagram feed on your website to increase engagement, sales and SEO.

10K 1 unpatched

Intagrate Lite

instagrate-to-wordpress

100

Automatically post your Instagram images to your WordPress site. Create new WordPress posts from your Instagram images, save the Instagram image to th …

4K 1 CVE

Developer Profile

Easygram Developer Profile

Julio Potier

8 plugins · 2K total installs

trust score

Avg Security Score

89/100

Avg Patch Time

52 days

View full developer profile

Detection Fingerprints

How We Detect Easygram

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/easygram/css/media.css

Script Paths

/wp-content/plugins/easygram/js/media.js

HTML / DOM Fingerprints

JS Globals

eg_media_script_params

FAQ