Does embedX have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is embedX compatible with WordPress 6.5.8?

According to WordPress.org data, embedX 1.0.0 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

Is embedX compatible with PHP 7.0+?

embedX requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is embedX updated?

embedX was last updated on Jul 7, 2024. Frequent updates are generally a positive security signal.

What is embedX's security score?

embedX has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

embedX Security & Risk Analysis

wordpress.org/plugins/embedx

Show iframes easily on WordPress.

0 active installs v1.0.0 PHP 7.0+ WP 4.0+ Updated Jul 7, 2024

conditional-iframeembediframeiframe-by-shortcodeiframe-for-logged-user

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is embedX Safe to Use in 2026?

Generally Safe

Score 92/100

embedX has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The embedx plugin v1.0.0 exhibits a strong security posture based on the provided static analysis. There are no identified dangerous functions, SQL injection risks, or unescaped outputs. The absence of file operations and external HTTP requests further minimizes the attack surface. The plugin also demonstrates good practice by using prepared statements for all SQL queries, and importantly, the static analysis did not reveal any critical or high severity taint flows. The vulnerability history is also clean, with zero recorded CVEs, indicating a lack of publicly known security flaws. This suggests the developers have likely followed secure coding principles.

However, a significant area of concern is the complete absence of nonce and capability checks across all identified entry points, which include one shortcode. While the static analysis reports zero unprotected entry points, the lack of these fundamental security mechanisms is a notable weakness. This means that any user, regardless of their role or logged-in status, could potentially interact with the plugin's functionality. The vulnerability history, while currently clean, does not necessarily guarantee future security, especially with the identified gaps in authentication and authorization. The overall security is good in terms of preventing common code-level vulnerabilities but has a critical weakness in user access control.

Key Concerns

Missing nonce checks on shortcode
Missing capability checks on shortcode

Vulnerabilities

None known

embedX Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

embedX Release Timeline

No version history available.

Code Analysis

Analyzed Apr 6, 2026

embedX Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

embedX Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[embedx] embedx.php:23

Maintenance & Trust

embedX Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedJul 7, 2024

PHP min version7.0

Downloads507

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

embedX Alternatives

iframe

[iframe src="http://www.youtube.com/embed/7_nAZQt9qu0" width="100%" height="500"] shortcode

70K 6 CVEs

Advanced iFrame

advanced-iframe

Include content the way YOU like in an iframe that can hide and modify elements, does auto-height, forward parameters and does many, many more...

40K 12 CVEs

Embed Privacy

embed-privacy

100

Embed Privacy prevents the loading of embedded external content and allows your site visitors to opt-in.

10K 1 CVE

Simple YouTube Embed

simple-youtube-embed

Embed YouTube videos in WordPress beautifully. Embed YouTube video with a URL or shortcode and customize the player using this YouTube embed plugin.

5K No CVEs

Custom iFrame – Embed PDFs, Videos, and External Content in WordPress (Elementor & Gutenberg)

custom-iframe

Easily embed secure, SEO-friendly, and responsive iFrames in WordPress using Elementor or Gutenberg with lazy loading, auto-height adjustment, and dyn …

3K 1 CVE

Developer Profile

embedX Developer Profile

Liton Arefin

49 plugins · 43K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

63 days

View full developer profile

Detection Fingerprints

How We Detect embedX

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output

<iframe

FAQ