WP-Safety

FlickrPhotogallery Security & Risk Analysis

wordpress.org/plugins/flickrphotogallery

This plugin allows you to insert an image gallery retrieving images from Flickr.

10 active installs v1.1 PHP + WP 3.2.1+ Updated May 9, 2012
flickrgalleryslideshow
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is FlickrPhotogallery Safe to Use in 2026?

Generally Safe

Score 85/100

FlickrPhotogallery has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago
Risk Assessment

The Flickr Photo Gallery plugin v1.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries, has no known vulnerabilities (CVEs), and no recorded critical or high-severity taint flows. The attack surface appears limited with only one shortcode and no AJAX handlers or REST API routes without permission checks, and no cron events. However, significant concerns arise from the code signals. The presence of the `unserialize` function twice is a major red flag, as it can lead to Remote Code Execution (RCE) if used with untrusted user input. Furthermore, a complete lack of proper output escaping for 100% of its outputs is highly problematic and opens the door to Cross-Site Scripting (XSS) vulnerabilities. The absence of nonce checks and a low number of capability checks are also weaknesses, especially when combined with the unescaped output, making potential XSS attacks more feasible.

Key Concerns

  • Unescaped output for 100% of outputs
  • Use of dangerous function: unserialize
  • Lack of nonce checks
  • Limited capability checks
Vulnerabilities
None known

FlickrPhotogallery Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

FlickrPhotogallery Code Analysis

Dangerous Functions
2
Raw SQL Queries
0
0 prepared
Unescaped Output
108
0 escaped
Nonce Checks
0
Capability Checks
2
File Operations
5
External Requests
4
Bundled Libraries
0

Dangerous Functions Found

unserialize$this->parsed_response = $this->clean_text_nodes(unserialize($this->response));include\phpFlickr.php:301
unserializereturn unserialize(file_get_contents('http://phpflickr.com/geodata/?format=php&lat=' . $lat . '&lon=include\phpFlickr.php:387

Output Escaping

0% escaped108 total outputs
Attack Surface

FlickrPhotogallery Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[FlickrPhotogallery] FlickrPhotogallery.php:23
WordPress Hooks 9
actionadmin_initFlickrPhotogallery.php:18
actionadmin_menuFlickrPhotogallery.php:19
actioninitFlickrPhotogallery.php:20
actionwp_enqueue_scriptsFlickrPhotogallery.php:22
filtermce_external_pluginsFlickrPhotogallery.php:118
filtermce_buttonsFlickrPhotogallery.php:119
actionwidgets_initfpg_widget.php:5
actionadmin_print_stylesfpg_widget.php:27
actioninitfpg_widget.php:29
Maintenance & Trust

FlickrPhotogallery Maintenance & Trust

Maintenance Signals

WordPress version tested3.3.2
Last updatedMay 9, 2012
PHP min version
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

FlickrPhotogallery Alternatives

Smart Slider 3

Smart Slider 3

smart-slider-3

A
89

Responsive slider plugin to create sliders in visual editor easily. Build beautiful image slider, layer slider, video slider, post slider, and more.

800K 8 CVEs
Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery

Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery

nextgen-gallery

B
76

The most popular gallery plugin that lets you create galleries and albums in seconds.

400K 38 CVEs
Simple Lightbox

Simple Lightbox

simple-lightbox

A
99

The highly customizable lightbox for WordPress

100K 1 CVE
Carousel, Slider, Photo Gallery with Lightbox, Video Slider, by WP Carousel

Carousel, Slider, Photo Gallery with Lightbox, Video Slider, by WP Carousel

wp-carousel-free

A
96

Carousel, Slider, and Photo Gallery with Lightbox plugin. Create Image Carousel, Video Slider, Post Carousel, Post Grid, Product Carousel, and more.

70K 5 CVEs
Slider by Soliloquy – Responsive Image Slider for WordPress

Slider by Soliloquy – Responsive Image Slider for WordPress

soliloquy-lite

A
99

The best WordPress slider plugin. Drag & Drop responsive slider builder that helps you create a beautiful image slideshows with just a few clicks.

30K 2 CVEs
Developer Profile

FlickrPhotogallery Developer Profile

Tizionario

2 plugins · 20 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect FlickrPhotogallery

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/flickrphotogallery/css/FPG_style.css/wp-content/plugins/flickrphotogallery/script/FPG_function.js/wp-content/plugins/flickrphotogallery/script/fancybox/jquery.fancybox-1.3.4.css/wp-content/plugins/flickrphotogallery/script/fancybox/jquery.fancybox-1.3.4.pack.js/wp-content/plugins/flickrphotogallery/script/fancybox/jquery.easing-1.3.pack.js
Script Paths
jqueryFPG_styleFPG_fancyboxStyleFPG_functionFPG_fancyboxFPG_facybox_easing
Version Parameters
flickrphotogallery/css/FPG_style.css?ver=flickrphotogallery/script/fancybox/jquery.fancybox-1.3.4.css?ver=flickrphotogallery/script/FPG_function.js?ver=FlickrPhotogallery/script/fancybox/jquery.fancybox-1.3.4.pack.js?ver=FlickrPhotogallery/script/fancybox/jquery.easing-1.3.pack.js?ver=

HTML / DOM Fingerprints

CSS Classes
FPG_slideshowFPG_thumbs
JS Globals
FlickrPhotogallery
Shortcode Output
<!-- Flickr Gallery -->
FAQ

Frequently Asked Questions about FlickrPhotogallery