Does Gabfire Media Module have any unpatched vulnerabilities?

No. All known vulnerabilities in Gabfire Media Module have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Gabfire Media Module compatible with WordPress 4.3.34?

According to WordPress.org data, Gabfire Media Module 0.4 has been tested up to WordPress 4.3.34. Check the plugin's changelog for the latest compatibility information.

How often is Gabfire Media Module updated?

Gabfire Media Module was last updated on Oct 26, 2015. Frequent updates are generally a positive security signal.

What is Gabfire Media Module's security score?

Gabfire Media Module has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Gabfire Media Module Security & Risk Analysis

wordpress.org/plugins/gabfire-media-module

Gabfire Media Module extends the functionality of WordPress Featured Image to support Videos and Default Post Images.

100 active installs v0.4 PHP + WP 3.8+ Updated Oct 26, 2015

featured-imagehtml5-videooembedvideovideojs

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Gabfire Media Module Safe to Use in 2026?

Generally Safe

Score 85/100

Gabfire Media Module has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The 'gabfire-media-module' v0.4 plugin exhibits a strong security posture based on the provided static analysis. It demonstrates a complete lack of detectable attack surface through AJAX, REST API, shortcodes, and cron events. Furthermore, the code signals indicate responsible development with no dangerous functions, all SQL queries utilizing prepared statements, and a healthy number of nonce and capability checks. This suggests a deliberate effort to follow WordPress security best practices.

While the static analysis reveals no critical or high-severity issues in taint analysis or concerning code signals like unescaped output, the 52% proper output escaping rate is a notable area for improvement. This means slightly less than half of the outputs might be vulnerable to cross-site scripting (XSS) if the input data isn't sufficiently sanitized elsewhere. The vulnerability history being entirely empty is a positive indicator, suggesting the plugin has historically been secure or has not had widespread security issues reported.

Overall, 'gabfire-media-module' v0.4 appears to be a secure plugin with a minimal attack surface and good development practices. The primary area of concern is the imperfect output escaping, which, while not flagged as a critical issue in this analysis, represents a potential weakness that could be exploited in conjunction with other factors. The absence of known vulnerabilities and the robust code signals outweigh this single concern.

Key Concerns

Output escaping is not fully implemented

Vulnerabilities

None known

Gabfire Media Module Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Gabfire Media Module Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

26 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

52% escaped50 total outputs

Attack Surface

Gabfire Media Module Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

actionadd_meta_boxescustom-fields.php:11

actionsave_postcustom-fields.php:163

actionadmin_head-post.phpcustom-fields.php:170

actionadmin_head-post-new.phpcustom-fields.php:171

Maintenance & Trust

Gabfire Media Module Maintenance & Trust

Maintenance Signals

WordPress version tested4.3.34

Last updatedOct 26, 2015

PHP min version

Downloads7K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

Gabfire Media Module Alternatives

Easy Player – HTML5 Video,YouTube,Video.js

easy-player

100

Interactive video player on your posts and pages with Shortcode and Gutenberg block editor.

30 No CVEs

Simple Video Post

simple-video-post

100

A simple video post plugin that support YouTube/Vimeo/Facebook/Dailymotion like video sharing website. No coding required.

0 No CVEs

FV Flowplayer Video Player

fv-wordpress-flowplayer

WordPress's most reliable, easy to use and feature-rich video player. Supports responsive design, HTML5, playlists, ads, stats, Vimeo and YouTube.

20K 23 CVEs

HTML5 Video Player – Embed and Play Videos in Custom Player

html5-video-player

HTML5 Video Player Plugin lets you embed responsive videos in WordPress. It’s easy to use, fast, and supports MP4, WebM, OGG, FLV, Youtube and Vimeo.

20K 8 CVEs

Automatic Featured Images from Videos

automatic-featured-images-from-videos

If a YouTube or Vimeo video embed exists near the start of a post, we'll automatically set the post's featured image to a thumbnail of the video.

8K 2 CVEs

Developer Profile

Gabfire Media Module Developer Profile

Gabfire

3 plugins · 810 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Gabfire Media Module

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gabfire-media-module/videojs/video-js.min.css

Script Paths

https://cdnjs.cloudflare.com/ajax/libs/video.js/4.12.4/video.js

HTML / DOM Fingerprints

CSS Classes

cf_video

Data Attributes

data-setup

FAQ