Does Gallery 5cript have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Gallery 5cript compatible with WordPress 6.8.5?

According to WordPress.org data, Gallery 5cript 2.0.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Gallery 5cript compatible with PHP 8.1+?

Gallery 5cript requires PHP 8.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Gallery 5cript updated?

Gallery 5cript was last updated on Jul 28, 2025. Frequent updates are generally a positive security signal.

What is Gallery 5cript's security score?

Gallery 5cript has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Gallery 5cript Security & Risk Analysis

wordpress.org/plugins/gallery-5cript

A WordPress plugin that uses the modern and accessible dialog HTML element to display images and videos.

0 active installs v2.0.0 PHP 8.1+ WP 6.6.0+ Updated Jul 28, 2025

dialoggalleryimagemodalpopup

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Gallery 5cript Safe to Use in 2026?

Generally Safe

Score 100/100

Gallery 5cript has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago

Risk Assessment

The 'gallery-5cript' v2.0.0 plugin demonstrates a generally good security posture with significant strengths in its use of prepared statements for all SQL queries and a high percentage of properly escaped output. The absence of any historical vulnerabilities or bundled libraries is also a positive indicator. However, several critical concerns emerge from the static analysis. The plugin presents a substantial attack surface with 3 out of 5 entry points lacking permission callbacks, specifically all 3 REST API routes. Furthermore, the taint analysis reveals 3 flows with unsanitized paths, all categorized as high severity, indicating a potential for attackers to manipulate data input into these insecure entry points, leading to unexpected behavior or security breaches. While the plugin avoids dangerous functions and file operations, these high-severity taint flows, combined with the unprotected REST API routes, represent the most significant security risks.

Key Concerns

Unprotected REST API routes
High severity unsanitized taint flows
Unprotected AJAX handlers

Vulnerabilities

None known

Gallery 5cript Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Gallery 5cript Release Timeline

v2.0.0Current

v1.4.1

v1.4.0

v1.3.0

v1.2.1

v1.2.0

v1.0.6

v1.0.5

v1.0.4

v1.0.3

v1.0.2

v1.0.1

v1.0.0

Code Analysis

Analyzed Mar 17, 2026

Gallery 5cript Code Analysis

Dangerous Functions

Raw SQL Queries

46 prepared

Unescaped Output

150 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared46 total queries

Output Escaping

97% escaped155 total outputs

Data Flows · Security

3 unsanitized

Data Flow Analysis

6 flows3 with unsanitized paths

insert_media_action (gallery_5cript.php:225)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

Gallery 5cript Attack Surface

Entry Points5

Unprotected3

AJAX Handlers 1

authwp_ajax_save_imagesgallery_5cript.php:69

REST API Routes 3

GET/wp-json/5cript-gallery/v1/gallerieshelper.php:720

GET/wp-json/5cript-gallery/v1/gallery/(?P<id>\d+)helper.php:726

GET/wp-json/5cript-gallery/v1/gallery/(?P<id>\d+)/imageshelper.php:739

Shortcodes 1

[gallery_shortcode] gallery_5cript.php:281

WordPress Hooks 16

actionwp_enqueue_scriptsgallery_5cript.php:59

actionadmin_enqueue_scriptsgallery_5cript.php:60

actionwp_enqueue_scriptsgallery_5cript.php:61

actionadmin_footergallery_5cript.php:62

actionadmin_menugallery_5cript.php:63

actionadmin_post_gallery_5cript_newgallery_5cript.php:64

actionadmin_post_gallery_5cript_insert_mediagallery_5cript.php:65

actionadmin_post_gallery_5cript_delete_gallerygallery_5cript.php:66

actioninitgallery_5cript.php:67

actioninitgallery_5cript.php:68

actiondelete_attachmentgallery_5cript.php:70

actionadmin_post_gallery_5cript_duplicategallery_5cript.php:71

actionadmin_menugallery_5cript.php:480

actionadmin_initgallery_5cript.php:481

actionrest_api_inithelper.php:712

actioninithelper.php:713

Maintenance & Trust

Gallery 5cript Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJul 28, 2025

PHP min version8.1

Downloads1K

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

Gallery 5cript Alternatives

Lightbox & Modal Popup WordPress Plugin – FooBox

foobox-image-lightbox

A responsive image lightbox for WordPress galleries, WordPress attachments & FooGallery

100K 5 CVEs

Firelight Lightbox

easy-fancybox

Formerly Easy Fancybox. The most popular WordPress lightbox plugin. Simple, fast, and responsive. Opens images, videos, PDFs, and custom popups.

200K 5 CVEs

Popup Maker and Popup Anything – Popup for opt-ins and Lead Generation Conversions

popup-anything-on-click

Create popup on a page load or Create popup by clicking link, image and button. Create popups, opt-in forms, & exit popups, floating bars and more!

30K 4 CVEs

WP Lightbox 2

wp-lightbox-2

WP Lightbox 2 adds stunning lightbox effects to images and galleries on your WordPress site.

30K 4 CVEs

Album and Image Gallery Plus Lightbox

album-and-image-gallery-plus-lightbox

A quick, easy way to display responsive image gallery and image album in a grid or slider with light box. Also work with Gutenberg shortcode block.

9K 4 CVEs

Developer Profile

Gallery 5cript Developer Profile

Billy Basdras

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Gallery 5cript

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gallery-5cript/output.css/wp-content/plugins/gallery-5cript/front/js/front.js/wp-content/plugins/gallery-5cript/admin/js/new.js/wp-content/plugins/gallery-5cript/admin/js/edit.js

Script Paths

/wp-content/plugins/gallery-5cript/front/js/front.js/wp-content/plugins/gallery-5cript/admin/js/new.js/wp-content/plugins/gallery-5cript/admin/js/edit.js

Version Parameters

gallery-5cript/output.css?ver=gallery-5cript/front/js/front.js?ver=gallery-5cript/admin/js/new.js?ver=gallery-5cript/admin/js/edit.js?ver=

HTML / DOM Fingerprints

Data Attributes

GALLERY_5CRIPT_EDITGALLERY_5CRIPT_NEW

JS Globals

edit_js_object

FAQ