Does Hana FLV Extension have any unpatched vulnerabilities?

No. All known vulnerabilities in Hana FLV Extension have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Hana FLV Extension compatible with WordPress 3.2.1?

According to WordPress.org data, Hana FLV Extension 0.2 has been tested up to WordPress 3.2.1. Check the plugin's changelog for the latest compatibility information.

How often is Hana FLV Extension updated?

Hana FLV Extension was last updated on Aug 25, 2011. Frequent updates are generally a positive security signal.

What is Hana FLV Extension's security score?

Hana FLV Extension has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Hana FLV Extension Security & Risk Analysis

wordpress.org/plugins/hana-flv-extension

Hana FLV extension extends the capabilities of the Hana FLV Player plugin to allow integration with the WP media library.

40 active installs v0.2 PHP + WP 3.0+ Updated Aug 25, 2011

extensionflvhanahana-flvupload

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Hana FLV Extension Safe to Use in 2026?

Generally Safe

Score 85/100

Hana FLV Extension has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 14yr ago

Risk Assessment

The "hana-flv-extension" plugin v0.2 exhibits a mixed security posture. On the positive side, the static analysis reveals a lack of identified dangerous functions, no SQL queries that are not prepared, and no file operations or external HTTP requests, all of which are strong indicators of good security practices. Furthermore, there is no reported vulnerability history, suggesting a lack of past security incidents.

However, significant concerns arise from the output escaping analysis. With 100% of outputs not being properly escaped, this plugin presents a clear risk of Cross-Site Scripting (XSS) vulnerabilities. Any user-provided data displayed by the plugin is vulnerable to injection, which could lead to session hijacking, defacement, or malware distribution. The absence of any identified attack surface points (AJAX, REST API, shortcodes, cron events) is unusual and could either indicate a very limited plugin scope or a potential oversight in the static analysis. Given the lack of identified XSS vulnerabilities in the taint analysis, it's possible the plugin's functionality doesn't involve user-generated content directly displayed in a way that the analysis can detect, but the unescaped output is still a critical flaw.

Key Concerns

All outputs are unescaped

Vulnerabilities

None known

Hana FLV Extension Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Hana FLV Extension Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped8 total outputs

Attack Surface

Hana FLV Extension Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actionadmin_noticeshana-flv-player-extension.php:42

actionadmin_initincludes\class-hana-flv-ext.php:27

actionsave_postincludes\class-hana-flv-ext.php:28

Maintenance & Trust

Hana FLV Extension Maintenance & Trust

Maintenance Signals

WordPress version tested3.2.1

Last updatedAug 25, 2011

PHP min version

Downloads8K

Community Trust

Rating0/100

Number of ratings0

Active installs40

Alternatives

Hana FLV Extension Alternatives

Extension Access Manager

extension-access-manager

100

Securely connect your Chrome extension to WordPress for uploading images and posting content via custom REST API.

0 No CVEs

FileOrganizer – WordPress File Manager

fileorganizer

FileOrganizer is an intuitive file manager to easily edit, delete, upload, download, and manage all your WordPress files and folders right from the da …

200K 5 CVEs

Fonts Plugin | Use Google Fonts, Adobe Fonts or Upload Fonts

olympus-google-fonts

The easiest to customize fonts in WordPress. Optimized for Speed. 1000+ font choices. Supports Google Fonts, Adobe Fonts and Upload Fonts.

200K 3 CVEs

Use Any Font | Custom Font Uploader

use-any-font

Upload custom fonts with custom font uploader. Auto converts to woff2 for better performance. Self-hosted, GDPR compliant, and easy custom font plugin

200K 4 CVEs

MainWP Child Reports

mainwp-child-reports

The MainWP Child Report plugin tracks changes to Child sites for the Pro Reports Extension.

100K 3 CVEs

Developer Profile

Hana FLV Extension Developer Profile

Andy Charrington

5 plugins · 900 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Hana FLV Extension

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/hana-flv-extension/js/hana_ext.js

Script Paths

/wp-content/plugins/hana-flv-extension/js/hana_ext.js

Version Parameters

hana-flv-extension/js/hana_ext.js?ver=

HTML / DOM Fingerprints

CSS Classes

hana_ext_flv_desc

HTML Comments

+2 more

Data Attributes

id="hana_video_url_sidebar"onClick='uploadFlv_sidebar()'id="hana_splash_image_url_sidebar"onClick='uploadImage_sidebar()'

JS Globals

uploadFlv_sidebaruploadImage_sidebar

Shortcode Output

<span class="hana_ext_flv_desc">

FAQ