Does Iframely – WP media embeds, cards and blocks have any unpatched vulnerabilities?

No. All known vulnerabilities in Iframely – WP media embeds, cards and blocks have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Iframely – WP media embeds, cards and blocks compatible with WordPress 6.8.5?

According to WordPress.org data, Iframely – WP media embeds, cards and blocks 1.1.6 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Iframely – WP media embeds, cards and blocks compatible with PHP 7.4+?

Iframely – WP media embeds, cards and blocks requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Iframely – WP media embeds, cards and blocks updated?

Iframely – WP media embeds, cards and blocks was last updated on Aug 8, 2025. Frequent updates are generally a positive security signal.

What is Iframely – WP media embeds, cards and blocks's security score?

Iframely – WP media embeds, cards and blocks has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Iframely – WP media embeds, cards and blocks Security & Risk Analysis

wordpress.org/plugins/iframely

Iframely cloud extends WordPress embeds with customizable embed blocks for over 1900 rich media publishers. For the rest of the Internet, Iframely sho …

2K active installs v1.1.6 PHP 7.4+ WP 5.8+ Updated Aug 8, 2025

facebookgutenberginstagramtwitteryoutube

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Iframely – WP media embeds, cards and blocks Safe to Use in 2026?

Generally Safe

Score 100/100

Iframely – WP media embeds, cards and blocks has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago

Risk Assessment

The iframely plugin v1.1.6 exhibits a generally good security posture based on the provided static analysis. The absence of known CVEs and a clean vulnerability history suggest a well-maintained codebase. The plugin also demonstrates strong adherence to several security best practices, including the complete use of prepared statements for SQL queries and the presence of nonce and capability checks, which significantly reduce the risk of common web attacks.

However, there are areas for improvement. A notable concern is the low percentage of properly escaped output (13%). This could potentially lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not handled meticulously before being displayed. While the attack surface is small and appears to be protected, the lack of taint analysis data is a limitation, as it prevents a thorough assessment of potential data flow vulnerabilities. The single external HTTP request should also be monitored, though it's not inherently a risk without further context.

Overall, iframely v1.1.6 is a relatively secure plugin, with its main weakness lying in output escaping. The plugin's history of no vulnerabilities is a strong positive indicator. Addressing the output escaping concerns and potentially incorporating more comprehensive taint analysis in future audits would further solidify its security.

Key Concerns

Low output escaping percentage

Vulnerabilities

None known

Iframely – WP media embeds, cards and blocks Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Iframely – WP media embeds, cards and blocks Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

13% escaped16 total outputs

Attack Surface

Iframely – WP media embeds, cards and blocks Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[iframely] app\Embed\Shortcode.php:9

WordPress Hooks 27

filteroembed_fetch_urlapp\Embed\Amp.php:13

filterembed_oembed_htmlapp\Embed\Amp.php:14

filteramp_content_embed_handlersapp\Embed\Amp.php:15

filterthe_contentapp\Embed\Amp.php:40

filterembed_defaultsapp\Embed\Cache.php:12

filteroembed_ttlapp\Embed\Cache.php:14

filterthe_content_feedapp\Embed\Feed.php:10

filterembed_defaultsapp\Embed\Feed.php:15

actionplugins_loadedapp\Embed\Gutenberg.php:13

filteroembed_fetch_urlapp\Embed\Gutenberg.php:20

filteroembed_default_widthapp\Embed\Gutenberg.php:28

filteroembed_request_post_idapp\Embed\Gutenberg.php:29

actionenqueue_block_editor_assetsapp\Embed\Gutenberg.php:32

filterembed_defaultsapp\Embed\Gutenberg.php:37

filteroembed_fetch_urlapp\Embed\Gutenberg.php:38

filteroembed_resultapp\Embed\Gutenberg.php:39

filteroembed_providersapp\Embed\Oembed.php:19

filterpre_oembed_resultapp\Embed\Oembed.php:22

filteroembed_fetch_urlapp\Embed\Oembed.php:29

actioninitapp\Plugin.php:14

actionnetwork_admin_noticesapp\UI\Notice.php:12

actionadmin_noticesapp\UI\Notice.php:14

actionnetwork_admin_menuapp\UI\Settings.php:17

actionadmin_menuapp\UI\Settings.php:18

actionadmin_initapp\UI\Settings.php:21

actionadmin_enqueue_scriptsapp\UI\Settings.php:24

actionenqueue_block_editor_assetsapp\UI\Settings.php:25

Maintenance & Trust

Iframely – WP media embeds, cards and blocks Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 8, 2025

PHP min version7.4

Downloads121K

Community Trust

Rating74/100

Number of ratings11

Active installs2K

Alternatives

Iframely – WP media embeds, cards and blocks Alternatives

All in one Social Feeds

all-in-one-social-feeds

100

This plugin helps to display latest feeds from facebook, twitter,instagram, pinterest and youtube with tabs using a widget.

20 No CVEs

Feed Them Social – Social Media Feeds, Video, and Photo Galleries

feed-them-social

Custom social media feeds for Instagram, Facebook, TikTok, & YouTube. Works with Elementor, Beaver Builder, and Gutenberg blocks.

20K 12 CVEs

Social Slider Feed

instagram-slider-widget

Display Instagram, Facebook and YouTube feeds in widgets, posts, pages, or anywhere else on your website.

20K 10 CVEs

Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds

tagembed-widget

Collect & Embed Instagram Feed, Embed Facebook Feed, Embed YouTube Videos, Embed Twitter Feed, Google Reviews & 15+ Social Media Feed on website.

10K 2 CVEs

Curator.io

curatorio

Aggregate and embed your social media posts on your site (Facebook, Twitter, Instagram, Pinterest and many more) as a beautiful social media feed.

2K 2 CVEs

Developer Profile

Iframely – WP media embeds, cards and blocks Developer Profile

Petermann

3 plugins · 12K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Iframely – WP media embeds, cards and blocks

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/iframely/admin.css/wp-content/plugins/iframely/index.css/wp-content/plugins/iframely/index.js

Script Paths

https://if-cdn.com/embed.jshttps://if-cdn.com/options.js

Version Parameters

ver=1.1.6

HTML / DOM Fingerprints

CSS Classes

iframely-settings

Data Attributes

data-iframely-widthdata-iframely-height

JS Globals

window.iframely_api_keywindow.iframely_settingswindow.iframely_url_params

FAQ