Does TechGasp Photo Master have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is TechGasp Photo Master compatible with WordPress 5.7.15?

According to WordPress.org data, TechGasp Photo Master 5.1.4 has been tested up to WordPress 5.7.15. Check the plugin's changelog for the latest compatibility information.

How often is TechGasp Photo Master updated?

TechGasp Photo Master was last updated on Mar 11, 2021. Frequent updates are generally a positive security signal.

What is TechGasp Photo Master's security score?

TechGasp Photo Master has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

TechGasp Photo Master Security & Risk Analysis

wordpress.org/plugins/instagram-master

TechGasp Photo Master let's your show your latest Instagram photos and View on Instagram Button inside any widget position.

20 active installs v5.1.4 PHP + WP 3.5+ Updated Mar 11, 2021

instagramphotopicturesharingtechgasp

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is TechGasp Photo Master Safe to Use in 2026?

Generally Safe

Score 85/100

TechGasp Photo Master has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The "instagram-master" plugin v5.1.4 exhibits a mixed security posture. While the static analysis reveals a very small attack surface with no apparent direct entry points like AJAX handlers, REST API routes, or shortcodes, and all SQL queries use prepared statements, significant concerns arise from the output escaping and taint analysis. The complete absence of output escaping (0% properly escaped) is a critical vulnerability, exposing users to cross-site scripting (XSS) attacks whenever plugin output is rendered. Furthermore, the taint analysis shows two flows with unsanitized paths, although they are not classified as critical or high severity, this still indicates potential for unintended data handling. The lack of any recorded vulnerability history, while seemingly positive, could also suggest a lack of rigorous security auditing or a platform that hasn't been targeted, rather than inherent security. Overall, the lack of output escaping is a severe weakness that overshadows the otherwise clean code in terms of SQL and the minimal attack surface.

Key Concerns

Output escaping is completely missing
Taint flows with unsanitized paths
No capability checks implemented
No nonce checks implemented

Vulnerabilities

None known

TechGasp Photo Master Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

TechGasp Photo Master Release Timeline

v5.1.4Current

v5.1.1

v5.1.0

v5.0.17

v5.0.14

v5.0.12

v5.0.11

v5.0.10

v5.0.9

v5.0.8

v5.0.6

v5.0.5

v5.0.4

v5.0

v4.4.5

v4.4.4

v4.4.3

v4.4.2.6

v4.4.2.5

v4.4.2.4

Code Analysis

Analyzed Mar 16, 2026

TechGasp Photo Master Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

107

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped107 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

display (includes\instagram-master-admin-settings-wide-table-options.php:10)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

TechGasp Photo Master Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 10

actionadmin_menuincludes\instagram-master-admin-addons.php:39

actionadmin_menuincludes\instagram-master-admin-addons.php:42

actionnetwork_admin_menuincludes\instagram-master-admin.php:10

actionadmin_menuincludes\instagram-master-admin.php:11

actionadmin_menuincludes\instagram-master-admin.php:14

actionwidgets_initincludes\instagram-master-widget-buttons.php:3

actionwidgets_initincludes\instagram-master-widget-embed-basic.php:3

actionwp_enqueue_scriptsincludes\instagram-master-widget-embed-basic.php:8

filterthe_contentinstagram-master.php:54

filterplugin_action_linksinstagram-master.php:55

Maintenance & Trust

TechGasp Photo Master Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15

Last updatedMar 11, 2021

PHP min version

Downloads37K

Community Trust

Rating50/100

Number of ratings13

Active installs20

Alternatives

TechGasp Photo Master Alternatives

Smash Balloon Social Photo Feed – Easy Social Feeds Plugin

instagram-feed

Formerly "Instagram Feed". Display clean, customizable, and responsive Instagram feeds from multiple accounts. Supports Instagram oEmbeds.

1.0M 4 CVEs

WPZOOM Social Feed Widget & Block

instagram-widget-by-wpzoom

100

Instagram feed plugin for WordPress: Display your Instagram photos, videos & reels. Easy setup with Gutenberg block, widget, shortcode & Elementor

60K 1 CVE

Easy Watermark

easy-watermark

Allows to add watermark to images automatically on upload or manually.

40K 1 CVE

FancyBox for WordPress

fancybox-for-wordpress

Seamlessly integrates FancyBox lightbox into your WordPress blog: Upload, activate, and you're done. Additional configuration optional.

40K 3 CVEs

Easy Social Feed – Social Photos Gallery and Post Feed for WordPress

easy-facebook-likebox

Display Instagram, Facebook & YouTube feeds with photos, videos, reels, events & galleries. Fast, responsive & easy to set up.

30K 10 CVEs

Developer Profile

TechGasp Photo Master Developer Profile

TechGasp

20 plugins · 3K total installs

trust score

Avg Security Score

86/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect TechGasp Photo Master

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/instagram-master/includes/instagram-master-admin.php/wp-content/plugins/instagram-master/includes/instagram-master-admin-addons.php/wp-content/plugins/instagram-master/includes/instagram-master-widget-buttons.php/wp-content/plugins/instagram-master/includes/instagram-master-widget-embed-basic.php

Script Paths

https://www.instagram.com/embed.js

Version Parameters

instagram-master/style.css?ver=instagram-master/js/admin-script.js?ver=instagram-master/js/admin-addons.js?ver=instagram-master/js/widget-buttons-script.js?ver=

HTML / DOM Fingerprints

CSS Classes

Instagram Master Basic Responsive Embed

HTML Comments

Copyright 2013 TechGasp (email : info@techgasp.com)This program is free software; you can redistribute it and/or modifyThis program is distributed in the hope that it will be useful,You should have received a copy of the GNU General Public License+14 more

Data Attributes

data-instgrm-captioneddata-instgrm-permalinkdata-instgrm-versionid="instagram_master_widget_embed_basic"name="instagram_master_widget_embed_basic"classname="Instagram Master Basic Responsive Embed"

JS Globals

instagram_master_widget_embed_basic

Shortcode Output

<blockquote class="instagram-media"

FAQ