Does Justified Gallery have any unpatched vulnerabilities?

No. All known vulnerabilities in Justified Gallery have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Justified Gallery compatible with WordPress 6.7.5?

According to WordPress.org data, Justified Gallery 1.10.0 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Justified Gallery compatible with PHP 5.4+?

Justified Gallery requires PHP 5.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Justified Gallery updated?

Justified Gallery was last updated on Jan 27, 2025. Frequent updates are generally a positive security signal.

What is Justified Gallery's security score?

Justified Gallery has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Justified Gallery Security & Risk Analysis

wordpress.org/plugins/justified-gallery

WordPress gallery plugin. Display WordPress galleries in a responsive justified image grid and a pretty lightbox.

9K active installs v1.10.0 PHP 5.4+ WP 4.6+ Updated Jan 27, 2025

best-gallery-plugingallery-gridgutenberg-blockjustified-gallerywordpress-gallery

A · Safe

CVEs total2

Unpatched0

Last CVEAug 10, 2023

Plugin page Download

Safety Verdict

Is Justified Gallery Safe to Use in 2026?

Generally Safe

Score 91/100

Justified Gallery has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Aug 10, 2023Updated 1yr ago

Risk Assessment

The 'justified-gallery' v1.10.0 plugin exhibits a mixed security posture. On the positive side, the static analysis reveals a very small attack surface with no unprotected entry points. SQL queries are all properly prepared, and output escaping is generally good at 89%. The plugin also implements nonce and capability checks on its AJAX handler and has no known unpatched vulnerabilities. However, the presence of a 'create_function' call is a significant concern as it's a deprecated and potentially insecure PHP function that can be abused to execute arbitrary code. While taint analysis shows no flows, the static code signal is a concrete risk that needs attention. The plugin's vulnerability history, with two medium-severity CVEs (one related to Missing Authorization and another to Cross-site Scripting), despite being patched, suggests a pattern of past security weaknesses that require ongoing vigilance. Overall, the plugin has made improvements in core security practices but the use of 'create_function' introduces a critical potential vulnerability that outweighs its strengths.

Key Concerns

Dangerous function used (create_function)
Past medium severity vulnerabilities
Bundled outdated library (Freemius v1.0)

Vulnerabilities

Justified Gallery Security Vulnerabilities

CVEs by Year

1 CVE in 2022

2022

1 CVE in 2023

2023

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2023-40213medium · 4.3Missing Authorization

Justified Gallery <= 1.7.3 - Missing Authorization via 'dismiss_how_to_use_notice' and 'dismiss_notice'

Aug 10, 2023 Patched in 1.8.0 (166d)

CVE-2022-4651medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Justified Gallery <= 1.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Dec 23, 2022 Patched in 1.7.1 (396d)

Code Analysis

Analyzed Mar 16, 2026

Justified Gallery Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

110 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_function$callback = create_function( '', 'echo "' . str_replace( '"', '\"', $section['desc'] ) . '";' );includes\admin\settings\SettingsApi.php:137

Bundled Libraries

Freemius1.0

Output Escaping

89% escaped124 total outputs

Attack Surface

Justified Gallery Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_dgwt_jg_dismiss_how_to_useincludes\admin\settings\Settings.php:51

WordPress Hooks 76

actionadmin_menuincludes\admin\admin.php:14

actionadmin_headincludes\admin\admin.php:15

actionadmin_initincludes\admin\Promo\FeedbackNotice.php:27

actionadmin_footerincludes\admin\Promo\FeedbackNotice.php:29

actionadmin_noticesincludes\admin\Promo\FeedbackNotice.php:115

actioncurrent_screenincludes\admin\Promo\Upgrade.php:17

actionadmin_footerincludes\admin\Promo\Upgrade.php:29

actionadmin_footerincludes\admin\Promo\Upgrade.php:30

actionadmin_initincludes\admin\settings\Settings.php:48

filterdgwt/jg/settings/option_valueincludes\admin\settings\Settings.php:50

filterdgwt/jg/settings/sectionsincludes\admin\settings\Settings.php:397

actionadmin_enqueue_scriptsincludes\admin\settings\SettingsApi.php:55

actionenqueue_block_editor_assetsincludes\Block.php:13

filtershow_admin_barincludes\Block.php:35

actiontemplate_redirectincludes\Block.php:37

filteruser_has_capincludes\Block.php:163

actioninitincludes\Conflicts.php:6

filterdgwt/jg/gallery/img/attsincludes\Conflicts.php:17

filterdgwt/jg/gallery/img/attsincludes\Conflicts.php:25

filterplugin_iconincludes\fs\config.php:33

actiontemplate_redirectincludes\Gallery.php:21

actionadmin_initincludes\Gallery.php:22

filterpost_galleryincludes\Gallery.php:26

actionwp_footerincludes\Gallery.php:32

actionadmin_footerincludes\Gallery.php:33

actionadmin_initincludes\Install.php:17

actionwp_footerincludes\Lightbox\Lightbox.php:43

actionwp_footerincludes\Lightbox\Lightbox.php:44

actionadmin_footerincludes\Lightbox\Lightbox.php:45

actionadmin_footerincludes\Lightbox\Lightbox.php:46

filterdgwt/jg/settings/lightboxincludes\Lightbox\Photoswipe\Admin.php:23

filterdgwt/jg/settings/promobox/id=promobox_photoswipeincludes\Lightbox\Photoswipe\Admin.php:24

filterdgwt/jg/gallery/html_img/lightbox=photoswipeincludes\Lightbox\Photoswipe\Admin.php:172

filterdgwt/jg/gallery/tile_atts/lightbox=photoswipeincludes\Lightbox\Photoswipe\Admin.php:199

filterdgwt/jg/gallery/link_atts/lightbox=photoswipeincludes\Lightbox\Photoswipe\Admin.php:225

actionwp_footerincludes\Lightbox\Photoswipe\Photoswipe.php:29

actionadmin_footerincludes\Lightbox\Photoswipe\Photoswipe.php:30

filterdgwt/jg/gallery/tile_atts/lightbox=photoswipeincludes\Lightbox\Photoswipe\Photoswipe.php:31

filterplugins_loadedincludes\Lightbox\Photoswipe\Photoswipe.php:37

filterdgwt/jg/settings/lightboxincludes\Lightbox\Swipebox\Admin.php:22

filterdgwt/jg/settings/lightbox/optionsincludes\Lightbox\Swipebox\Admin.php:24

filterdgwt/jg/settings/promobox/id=promobox_swipeboxincludes\Lightbox\Swipebox\Admin.php:33

filterdgwt/jg/gallery/html_img/lightbox=swipeboxincludes\Lightbox\Swipebox\Admin.php:173

filterdgwt/jg/gallery/link_atts/lightbox=swipeboxincludes\Lightbox\Swipebox\Admin.php:200

filterdgwt/jg/gallery/tile_atts/lightbox=swipeboxincludes\Lightbox\Swipebox\Swipebox.php:32

filterdgwt/jg/gallery/link_atts/lightbox=swipeboxincludes\Lightbox\Swipebox\Swipebox.php:38

filterplugins_loadedincludes\Lightbox\Swipebox\Swipebox.php:44

actionwp_footerincludes\RegisterScripts.php:14

actionwp_footerincludes\RegisterScripts.php:15

actionadmin_footerincludes\RegisterScripts.php:16

actionadmin_footerincludes\RegisterScripts.php:17

filterdgwt/jg/settings/tiles_styleincludes\TilesStyle\JGStandard\Admin.php:24

filterdgwt/jg/settings/promobox/id=promobox_ts_jg_standardincludes\TilesStyle\JGStandard\Admin.php:25

filterdgwt/jg/gallery/html_img/hover=standardincludes\TilesStyle\JGStandard\Admin.php:136

filterdgwt/jg/gallery/tile_caption/hover=standardincludes\TilesStyle\JGStandard\JGStandard.php:19

actiondgwt/jg/js/gallery/completeincludes\TilesStyle\JGStandard\JGStandard.php:25

filterdgwt/jg/settings/tiles_styleincludes\TilesStyle\Layla\Admin.php:24

filterdgwt/jg/settings/tiles_style/optionsincludes\TilesStyle\Layla\Admin.php:25

filterdgwt/jg/settings/promobox/id=promobox_ts_laylaincludes\TilesStyle\Layla\Admin.php:34

filterdgwt/jg/gallery/html_img/hover=laylaincludes\TilesStyle\Layla\Admin.php:171

filterdgwt/jg/gallery/tile_caption/hover=laylaincludes\TilesStyle\Layla\Layla.php:19

actionwp_footerincludes\TilesStyle\Layla\Layla.php:26

actionadmin_footerincludes\TilesStyle\Layla\Layla.php:27

filterdgwt/jg/settings/tiles_styleincludes\TilesStyle\Simple\Admin.php:24

filterdgwt/jg/settings/promobox/id=promobox_ts_simpleincludes\TilesStyle\Simple\Admin.php:25

filterdgwt/jg/gallery/html_img/hover=simpleincludes\TilesStyle\Simple\Admin.php:185

filterdgwt/jg/gallery/tile_caption/hover=simpleincludes\TilesStyle\Simple\Simple.php:19

actionwp_footerincludes\TilesStyle\Simple\Simple.php:26

actionadmin_footerincludes\TilesStyle\Simple\Simple.php:27

actionwp_footerincludes\TilesStyle\TilesStyle.php:46

actionwp_footerincludes\TilesStyle\TilesStyle.php:47

actionadmin_footerincludes\TilesStyle\TilesStyle.php:48

actionadmin_footerincludes\TilesStyle\TilesStyle.php:49

actioninitjustified-gallery.php:55

actionadmin_noticesjustified-gallery.php:84

actionadmin_enqueue_scriptsjustified-gallery.php:128

Maintenance & Trust

Justified Gallery Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 27, 2025

PHP min version5.4

Downloads178K

Community Trust

Rating98/100

Number of ratings205

Active installs9K

Alternatives

Justified Gallery Alternatives

Envira Gallery – Image Photo Gallery, Albums, Video Gallery, Slideshows & More

envira-gallery-lite

Envira Gallery is a fast, easy and powerful gallery builder with lightbox, masonry and grid layouts, albums, videos, and responsive displays and more

100K 10 CVEs

Gmedia Photo Gallery

grand-media

Gmedia Gallery - photo gallery with comments, show EXIF & Metadata, gallery with map geolocation (GPS), private galleries.

8K 1 unpatched

Spectra Gutenberg Blocks – Website Builder for the Block Editor

ultimate-addons-for-gutenberg

Power-up Gutenberg with advanced blocks for faster website creation. Build your WordPress website effortlessly using powerful building blocks!

1.0M 26 CVEs

Kadence Blocks — Page Builder Toolkit for Gutenberg Editor

kadence-blocks

20+ AI-powered Gutenberg Blocks with endless options, enabling top-notch efficiency for high-performance dynamic website creation.

600K 31 CVEs

Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery

nextgen-gallery

The most popular gallery plugin that lets you create galleries and albums in seconds.

400K 37 CVEs

Developer Profile

Justified Gallery Developer Profile

Damian Góra

4 plugins · 111K total installs

trust score

Avg Security Score

89/100

Avg Patch Time

282 days

View full developer profile

Detection Fingerprints

How We Detect Justified Gallery

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/justified-gallery/assets/css/admin-style.css/wp-content/plugins/justified-gallery/assets/js/admin.js

Script Paths

/wp-content/plugins/justified-gallery/assets/js/admin.js

Version Parameters

justified-gallery/assets/css/admin-style.css?ver=justified-gallery/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

dgwt-jg-admin-style

Data Attributes

dgwt_jg_settings

JS Globals

DGWT_JG_Helpers

FAQ

Justified Gallery Security & Risk Analysis

Is Justified Gallery Safe to Use in 2026?

Generally Safe

Key Concerns

Justified Gallery Security Vulnerabilities

CVEs by Year

Severity Breakdown

Justified Gallery Code Analysis

Dangerous Functions Found

Bundled Libraries

Output Escaping

Justified Gallery Attack Surface

AJAX Handlers 1

Justified Gallery Maintenance & Trust

Maintenance Signals

Community Trust

Justified Gallery Alternatives

Envira Gallery – Image Photo Gallery, Albums, Video Gallery, Slideshows & More

Gmedia Photo Gallery

Spectra Gutenberg Blocks – Website Builder for the Block Editor

Kadence Blocks — Page Builder Toolkit for Gutenberg Editor

Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery

Justified Gallery Developer Profile

How We Detect Justified Gallery

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Justified Gallery