WP-Safety

liveTV Bundle Security & Risk Analysis

wordpress.org/plugins/livetv-bundle

LiveTV Bundle for WordPress. Live stream plugin for wordpress compatible with own3d.tv, twitch.tv, justin.tv

10 active installs v1.3.1.3 PHP + WP + Updated Oct 27, 2012
gamerlivestreamlivestreams
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is liveTV Bundle Safe to Use in 2026?

Generally Safe

Score 85/100

liveTV Bundle has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago
Risk Assessment

The "livetv-bundle" v1.3.1.3 plugin exhibits a mixed security posture. While it boasts no known CVEs and a good percentage of its SQL queries use prepared statements, several concerning code signals and taint analysis results warrant attention. The presence of `create_function` is a direct red flag, as this function is deprecated and known to be a potential source of code injection vulnerabilities if not handled with extreme care. Furthermore, the taint analysis revealing 5 out of 6 flows with unsanitized paths, including two of high severity, indicates a significant risk of data manipulation or unauthorized access if user-supplied data is not properly validated and sanitized before use in sensitive operations. The lack of nonce checks and the limited number of capability checks on potential entry points are also weaknesses. The absence of historical vulnerabilities could suggest either diligent security practices in the past or simply a lack of discovery. Overall, while the plugin has some strengths in its query preparation, the high number of unsanitized taint flows and the use of `create_function` present a notable risk that requires mitigation.

Key Concerns

  • High severity unsanitized taint flow
  • Use of dangerous function 'create_function'
  • Unsanitized path in taint flow
  • No nonce checks
Vulnerabilities
None known

liveTV Bundle Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

liveTV Bundle Code Analysis

Dangerous Functions
1
Raw SQL Queries
2
10 prepared
Unescaped Output
39
74 escaped
Nonce Checks
0
Capability Checks
7
File Operations
6
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

create_functionadd_action( 'widgets_init', create_function( '', 'register_widget( "livetv_widget" );' ) );plugin-livetv-display-widget.php:144

SQL Query Safety

83% prepared12 total queries

Output Escaping

65% escaped113 total outputs
Data Flows
5 unsanitized

Data Flow Analysis

6 flows5 with unsanitized paths
livetv_do_admin_page_level_livestream_page (page-admin\page-admin-livetreams.php:40)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

liveTV Bundle Attack Surface

Entry Points3
Unprotected0

Shortcodes 3

[LivesOnline] page-frontend\page-livetreams.php:32
[liveTVChat] plugin-livetv-display-irc.php:42
[livestream] plugin-livetv-shortcode.php:41
WordPress Hooks 10
actionlivetv_add_submenu_pagepage-admin\page-admin-livetreams.php:36
actionedit_user_profilepage-admin\page-admin-livetreams.php:717
actionedit_user_profile_updatepage-admin\page-admin-livetreams.php:719
actionshow_user_profilepage-admin\page-admin-livetreams.php:722
actionpersonal_options_updatepage-admin\page-admin-livetreams.php:724
actionprofile_personal_optionspage-admin\page-admin-livetreams.php:730
actionlivetv_add_submenu_pagepage-admin\page-admin-shortcode.php:38
actionlivetv_scheduleplugin-livetv-display-lives.php:242
actionwidgets_initplugin-livetv-display-widget.php:144
actionadmin_menuplugin-livetv-fork.php:50

Scheduled Events 1

livetv_schedule
Maintenance & Trust

liveTV Bundle Maintenance & Trust

Maintenance Signals

WordPress version tested3.4.2
Last updatedOct 27, 2012
PHP min version
Downloads12K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

liveTV Bundle Alternatives

Livestream Embedder

Livestream Embedder

livestream-embedder

A
92

Embeds a YouTube live stream or the most recent video from a channel using a simple shortcode.

30 No CVEs
Castio.live – WordPress Live Streaming (HLS) + Real‑Time Chat

Castio.live – WordPress Live Streaming (HLS) + Real‑Time Chat

castio-live

A
100

WordPress live streaming via browser-based HLS. Go live from the admin—no OBS, no RTMP, no external services. Auto viewer page with HLS player and bui …

20 No CVEs
Bait Stream for Twitch TV

Bait Stream for Twitch TV

bait-stream

A
100

Alert visitors to your live Twitch stream with an unobtrusive popup alert. Please note - this plugin will ONLY display an alert when your Twitch.

10 No CVEs
Energy Search

Energy Search

energy-search

A
85

A Pokemon TCG plugin for Wordpress!

10 No CVEs
Kw LiveStream Plugin

Kw LiveStream Plugin

kw-livestream-plugin

A
85

A simple plugin for streaming (live tv) with livestream.com and shortcode with WordPress. Multiple livestream possibility

10 No CVEs
Developer Profile

liveTV Bundle Developer Profile

leaklords

7 plugins · 70 total installs

88
trust score
Avg Security Score
91/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect liveTV Bundle

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/livetv-bundle/css/page-livetreams.css/wp-content/plugins/livetv-bundle/css/page-livetreams-hook.css/wp-content/plugins/livetv-bundle/css/page-livetreams-3col.css/wp-content/plugins/livetv-bundle/css/widget-off.css/wp-content/plugins/livetv-bundle/css/jquery.qtip.min.css/wp-content/plugins/livetv-bundle/js/frontend.js/wp-content/plugins/livetv-bundle/js/jquery.qtip-1.0.0-rc3.min.js/wp-content/plugins/livetv-bundle/js/jscolor.js+3 more
Script Paths
/wp-content/plugins/livetv-bundle/js/frontend.js/wp-content/plugins/livetv-bundle/js/jquery.qtip-1.0.0-rc3.min.js/wp-content/plugins/livetv-bundle/js/jscolor.js/wp-content/plugins/livetv-bundle/js/switcher-draggable.js/wp-content/plugins/livetv-bundle/js/jPages.min.js/wp-content/plugins/livetv-bundle/js/jquery.qtip.min.js
Version Parameters
/wp-content/plugins/livetv-bundle/css/page-livetreams.css?ver=/wp-content/plugins/livetv-bundle/css/page-livetreams-hook.css?ver=/wp-content/plugins/livetv-bundle/css/page-livetreams-3col.css?ver=/wp-content/plugins/livetv-bundle/css/widget-off.css?ver=/wp-content/plugins/livetv-bundle/css/jquery.qtip.min.css?ver=/wp-content/plugins/livetv-bundle/js/frontend.js?ver=/wp-content/plugins/livetv-bundle/js/jquery.qtip-1.0.0-rc3.min.js?ver=/wp-content/plugins/livetv-bundle/js/jscolor.js?ver=/wp-content/plugins/livetv-bundle/js/switcher-draggable.js?ver=/wp-content/plugins/livetv-bundle/js/jPages.min.js?ver=/wp-content/plugins/livetv-bundle/js/jquery.qtip.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
livetv-irc-wraplivetv-irc-contentlivetv-info
HTML Comments
<!-- Main jquery --><!--Slider effect--><!--Qtip bubble dialog--><!--Draggable-->+3 more
Data Attributes
data-channeldata-widthdata-height
JS Globals
livetv_plugin_irc_activatelivetv_slidelivetv_colorlivetv_qtip
Shortcode Output
<div class="livetv-irc-wrap"<div class="livetv-irc-content"<iframe height<iframe width
FAQ

Frequently Asked Questions about liveTV Bundle