Media Tagz Gallery Security & Risk Analysis
wordpress.org/plugins/media-tags-galleryMedia Tagz Gallery extends the Media Tags plugin to provide a simple, lightweight image gallery
Is Media Tagz Gallery Safe to Use in 2026?
Generally Safe
Score 85/100Media Tagz Gallery has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The media-tags-gallery plugin v1.1 presents a mixed security posture. On the positive side, it demonstrates good practices regarding SQL queries, exclusively using prepared statements, and it has no history of known vulnerabilities (CVEs). The absence of file operations and external HTTP requests further reduces potential attack vectors. However, significant concerns arise from its attack surface and handling of user input. The plugin exposes five AJAX handlers without any authentication checks, creating a substantial risk of unauthorized access and potential manipulation of functionality. Furthermore, taint analysis revealed two flows with unsanitized paths, indicating potential vulnerabilities if these paths are influenced by user-controlled input, although no critical or high severity issues were flagged. The low percentage of properly escaped output (10%) is also a concern, potentially leading to cross-site scripting (XSS) vulnerabilities if sensitive data is displayed without proper sanitization.
Key Concerns
- 5 AJAX handlers without authentication checks
- 2 flows with unsanitized paths
- Only 10% of outputs properly escaped
- No nonce checks on AJAX handlers
- No capability checks on AJAX handlers
Media Tagz Gallery Security Vulnerabilities
Media Tagz Gallery Code Analysis
Output Escaping
Data Flow Analysis
Media Tagz Gallery Attack Surface
AJAX Handlers 5
Shortcodes 3
WordPress Hooks 4
Maintenance & Trust
Media Tagz Gallery Maintenance & Trust
Maintenance Signals
Community Trust
Media Tagz Gallery Alternatives
Smash Balloon Social Photo Feed – Easy Social Feeds Plugin
instagram-feed
Formerly "Instagram Feed". Display clean, customizable, and responsive Instagram feeds from multiple accounts. Supports Instagram oEmbeds.
WPZOOM Social Feed Widget & Block
instagram-widget-by-wpzoom
Instagram feed plugin for WordPress: Display your Instagram photos, videos & reels. Easy setup with Gutenberg block, widget, shortcode & Elementor
Easy Social Feed – Social Photos Gallery and Post Feed for WordPress
easy-facebook-likebox
Display Instagram, Facebook & YouTube feeds with photos, videos, reels, events & galleries. Fast, responsive & easy to set up.
Widgets for Social Photo Feed
social-photo-feed-widget
Instagram Feed Widgets. Display your Instagram feed on your website to increase engagement, sales and SEO.
Gutena PhotoFeed
photofeed-block-by-gutena
Gutena PhotoFeed is a free and simple plugin for WordPress that allows you to display your Instagram photos in a gallery. You can set the number of co …
Media Tagz Gallery Developer Profile
1 plugin · 10 total installs
How We Detect Media Tagz Gallery
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/media-tags-gallery/css/bootstrapmodal.css/wp-content/plugins/media-tags-gallery/js/bootstrap-modal.min.js/wp-content/plugins/media-tags-gallery/js/load-tagz-modal-ajax.js/wp-content/plugins/media-tags-gallery/js/load-tagz-media-ajax.js/wp-content/plugins/media-tags-gallery/js/bootstrap-modal.min.js/wp-content/plugins/media-tags-gallery/js/load-tagz-modal-ajax.js/wp-content/plugins/media-tags-gallery/js/load-tagz-media-ajax.jsHTML / DOM Fingerprints
modal-dialogmodal-contentmodal-headermodal-titlemodal-bodymodal-footermodal-captionmodal-link+7 moredata-dismissdata-titledata-isodata-shutterdata-apertureloadtagzmodalObjloadtagzmediaObj[tagz-album]