Does Movie Discovery have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Movie Discovery compatible with WordPress 4.0.38?

According to WordPress.org data, Movie Discovery 1.0.1 has been tested up to WordPress 4.0.38. Check the plugin's changelog for the latest compatibility information.

How often is Movie Discovery updated?

Movie Discovery was last updated on Sep 16, 2014. Frequent updates are generally a positive security signal.

What is Movie Discovery's security score?

Movie Discovery has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Movie Discovery Security & Risk Analysis

wordpress.org/plugins/movie-discovery

Movie Discovery is a system that helps website owners offer their users professional, award winning movies on topics related to the websites articles …

10 active installs v1.0.1 PHP + WP 3.7+ Updated Sep 16, 2014

filmdiyindie-moviesmoviemovie-discoverymovies

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Movie Discovery Safe to Use in 2026?

Generally Safe

Score 85/100

Movie Discovery has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The 'movie-discovery' plugin v1.0.1 exhibits a generally good security posture concerning its known vulnerability history. The absence of any recorded CVEs suggests a history of responsible development and maintenance. Static analysis reveals a very small attack surface, with only one shortcode and no AJAX handlers or REST API routes to exploit. Furthermore, the plugin utilizes prepared statements for its single SQL query, which is a positive sign. However, there are notable concerns raised by the static analysis. The low percentage of properly escaped output (33%) is a significant weakness, indicating potential for Cross-Site Scripting (XSS) vulnerabilities. The taint analysis also reveals four flows with unsanitized paths, which, while not classified as critical or high, still represent a risk of data being processed without adequate validation. The lack of nonce and capability checks on its entry points, though the attack surface is small, is another area for improvement as it bypasses standard WordPress security mechanisms.

Key Concerns

Low output escaping percentage
Unsanitized paths in taint analysis
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Movie Discovery Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Movie Discovery Release Timeline

v1.0.1Current

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

Movie Discovery Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

TinyMCE

SQL Query Safety

100% prepared1 total queries

Output Escaping

33% escaped6 total outputs

Data Flows · Security

4 unsanitized

Data Flow Analysis

4 flows4 with unsanitized paths

md_show_admin_settings (admin/views/admin.php:70)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Movie Discovery Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[md] public/class-movie-discovery.php:64

WordPress Hooks 11

actionadmin_enqueue_scriptsadmin/class-movie-discovery-admin.php:49

actionadmin_enqueue_scriptsadmin/class-movie-discovery-admin.php:50

actionadmin_menuadmin/class-movie-discovery-admin.php:53

filtermce_buttonsadmin/class-movie-discovery-admin.php:61

filtermce_external_pluginsadmin/class-movie-discovery-admin.php:63

actionplugins_loadedmovie-discovery.php:72

actionplugins_loadedmovie-discovery.php:81

actioninitpublic/class-movie-discovery.php:55

actionwpmu_new_blogpublic/class-movie-discovery.php:58

actionwp_enqueue_scriptspublic/class-movie-discovery.php:61

actionwp_enqueue_scriptspublic/class-movie-discovery.php:62

Maintenance & Trust

Movie Discovery Maintenance & Trust

Maintenance Signals

WordPress version tested4.0.38

Last updatedSep 16, 2014

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Movie Discovery Alternatives

MAS Videos

masvideos

MAS Videos is a free plugin that allows you to to create and list movies, videos and TV shows.

1K 1 unpatched

My Movie Database

my-movie-database

My Movie Database allows you to easily add detailed information about movies, tv shows and people you choose. The data comes from the Movie Database ( …

200 No CVEs

JustWatch – Partner Integrations

justwatch-partner-integrations

100

Connect your audience to the best streaming services worldwide.

50 No CVEs

UnGallery

ungallery

Publish thousands of pictures in WordPress, in minutes.

30 1 unpatched

DOGO Content Widget

dogo-content-widget

A widget to display thumbnails and titles of the latest DOGOnews, DOGObooks, and DOGOmovies reviews via RSS.

10 No CVEs

Developer Profile

Movie Discovery Developer Profile

flymke

2 plugins · 1K total installs

trust score

Avg Security Score

88/100

Avg Patch Time

348 days

View full developer profile

Detection Fingerprints

How We Detect Movie Discovery

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/movie-discovery/assets/css/admin.css/wp-content/plugins/movie-discovery/assets/js/admin.js/wp-content/plugins/movie-discovery/assets/js/tinymce-plugin.js

Version Parameters

movie-discovery/assets/css/admin.css?ver=movie-discovery/assets/js/admin.js?ver=movie-discovery/assets/js/tinymce-plugin.js?ver=

HTML / DOM Fingerprints

HTML Comments

Data Attributes

data-movie-discovery-id

JS Globals

window.MovieDiscovery

Shortcode Output

<div class="movie-discovery-widget"><div class="movie-discovery-shortcode">

FAQ