Does Music Press Playlist have any unpatched vulnerabilities?

No. All known vulnerabilities in Music Press Playlist have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Music Press Playlist compatible with WordPress 4.9.29?

According to WordPress.org data, Music Press Playlist 1.0 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is Music Press Playlist updated?

Music Press Playlist was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Music Press Playlist's security score?

Music Press Playlist has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Music Press Playlist Security & Risk Analysis

wordpress.org/plugins/music-press-quick-playlist

Music Press Playlist - Helps you easy create playlist and display one or more playlist per page

20 active installs v1.0 PHP + WP 4.7+ Updated Unknown

audioaudio-storemusicmusic-managermusic-store

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Music Press Playlist Safe to Use in 2026?

Generally Safe

Score 100/100

Music Press Playlist has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "music-press-quick-playlist" v1.0 plugin presents a significant security risk due to a large number of unprotected AJAX handlers. While the plugin utilizes prepared statements for SQL queries and has no recorded vulnerability history, the absence of authentication and authorization checks on 10 out of 10 AJAX endpoints creates a wide attack surface. Attackers could potentially exploit these endpoints to perform unauthorized actions or manipulate plugin functionality.

The static analysis also revealed the use of the `unserialize` function, which is inherently risky if the data being unserialized comes from an untrusted source. Although no critical or high severity taint flows were identified, the potential for unserialize vulnerabilities still exists if data originates from user input. The plugin's output escaping is also a concern, with only 51% properly escaped, leaving room for potential cross-site scripting (XSS) vulnerabilities.

Overall, while the lack of historical vulnerabilities is a positive indicator, the current implementation has critical security weaknesses in its AJAX handling and output sanitization. The presence of `unserialize` further amplifies the risk. A strong emphasis should be placed on securing these entry points before any further deployment.

Key Concerns

Unprotected AJAX handlers
Use of unserialize function
Low percentage of properly escaped output
Missing nonce checks on AJAX
Missing capability checks on AJAX

Vulnerabilities

None known

Music Press Playlist Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Music Press Playlist Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

78 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$mpqp_song_arr = unserialize($songs_string);includes\music-press-quick-playlist-core-functions.php:14

unserialize$mpqp_songs_array = unserialize($mpqp_songs_string);includes\process\all-playlist.php:141

unserialize$mpqp_songs_array = unserialize($mpqp_songs_string);includes\process\all-playlist.php:227

SQL Query Safety

100% prepared3 total queries

Output Escaping

51% escaped154 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

mpqp_image_save (includes\admin\process\ajax_process.php:5)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

10 unprotected

Music Press Playlist Attack Surface

Entry Points11

Unprotected10

AJAX Handlers 10

authwp_ajax_mpqp_image_saveincludes\admin\process\ajax_process.php:3

noprivwp_ajax_mpqp_image_saveincludes\admin\process\ajax_process.php:4

noprivwp_ajax_mpqp_playlistincludes\admin\process\ajax_process.php:47

authwp_ajax_mpqp_playlistincludes\admin\process\ajax_process.php:48

noprivwp_ajax_mpqp_filterincludes\admin\process\ajax_process.php:88

authwp_ajax_mpqp_filterincludes\admin\process\ajax_process.php:89

authwp_ajax_music_press_single_deleteincludes\admin\process\ajax_process.php:181

noprivwp_ajax_music_press_single_deleteincludes\admin\process\ajax_process.php:182

authwp_ajax_music_press_replaceincludes\admin\process\ajax_process.php:204

noprivwp_ajax_music_press_replaceincludes\admin\process\ajax_process.php:205

Shortcodes 1

[music_press_quick_playlist] includes\shortcode\music-press-quick-playlist-shortcode.php:200

WordPress Hooks 3

actionadmin_menuincludes\classes\class-settings.php:10

actionplugins_loadedmusic-press-quick-playlist.php:26

actionadmin_enqueue_scriptsmusic-press-quick-playlist.php:91

Maintenance & Trust

Music Press Playlist Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedUnknown

PHP min version

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

Music Press Playlist Alternatives

Music Store – WordPress eCommerce

music-store

Music Store, online store for selling audio files (Ex. music, speeches, narratives), that supports PayPal, Stripe, Square, and other payment gateways.

300 4 CVEs

Really Simple Featured Audio – Sell Music, Samples & Audio Products with WooCommerce

really-simple-featured-audio

100

Turn your WooCommerce store into a professional audio marketplace. Perfect for selling music samples, audiobooks, and podcasts with audio previews.

10 No CVEs

MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar

mp3-music-player-by-sonaar

The most advanced Audio Player for Music & Podcast. For Elementor, Gutenberg, WooCommerce and more. Add unlimited players to any pages!

20K 13 CVEs

Music Player for Elementor – Audio Player & Podcast Player

music-player-for-elementor

Audio Player for Elementor – the go-to plugin for adding MP3s, podcasts & playlists. Fully customizable, WooCommerce-ready, and mobile-friendly.

10K 2 CVEs

Cue by AudioTheme.com

cue

Delightful and reliable audio playlists.

6K 1 CVE

Developer Profile

Music Press Playlist Developer Profile

tuyennv

7 plugins · 1K total installs

trust score

Avg Security Score

82/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Music Press Playlist

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/music-press-quick-playlist/assets/css/admin.css/wp-content/plugins/music-press-quick-playlist/assets/js/ajaxprocess.js/wp-content/plugins/music-press-quick-playlist/assets/js/jquery.autocomplete.min.js

Script Paths

/wp-content/plugins/music-press-quick-playlist/assets/js/ajaxprocess.js/wp-content/plugins/music-press-quick-playlist/assets/js/jquery.autocomplete.min.js

HTML / DOM Fingerprints

CSS Classes

mp_playlistjp-videojp-video-270pjp-type-playlistjp-playlist-headjp-jplayerjp-guijp-video-play+14 more

Data Attributes

role="application"aria-label="media player"role="button"tabindex="0"

JS Globals

mpqp_url_init

Shortcode Output

<div class="mp_playlist all"><div id="jquery_jplayer_N_" class="jp-video jp-video-270p"<div class="jp-type-playlist">

FAQ