Does Video Gallery YouTube Vimeo have any unpatched vulnerabilities?

No. All known vulnerabilities in Video Gallery YouTube Vimeo have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Video Gallery YouTube Vimeo compatible with WordPress 6.9.4?

According to WordPress.org data, Video Gallery YouTube Vimeo 1.6.5 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Video Gallery YouTube Vimeo compatible with PHP 7.0+?

Video Gallery YouTube Vimeo requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Video Gallery YouTube Vimeo updated?

Video Gallery YouTube Vimeo was last updated on Feb 16, 2026. Frequent updates are generally a positive security signal.

What is Video Gallery YouTube Vimeo's security score?

Video Gallery YouTube Vimeo has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Video Gallery YouTube Vimeo Security & Risk Analysis

wordpress.org/plugins/new-video-gallery

Create responsive YouTube and Vimeo video galleries with custom layouts, lightbox display, and easy shortcode embedding.

1K active installs v1.6.5 PHP 7.0+ WP 5.0+ Updated Feb 16, 2026

responsive-videovideo-galleryvideo-playervimeo-galleryyoutube-gallery

A · Safe

CVEs total1

Unpatched0

Last CVEMay 3, 2024

Plugin page Download

Safety Verdict

Is Video Gallery YouTube Vimeo Safe to Use in 2026?

Generally Safe

Score 99/100

Video Gallery YouTube Vimeo has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: May 3, 2024Updated 1mo ago

Risk Assessment

The "new-video-gallery" v1.6.5 plugin exhibits a generally good security posture with a strong emphasis on secure coding practices. The absence of unprotected entry points and the exclusive use of prepared statements for SQL queries are significant strengths. Furthermore, a high percentage of properly escaped output and a robust number of nonce and capability checks indicate a proactive approach to mitigating common web vulnerabilities.

However, the static analysis reveals a critical concern: the presence of four instances of the `unserialize` function. While taint analysis did not identify critical or high severity flows, the use of `unserialize` without proper sanitization or validation is a known vector for remote code execution vulnerabilities. Additionally, the fact that there are two flows with unsanitized paths, even if categorized as lower severity by the tools, warrants caution. The plugin's vulnerability history, with one medium CVE related to missing authorization, aligns with the potential risks associated with handling user-controlled input, especially when combined with potentially insecure functions like `unserialize`.

In conclusion, while "new-video-gallery" v1.6.5 demonstrates many positive security attributes, the identified use of `unserialize` and unsanitized paths introduce a notable risk. The plugin's past vulnerability further emphasizes the need for vigilance. Addressing the `unserialize` usage is paramount to improving its overall security.

Key Concerns

Dangerous function unserialize usage
Flows with unsanitized paths
Medium severity CVE found

Vulnerabilities

Video Gallery YouTube Vimeo Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-34377medium · 5.3Missing Authorization

Video Gallery – Api Gallery, YouTube and Vimeo, Link Gallery <= 1.5.3 - Missing Authorization

May 3, 2024 Patched in 1.5.4 (5d)

Code Analysis

Analyzed Mar 16, 2026

Video Gallery YouTube Vimeo Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

239 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserializereturn ($str == serialize(false) || @unserialize($str) !== false);include\video-gallery-code.php:41

unserialize$gallery_settings = unserialize($decodedData, ['allowed_classes' => false]);include\video-gallery-code.php:55

unserializereturn ($str == serialize(false) || @unserialize($str) !== false);include\video-gallery-settings.php:24

unserialize$gallery_settings = unserialize($decodedData);include\video-gallery-settings.php:37

Output Escaping

92% escaped259 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

_ajax_video_gallery (new-video-gallery.php:343)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Video Gallery YouTube Vimeo Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 1

authwp_ajax_video_gallery_jsnew-video-gallery.php:97

Shortcodes 1

[VDGAL] include\shortcode.php:10

WordPress Hooks 35

actioninitclass-tgm-plugin-activation.php:268

filterload_textdomain_mofileclass-tgm-plugin-activation.php:269

actioninitclass-tgm-plugin-activation.php:272

actionadmin_menuclass-tgm-plugin-activation.php:421

actionadmin_headclass-tgm-plugin-activation.php:422

filterinstall_plugin_complete_actionsclass-tgm-plugin-activation.php:425

filterupdate_plugin_complete_actionsclass-tgm-plugin-activation.php:426

actionadmin_noticesclass-tgm-plugin-activation.php:429

actionadmin_initclass-tgm-plugin-activation.php:430

actionadmin_enqueue_scriptsclass-tgm-plugin-activation.php:431

actionload-plugins.phpclass-tgm-plugin-activation.php:436

actionswitch_themeclass-tgm-plugin-activation.php:439

actionswitch_themeclass-tgm-plugin-activation.php:442

actionadmin_initclass-tgm-plugin-activation.php:447

actionswitch_themeclass-tgm-plugin-activation.php:452

actionload_textdomain_mofileclass-tgm-plugin-activation.php:475

filterupgrader_source_selectionclass-tgm-plugin-activation.php:889

actionplugins_loadedclass-tgm-plugin-activation.php:2132

filtertgmpa_table_data_itemsclass-tgm-plugin-activation.php:2256

filterupgrader_source_selectionclass-tgm-plugin-activation.php:2997

actionadmin_initclass-tgm-plugin-activation.php:3167

actionupgrader_process_completeclass-tgm-plugin-activation.php:3262

filterupgrader_post_installclass-tgm-plugin-activation.php:3321

filterupgrader_post_installclass-tgm-plugin-activation.php:3470

actioninitnew-video-gallery.php:83

actionadmin_menunew-video-gallery.php:86

actioninitnew-video-gallery.php:89

actionadd_meta_boxesnew-video-gallery.php:92

actionadmin_initnew-video-gallery.php:95

actionsave_postnew-video-gallery.php:99

filterwidget_textnew-video-gallery.php:102

filtermanage_video_gallery_posts_columnsnew-video-gallery.php:105

actionmanage_video_gallery_posts_custom_columnnew-video-gallery.php:108

actionwp_enqueue_scriptsnew-video-gallery.php:110

actiontgmpa_registernew-video-gallery.php:452

Maintenance & Trust

Video Gallery YouTube Vimeo Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 16, 2026

PHP min version7.0

Downloads107K

Community Trust

Rating82/100

Number of ratings8

Active installs1K

Alternatives

Video Gallery YouTube Vimeo Alternatives

All-in-One Video Gallery

all-in-one-video-gallery

The ultimate video player & video gallery plugin for YouTubers, Video Bloggers, Course Creators, Podcasters, and anyone embedding videos on websites.

20K 11 CVEs

Videopack

video-embed-thumbnail-generator

Makes video thumbnails, allows resolution switching, and embeds responsive self-hosted videos and galleries.

10K 4 CVEs

Video Gallery – Vimeo and YouTube Gallery

smart-grid-gallery

Build your utmost YouTube Gallery right away with Our Video Gallery plugin.

7K 1 unpatched

Vimeography: Vimeo Video Gallery WordPress Plugin

vimeography

The easiest way to create beautiful Vimeo video galleries on your WordPress site.

6K 3 CVEs

Video Gallery for WooCommerce

video-wc-gallery

Video Gallery for WooCommerce: Add WordPress library videos to product pages with customization. Requires WooCommerce activation.

3K 1 CVE

Developer Profile

Video Gallery YouTube Vimeo Developer Profile

A WP Life

61 plugins · 64K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

267 days

View full developer profile

Detection Fingerprints

How We Detect Video Gallery YouTube Vimeo

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/new-video-gallery/css/owl.carousel.min.css/wp-content/plugins/new-video-gallery/css/video-gallery.css/wp-content/plugins/new-video-gallery/js/owl.carousel.min.js/wp-content/plugins/new-video-gallery/js/video-gallery.js

Script Paths

/wp-content/plugins/new-video-gallery/js/owl.carousel.min.js/wp-content/plugins/new-video-gallery/js/video-gallery.js

Version Parameters

new-video-gallery/css/owl.carousel.min.css?ver=new-video-gallery/css/video-gallery.css?ver=new-video-gallery/js/owl.carousel.min.js?ver=new-video-gallery/js/video-gallery.js?ver=

HTML / DOM Fingerprints

CSS Classes

video-gallery-wrappervideo-gallery-itemvimeothumbyoutube_thumbnailvg-video-play-iconvg-video-detailsvg-video-titlevg-video-description+3 more

HTML Comments

Data Attributes

data-video-iddata-video-source

JS Globals

new_video_gallery_ajax_object

Shortcode Output

[VDGAL id=

FAQ