Does 360 Generator have any unpatched vulnerabilities?

No. All known vulnerabilities in 360 Generator have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is 360 Generator compatible with WordPress 4.9.29?

According to WordPress.org data, 360 Generator 2.0.1 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

Is 360 Generator compatible with PHP 5.2+?

360 Generator requires PHP 5.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is 360 Generator updated?

360 Generator was last updated on Apr 5, 2018. Frequent updates are generally a positive security signal.

What is 360 Generator's security score?

360 Generator has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

360 Generator Security & Risk Analysis

wordpress.org/plugins/pg-360-generator

Easy way to make interactive 360° from set of photos ,also provides many options like size control , color /light control and filters, custom cursor s …

10 active installs v2.0.1 PHP 5.2+ WP 3.3+ Updated Apr 5, 2018

360360-generator360-spinresponsive-imagingwatermark-images

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is 360 Generator Safe to Use in 2026?

Generally Safe

Score 85/100

360 Generator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The plugin "pg-360-generator" v2.0.1 exhibits a concerning security posture due to a significantly large attack surface without adequate authentication or authorization checks. All 11 identified AJAX handlers are unprotected, presenting a direct pathway for unauthorized actions if they perform sensitive operations. While the static analysis did not reveal any dangerous functions, critical taint flows, or file operations, the extensive number of unauthenticated entry points is a major weakness. The plugin also shows poor practices regarding SQL query preparation (only 4% use prepared statements) and output escaping (only 7% are properly escaped), increasing the risk of SQL injection and Cross-Site Scripting (XSS) vulnerabilities, respectively. The absence of any recorded vulnerability history might suggest either a lack of past scrutiny or a genuinely secure history, but this cannot outweigh the current code-level risks. Therefore, while the plugin has not yet demonstrated a history of public vulnerabilities, the current codebase presents significant and actionable security concerns that require immediate attention.

Key Concerns

11 unprotected AJAX handlers
Low percentage of prepared SQL statements
Low percentage of properly escaped output
No nonce checks on AJAX
No capability checks

Vulnerabilities

None known

360 Generator Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

360 Generator Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

141

11 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

4% prepared70 total queries

Output Escaping

7% escaped152 total outputs

Attack Surface

11 unprotected

360 Generator Attack Surface

Entry Points11

Unprotected11

AJAX Handlers 11

authwp_ajax_pg360_handle_dropped_mediaincludes\class-pg360.php:190

authwp_ajax_pg360_handle_projectincludes\class-pg360.php:194

authwp_ajax_pg360_delete_projectincludes\class-pg360.php:195

authwp_ajax_pg360_handle_reelincludes\class-pg360.php:198

authwp_ajax_pg360_pass_idincludes\class-pg360.php:201

authwp_ajax_pg360_project_editincludes\class-pg360.php:202

authwp_ajax_pg360_project_deleteincludes\class-pg360.php:203

authwp_ajax_pg360_add_annotationincludes\class-pg360.php:205

authwp_ajax_pg360_delete_annotationincludes\class-pg360.php:207

authwp_ajax_pg360_delete_all_annotationincludes\class-pg360.php:209

authwp_ajax_pg360_restore_default_settingsincludes\class-pg360.php:212

WordPress Hooks 10

actionplugins_loadedincludes\class-pg360.php:162

actionadmin_enqueue_scriptsincludes\class-pg360.php:180

actionadmin_enqueue_scriptsincludes\class-pg360.php:181

actionadmin_menuincludes\class-pg360.php:184

actionadmin_initincludes\class-pg360.php:187

actionadmin_post_pg360_handle_deleted_mediaincludes\class-pg360.php:191

actionmedia_buttonsincludes\class-pg360.php:215

actionwp_enqueue_mediaincludes\class-pg360.php:216

actionwp_enqueue_scriptsincludes\class-pg360.php:238

actionwp_enqueue_scriptsincludes\class-pg360.php:239

Maintenance & Trust

360 Generator Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedApr 5, 2018

PHP min version5.2

Downloads3K

Community Trust

Rating46/100

Number of ratings4

Active installs10

Alternatives

360 Generator Alternatives

Glo3D

glo3d

With a push of a button of any smartphone or professional camera, capture, edit, share and embed 360° photo of any product to your online store or web …

10 No CVEs

360 Spin For Woocommerce

glo3dapp-woospin

With a push of a button of any smartphone or professional camera, capture, edit, share and embed 360° photo of any product to your woocommerce online …

10 No CVEs

3D Viewer – Display Interactive 3D Models

3d-viewer

100

3D Viewer lets you embed interactive 3D models and 360 product views on WordPress sites with support for GLB, GLTF, OBJ, STL, FBX, DAE, and BIM.

10K No CVEs

WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress

wpvr

Create stunning 360 virtual tours to impress visitors and get more clients using WPVR - the easiest virtual tour creator in WordPress.

10K 14 CVEs

iPanorama 360 – Advanced Virtual Tour Builder

ipanorama-360-virtual-tour-builder-lite

Let's create virtual tours for your site that empowers your visitors and clients!!! Build a live tour in just a few steps.

5K 6 CVEs

Developer Profile

360 Generator Developer Profile

Ibrahim

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect 360 Generator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/pg-360-generator/assets/css/dropzone.css/wp-content/plugins/pg-360-generator/assets/css/pg360.css/wp-content/plugins/pg-360-generator/assets/js/dropzone.js/wp-content/plugins/pg-360-generator/assets/js/pg360.js/wp-content/plugins/pg-360-generator/admin/js/pg360_setting.js

Script Paths

/wp-content/plugins/pg-360-generator/assets/js/dropzone.js/wp-content/plugins/pg-360-generator/assets/js/pg360.js/wp-content/plugins/pg-360-generator/admin/js/pg360_setting.js

Version Parameters

pg-360-generator/assets/css/dropzone.css?ver=pg-360-generator/assets/css/pg360.css?ver=pg-360-generator/assets/js/dropzone.js?ver=pg-360-generator/assets/js/pg360.js?ver=pg-360-generator/admin/js/pg360_setting.js?ver=

HTML / DOM Fingerprints

CSS Classes

pg360_editpg360Dzpg360-media-uploaderpg360_nextpg360_setting_restore_default

Data Attributes

id="my-awesome-dropzone"id="pg360-media-uploader"id="pg360_next"id="pg360_setting_restore_default"

JS Globals

pg360Parampg360SettingRestore

REST Endpoints

/wp-json/pg360_handle_dropped_media/wp-json/pg360_handle_deleted_media/wp-json/pg360_handle_project/wp-json/pg360_restore_default_settings

FAQ