Does Post Categories Gallery have any unpatched vulnerabilities?

No. All known vulnerabilities in Post Categories Gallery have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Post Categories Gallery compatible with WordPress 3.5.2?

According to WordPress.org data, Post Categories Gallery 1.0.0 has been tested up to WordPress 3.5.2. Check the plugin's changelog for the latest compatibility information.

How often is Post Categories Gallery updated?

Post Categories Gallery was last updated on Feb 26, 2014. Frequent updates are generally a positive security signal.

What is Post Categories Gallery's security score?

Post Categories Gallery has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Post Categories Gallery Security & Risk Analysis

wordpress.org/plugins/post-category-gallery

Post Category Gallery displays selectable categories of posts horizontally and below the featured images of selected posts are displayed.

20 active installs v1.0.0 PHP + WP 2.1+ Updated Feb 26, 2014

buttonscategoriesfeatured-imagefilteringposts

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Post Categories Gallery Safe to Use in 2026?

Generally Safe

Score 85/100

Post Categories Gallery has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The post-category-gallery plugin v1.0.0 exhibits a strong security posture based on the provided static analysis. The absence of direct SQL queries, proper output escaping, and file operations, coupled with no recorded vulnerabilities, suggests that the developers have followed good security practices. The limited attack surface, consisting solely of one shortcode with no apparent direct interaction with external systems or sensitive data, further bolsters its security. However, a significant concern arises from the complete lack of nonce checks and capability checks. While the current analysis doesn't reveal exploitable flows, this omission represents a potential weakness that could be leveraged if the plugin's functionality were to evolve or interact with user-supplied data in the future. The absence of any recorded vulnerabilities in its history is a positive sign, indicating a potentially stable and well-maintained codebase up to this version.

Key Concerns

Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Post Categories Gallery Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Post Categories Gallery Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped6 total outputs

Attack Surface

Post Categories Gallery Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[postcategorygallery] horcatbar.php:123

WordPress Hooks 1

actionwp_enqueue_scriptshorcatbar.php:131

Maintenance & Trust

Post Categories Gallery Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2

Last updatedFeb 26, 2014

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings1

Active installs20

Alternatives

Post Categories Gallery Alternatives

Latest Posts Widget

raw-latest-posts-widget

List the lastest posts from a category.

40 No CVEs

List category posts

list-category-posts

Very customizable plugin to list posts by category (or tag, author and more) in a post, page or widget. Uses the [catlist] shortcode to select posts.

80K 6 CVEs

Category Posts Widget

category-posts

Adds a widget that shows the most recent posts from a single category.

40K 2 CVEs

Essential Widgets

essential-widgets

Essential Widgets is a WordPress plugin for widgets that allows you to create and add amazing widgets with high customization option

10K 2 CVEs

Ultimate Posts Widget

ultimate-posts-widget

The ultimate widget for displaying posts, custom post types or sticky posts with an array of options.

10K 1 CVE

Developer Profile

Post Categories Gallery Developer Profile

Fides IT

2 plugins · 40 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Post Categories Gallery

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/post-category-gallery/horcatbar.css

Version Parameters

horcatbar_style?ver=post-category-gallery/horcatbar.css?ver=

HTML / DOM Fingerprints

CSS Classes

hcb_containerhcb_theme_greenhcb_theme_bluehcb_theme_redhcb_categories_tophcb_post_containercaptioncurrent-cat+1 more

Data Attributes

data-hcbcategory

Shortcode Output

<div class="hcb_container<ul class="hcb_categories_top"><div class="hcb_post_container"<img src="

FAQ