Does Projects Gallery have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Projects Gallery compatible with WordPress 5.3.21?

According to WordPress.org data, Projects Gallery 1.0 has been tested up to WordPress 5.3.21. Check the plugin's changelog for the latest compatibility information.

How often is Projects Gallery updated?

Projects Gallery was last updated on Apr 6, 2020. Frequent updates are generally a positive security signal.

What is Projects Gallery's security score?

Projects Gallery has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Projects Gallery Security & Risk Analysis

wordpress.org/plugins/projects-gallery

Let's Create a gallery of projects, either you can use it to have a gallery of any other project!

0 active installs v1.0 PHP + WP 4.5+ Updated Apr 6, 2020

galleryprojectsprojects-galleryprojects-list

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Projects Gallery Safe to Use in 2026?

Generally Safe

Score 85/100

Projects Gallery has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The "projects-gallery" plugin v1.0 exhibits a generally positive security posture due to its absence of known CVEs, a lack of dangerous functions, and the exclusive use of prepared statements for SQL queries. However, the static analysis reveals significant areas for concern. Specifically, two taint flows with unsanitized paths have been identified, representing a high severity risk that could potentially lead to code execution or data breaches if exploited. Furthermore, the plugin's output escaping is only partially effective, with a significant portion of outputs not being properly sanitized, which could open doors for cross-site scripting (XSS) vulnerabilities.

The plugin's vulnerability history is clean, with no recorded CVEs. This suggests a responsible development approach or a lack of targeted attacks. However, this positive history should not overshadow the risks identified in the static analysis. The presence of unsanitized paths in taint flows, combined with incomplete output escaping, indicates potential weaknesses that could be exploited. While the plugin has a minimal attack surface and includes nonce checks, the high-severity taint flows and output escaping issues necessitate careful consideration and remediation.

Key Concerns

High severity taint flows with unsanitized paths
Significant portion of outputs not properly escaped
No capability checks found

Vulnerabilities

None known

Projects Gallery Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Projects Gallery Release Timeline

v1.2

v1.1

v1.0Current

Code Analysis

Analyzed Apr 16, 2026

Projects Gallery Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared6 total queries

Output Escaping

69% escaped13 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

projects_admin_master (project-gallery.php:96)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Projects Gallery Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[mw_pgallery] project-gallery.php:45

WordPress Hooks 2

actionwp_enqueue_scriptsproject-gallery.php:44

actionadmin_menuproject-gallery.php:46

Maintenance & Trust

Projects Gallery Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21

Last updatedApr 6, 2020

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Projects Gallery Alternatives

WPZOOM Portfolio Lite – Filterable Portfolio Plugin

wpzoom-portfolio

Portfolio plugin for WordPress. Create filterable portfolio grids with masonry layouts and lightbox. Ideal for photographers, designers, agencies.

20K 2 CVEs

Sight – Professional Image Gallery and Portfolio

sight

Introducing Sight — a fast & simple way to create professional looking portfolios and neatly stunning image and video galleries — all with zero co …

4K 1 CVE

Portfolio Block – The Ultimate Project & Portfolio Builder

portfolio-block

100

Portfolio Block helps you create and display modern, responsive portfolios with multiple layouts, filters, and full design control.

700 No CVEs

Project Showcase – A WordPress Plugin to Display Projects in Various Layouts

gs-projects

Introducing a WordPress plugin that enables users to display their projects in a variety of layouts through a project showcase.

200 1 CVE

Fancy Grid Portfolio

fancy-grid-portfolio

Create portfolio in nice grid format that is animated and filterable with beautiful hover overlay of project title and description.

30 No CVEs

Developer Profile

Projects Gallery Developer Profile

nazaninhesamzadeh

2 plugins · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Projects Gallery

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/projects-gallery/public/bootstrap.min.css/wp-content/plugins/projects-gallery/public/materialize.css/wp-content/plugins/projects-gallery/public/icon.css/wp-content/plugins/projects-gallery/public/materialize.min.js

Script Paths

/wp-content/plugins/projects-gallery/public/materialize.min.js

HTML / DOM Fingerprints

CSS Classes

row

Data Attributes

data-collection

JS Globals

jQuery

Shortcode Output

<div class="row"><div id="projects-gallery-container"><div class="project-item"><div class="project-title">

FAQ