Does Simple Video Directory have any unpatched vulnerabilities?

No. All known vulnerabilities in Simple Video Directory have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Simple Video Directory compatible with WordPress 6.5.8?

According to WordPress.org data, Simple Video Directory 1.4.4 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

Is Simple Video Directory compatible with PHP 5.6+?

Simple Video Directory requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Simple Video Directory updated?

Simple Video Directory was last updated on Jul 4, 2025. Frequent updates are generally a positive security signal.

What is Simple Video Directory's security score?

Simple Video Directory has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Simple Video Directory Security & Risk Analysis

wordpress.org/plugins/simple-media-directory

Wordpress Video Directory plugin to curate topic based media gallery. Curate gorgeous video Directory, Video List, Video Gallery, Video Portfolio etc.

10 active installs v1.4.4 PHP 5.6+ WP 4.6+ Updated Jul 4, 2025

directorymedia-directorymedia-galleryvideo-galleryvideo-portfolio

A · Safe

CVEs total2

Unpatched0

Last CVEJun 21, 2024

Plugin page Download

Safety Verdict

Is Simple Video Directory Safe to Use in 2026?

Generally Safe

Score 98/100

Simple Video Directory has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Jun 21, 2024Updated 9mo ago

Risk Assessment

The "simple-media-directory" v1.4.4 plugin exhibits a mixed security posture. While it demonstrates good practices with a high percentage of prepared SQL statements and properly escaped output, significant concerns arise from its attack surface and historical vulnerability patterns. The presence of 9 AJAX handlers, with one lacking proper authentication checks, creates an immediate entry point for potential attackers. This is further amplified by a taint analysis revealing one high-severity flow with unsanitized paths, suggesting the possibility of injection vulnerabilities if not carefully handled.

The plugin's vulnerability history is a notable weakness. Two known CVEs, one of high and one of medium severity, were recorded. Although currently unpatched vulnerabilities are zero, the recurrence of Cross-site Scripting (XSS) and SQL Injection (SQLi) as common vulnerability types in its past indicates a recurring need for more robust input validation and output sanitization. The presence of `unserialize` as a dangerous function, without explicit information on how it's used and secured, is another potential area of risk, as it can be a vector for deserialization vulnerabilities.

In conclusion, while the plugin has made strides in secure coding practices, the identified unprotected AJAX handler, high-severity taint flow, and historical vulnerability trends present a tangible risk. The outdated bundled jQuery library also adds to the potential attack surface. A thorough review and remediation of the unsanitized paths and the unprotected AJAX handler are crucial to mitigating these risks.

Key Concerns

AJAX handler without auth checks
High severity taint flow with unsanitized paths
History of SQL Injection vulnerabilities
History of Cross-site Scripting vulnerabilities
Bundled outdated jQuery v1.11.3
Presence of dangerous 'unserialize' function

Vulnerabilities

Simple Video Directory Security Vulnerabilities

CVEs by Year

2 CVEs in 2024

2024

Patched Has unpatched

Severity Breakdown

High

Medium

2 total CVEs

CVE-2024-5811medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Simple Video Directory <= 1.4.3 - Authenticated (Admin+) Stored Cross-Site Scripting

Jun 21, 2024 Patched in 1.4.4 (11d)

CVE-2024-6809high · 7.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Simple Video Directory <= 1.4.2 - Unauthenticated SQL Injection

May 21, 2024 Patched in 1.4.3 (374d)

Code Analysis

Analyzed Mar 16, 2026

Simple Video Directory Code Analysis

Dangerous Functions

Raw SQL Queries

11 prepared

Unescaped Output

585 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$unserialized = unserialize( $value->meta_value );qc-opd-ajax-stuffs.php:57

unserialize$unserialize = unserialize($result->meta_value);templates\simple\template.php:33

unserialize$unserialize = unserialize($result->meta_value);templates\style-1\template.php:34

unserialize$unserialize = unserialize($result->meta_value);templates\style-2\template.php:33

unserialize$unserialize = unserialize($result->meta_value);templates\style-3\template.php:33

Bundled Libraries

TinyMCEjQuery1.11.3

SQL Query Safety

92% prepared12 total queries

Output Escaping

91% escaped642 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

13 flows4 with unsanitized paths

qcsmd_bimport_page_content (qc-op-directory-import.php:28)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Simple Video Directory Attack Surface

Entry Points10

Unprotected1

AJAX Handlers 9

authwp_ajax_goodbye_formclass-plugin-deactivate-feedback.php:63

authwp_ajax_cmb_request_imageinc\cmb\classes.fields.php:644

authwp_ajax_cmb_post_selectinc\cmb\classes.fields.php:1426

authwp_ajax_qcsmd_upvote_actionqc-opd-ajax-stuffs.php:136

noprivwp_ajax_qcsmd_upvote_actionqc-opd-ajax-stuffs.php:137

authwp_ajax_qcopd_load_videoqc-opd-ajax-stuffs.php:173

noprivwp_ajax_qcopd_load_videoqc-opd-ajax-stuffs.php:174

authwp_ajax_process_qc_promo_formqc-support-promo-page\class-qc-support-promo-page.php:27

authwp_ajax_show_qcsmd_shortcodesqcopd-shortcode-generator.php:266

Shortcodes 1

[qcsmd-directory] qc-op-directory-shortcodes.php:54

WordPress Hooks 53

actioninitautoimport\qc-opd-trigger-autoimport.php:8

actioninitautoimport\qc-opd-trigger-autoimport.php:9

actionadmin_footer-plugins.phpclass-plugin-deactivate-feedback.php:62

filterwp_mail_content_typeclass-plugin-deactivate-feedback.php:98

actionadmin_headclass-qc-free-plugin-upgrade-notice.php:34

actionplugin_row_metaclass-qc-free-plugin-upgrade-notice.php:115

actionadmin_menuclass-qc-free-plugin-upgrade-notice.php:157

actionwp_enqueue_scriptsembed\embedder.php:7

filtertemplate_includeembed\embedder.php:29

actionqcsmd_attach_embed_btnembed\embedder.php:77

actionenqueue_block_assetsgutenberg\smd-block\src\init.php:33

actionenqueue_block_editor_assetsgutenberg\smd-block\src\init.php:64

actionadd_meta_boxesinc\cmb\class.cmb-meta-box.php:18

actioncmb_init_fieldsinc\cmb\class.cmb-meta-box.php:19

actionadmin_menuinc\cmb\class.cmb-meta-box.php:21

actionsave_postinc\cmb\class.cmb-meta-box.php:22

actionedit_attachmentinc\cmb\class.cmb-meta-box.php:23

actioncmb_save_fieldsinc\cmb\class.cmb-meta-box.php:24

actionadmin_enqueue_scriptsinc\cmb\class.cmb-meta-box.php:26

actionadmin_enqueue_scriptsinc\cmb\class.cmb-meta-box.php:27

actioninitinc\cmb\custom-meta-boxes.php:63

filterqueryinc\cmb\custom-meta-boxes.php:156

actionthe_postsqc-op-directory-assets.php:32

actiontemplate_redirectqc-op-directory-assets.php:35

actionwp_enqueue_scriptsqc-op-directory-assets.php:42

actionwp_enqueue_scriptsqc-op-directory-assets.php:48

actionadmin_enqueue_scriptsqc-op-directory-assets.php:73

actionwp_enqueue_scriptsqc-op-directory-assets.php:96

actionadmin_menuqc-op-directory-import.php:8

actioninitqc-op-directory-post-type.php:68

filtercmb_meta_boxesqc-op-directory-post-type.php:117

filtermanage_smd_posts_columnsqc-op-directory-post-type.php:150

actionmanage_smd_posts_custom_columnqc-op-directory-post-type.php:151

actionadmin_initqc-opd-setting-options.php:17

actionadmin_menuqc-opd-setting-options.php:20

actionadmin_initqc-rating-feature\qc-rating-class.php:26

actionadmin_enqueue_scriptsqc-rating-feature\qc-rating-class.php:88

actionadmin_noticesqc-rating-feature\qc-rating-class.php:89

actioninitqc-smd-directory-main.php:67

actionadmin_headqc-smd-directory-main.php:70

actionadmin_menuqc-smd-directory-main.php:225

actionadd_meta_boxesqc-smd-directory-main.php:300

actionplugins_loadedqc-smd-directory-main.php:325

actionactivated_pluginqc-smd-directory-main.php:356

actionwp_footerqc-smd-directory-main.php:373

actioninitqc-smd-directory-main.php:380

actionwp_headqc-support-promo-page\class-qc-support-promo-page.php:10

actionadmin_enqueue_scriptsqc-support-promo-page\class-qc-support-promo-page.php:145

actionadmin_menuqc-support-promo-page\class-qc-support-promo-page.php:168

filtermce_external_pluginsqcopd-shortcode-generator.php:8

filtermce_buttonsqcopd-shortcode-generator.php:9

actioninitqcopd-shortcode-generator.php:27

actionadmin_enqueue_scriptsqcopd-shortcode-generator.php:35

Maintenance & Trust

Simple Video Directory Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedJul 4, 2025

PHP min version5.6

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Simple Video Directory Alternatives

Mixed Media Gallery Blocks

simply-gallery-block

Create mixed media galleries with images, HTML5 video, YouTube, Vimeo, and VideoPress — all in one gallery by Simply Gallery.

40K 7 CVEs

Responsive Filterable Portfolio

responsive-filterable-portfolio

This is a beautiful responsive portfolio with responsive lightbox plugin for WordPress blogs and sites. Admin can manage any number of videos, images, …

1K 4 CVEs

WP Responsive Media Gallery

wp-responsive-media-gallery

Create a wonderful image gallery in couple of clicks with responsive media gallery plugin. A finest way to Promote your image and video online with di …

40 No CVEs

Modula Image Gallery – Photo Grid & Video Gallery

modula-best-grid-gallery

Create responsive image galleries with drag-and-drop grid builder. Custom layouts, video support, AI optimization. Works with any theme.

100K 14 CVEs

WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters

wp-google-map-plugin

WordPress map plugin for Google Maps, OpenStreetMap & Mapbox with store locator, filterable listings & custom markers.

60K 20 CVEs

Developer Profile

Simple Video Directory Developer Profile

QuantumCloud

29 plugins · 26K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

255 days

View full developer profile

Detection Fingerprints

How We Detect Simple Video Directory

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/simple-media-directory/assets/css/style.css/wp-content/plugins/simple-media-directory/assets/css/qc-opd-admin.css/wp-content/plugins/simple-media-directory/assets/js/qc-opd-main.js/wp-content/plugins/simple-media-directory/assets/js/jquery.dataTables.min.js/wp-content/plugins/simple-media-directory/assets/js/jquery.mCustomScrollbar.concat.min.js/wp-content/plugins/simple-media-directory/assets/js/jquery.fancybox.pack.js/wp-content/plugins/simple-media-directory/assets/js/bootstrap-select.js/wp-content/plugins/simple-media-directory/assets/js/typeahead.bundle.js+4 more

Generator Patterns

Simple Media Directory

Script Paths

/wp-content/plugins/simple-media-directory/assets/js/qc-opd-main.js/wp-content/plugins/simple-media-directory/assets/js/jquery.dataTables.min.js/wp-content/plugins/simple-media-directory/assets/js/jquery.mCustomScrollbar.concat.min.js/wp-content/plugins/simple-media-directory/assets/js/jquery.fancybox.pack.js/wp-content/plugins/simple-media-directory/assets/js/bootstrap-select.js/wp-content/plugins/simple-media-directory/assets/js/typeahead.bundle.js+4 more

Version Parameters

simple-media-directory/assets/css/style.css?ver=simple-media-directory/assets/css/qc-opd-admin.css?ver=simple-media-directory/assets/js/qc-opd-main.js?ver=simple-media-directory/assets/js/jquery.dataTables.min.js?ver=simple-media-directory/assets/js/jquery.mCustomScrollbar.concat.min.js?ver=simple-media-directory/assets/js/jquery.fancybox.pack.js?ver=simple-media-directory/assets/js/bootstrap-select.js?ver=simple-media-directory/assets/js/typeahead.bundle.js?ver=simple-media-directory/assets/js/moment.min.js?ver=simple-media-directory/assets/js/bootstrap-datetimepicker.js?ver=simple-media-directory/assets/js/qcopd-shortcode-generator.js?ver=simple-media-directory/embed/embedder.js?ver=

HTML / DOM Fingerprints

CSS Classes

qcsmd-promo-linkqc-opd-wrapperqc-opd-contentqcsmd-video-gallery-itemqcsmd-entry-timeqcsmd-timelaps

HTML Comments

05-31-201705-31-2017 - EndsOption page

Data Attributes

data-plugin-name="simple-media-directory"data-plugin-version="1.4.4"

JS Globals

QCSMD_URLQCSMD_IMG_URLQCSMD_ASSETS_URLQCSMD_DIRQCSMD_INC_DIRQCSMD_TPL_URL+2 more

Shortcode Output

[qcopd-directory[qcsmd-gallery[qcsmd-video-gallery

FAQ

Simple Video Directory Security & Risk Analysis

Is Simple Video Directory Safe to Use in 2026?

Generally Safe

Key Concerns

Simple Video Directory Security Vulnerabilities

CVEs by Year

Severity Breakdown

Simple Video Directory Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

Simple Video Directory Attack Surface

AJAX Handlers 9

Shortcodes 1

Simple Video Directory Maintenance & Trust

Maintenance Signals

Community Trust

Simple Video Directory Alternatives

Mixed Media Gallery Blocks

Responsive Filterable Portfolio

WP Responsive Media Gallery

Modula Image Gallery – Photo Grid & Video Gallery

WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters

Simple Video Directory Developer Profile

How We Detect Simple Video Directory

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Simple Video Directory