WP-Safety

SmartVideo – Video Player and CDN Security & Risk Analysis

wordpress.org/plugins/smartvideo

Lightweight HTML5 video player and video hosting with CDN built for WordPress

1K active installs v2.2.1 PHP 7.3+ WP 6.0+ Updated Mar 23, 2026
video-embedvideo-hostingvideo-playervimeoyoutube
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is SmartVideo – Video Player and CDN Safe to Use in 2026?

Generally Safe

Score 100/100

SmartVideo – Video Player and CDN has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

This plugin exhibits a generally strong security posture with excellent practices in critical areas like SQL query sanitization and output escaping. The extensive use of prepared statements for SQL and a very high percentage of properly escaped outputs significantly reduce the risk of common web vulnerabilities such as SQL injection and cross-site scripting. Furthermore, the presence of nonce and capability checks on entry points demonstrates a commitment to authentication and authorization. The absence of known CVEs and a clean vulnerability history are positive indicators of ongoing security diligence.

However, the static analysis reveals two critical taint analysis flows with unsanitized paths. While the attack surface appears small and protected, these specific flows represent a significant risk. The presence of the 'system' dangerous function, though only one instance, always warrants careful scrutiny, as it can be a gateway to arbitrary code execution if not handled with extreme caution and proper sanitization. The vulnerability history is clean, but the identified taint flows highlight that even well-defended plugins can harbor critical vulnerabilities that may not yet be publicly known or have exploitable proof-of-concept. The plugin's strengths lie in its robust defense against common attacks, but the identified taint issues are a clear area of concern requiring immediate attention.

Key Concerns

  • Critical taint flows with unsanitized paths
  • Use of dangerous function 'system'
Vulnerabilities
None known

SmartVideo – Video Player and CDN Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

SmartVideo – Video Player and CDN Release Timeline

v2.2.1Current
v2.2.0
v2.1.2
v2.1.1
v2.1.0
v2.0.2
v2.0.1
v2.0.0
v1.2.1
v1.2.0
v1.1.8
v1.1.7
v1.1.4
v1.1.3
v1.0.2
v1.0.1
v1.0
Code Analysis
Analyzed Mar 16, 2026

SmartVideo – Video Player and CDN Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
1
159 escaped
Nonce Checks
1
Capability Checks
4
File Operations
7
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

systemsystem( 'file -i -b ' . $filename );includes\Smartvideo\UploadAccelerator.php:188

Output Escaping

99% escaped160 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
ajax_chunk_receiver (includes\Smartvideo\UploadAccelerator.php:207)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

SmartVideo – Video Player and CDN Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 1

authwp_ajax_swarmify_upload_acceleratorincludes\Smartvideo\UploadAccelerator.php:71

Shortcodes 1

[smartvideo] includes\Smartvideo\Swarmify.php:106
WordPress Hooks 29
actionplugins_loadedincludes\page-builders\elementor\class-elementor-swarmify.php:28
actionadmin_noticesincludes\page-builders\elementor\class-elementor-swarmify.php:36
actionadmin_noticesincludes\page-builders\elementor\class-elementor-swarmify.php:42
actionadmin_noticesincludes\page-builders\elementor\class-elementor-swarmify.php:47
actionelementor/widgets/widgets_registeredincludes\page-builders\elementor\class-elementor-swarmify.php:52
actionelementor/elements/categories_registeredincludes\page-builders\elementor\class-elementor-swarmify.php:53
actionelementor/editor/before_enqueue_scriptsincludes\page-builders\elementor\class-elementor-swarmify.php:54
actioninitincludes\page-builders\gutenberg\src\init.php:93
actioninitincludes\Smartvideo\Swarmify.php:169
actionadmin_enqueue_scriptsincludes\Smartvideo\Swarmify.php:182
actionadmin_enqueue_scriptsincludes\Smartvideo\Swarmify.php:183
actionadmin_enqueue_scriptsincludes\Smartvideo\Swarmify.php:185
actionadmin_menuincludes\Smartvideo\Swarmify.php:186
actionmedia_buttonsincludes\Smartvideo\Swarmify.php:188
actionadmin_footerincludes\Smartvideo\Swarmify.php:189
actionwp_headincludes\Smartvideo\Swarmify.php:202
actionwp_enqueue_scriptsincludes\Smartvideo\Swarmify.php:203
actionadmin_enqueue_scriptsincludes\Smartvideo\Swarmify.php:204
filterscript_loader_tagincludes\Smartvideo\Swarmify.php:205
actionrest_api_initincludes\Smartvideo\Swarmify.php:208
actionwidgets_initincludes\Smartvideo\Swarmify.php:210
filterkses_allowed_protocolsincludes\Smartvideo\Swarmify.php:212
filterplupload_initincludes\Smartvideo\UploadAccelerator.php:67
filterupload_post_paramsincludes\Smartvideo\UploadAccelerator.php:68
filterplupload_default_settingsincludes\Smartvideo\UploadAccelerator.php:69
filterplupload_default_paramsincludes\Smartvideo\UploadAccelerator.php:70
actioninitSmartVideo.php:123
actiondivi_extensions_initSmartVideo.php:133
actionplugins_loadedSmartVideo.php:151
Maintenance & Trust

SmartVideo – Video Player and CDN Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 23, 2026
PHP min version7.3
Downloads80K

Community Trust

Rating78/100
Number of ratings16
Active installs1K
Alternatives

SmartVideo – Video Player and CDN Alternatives

All-in-One Video Gallery

All-in-One Video Gallery

all-in-one-video-gallery

A
88

The ultimate video player & video gallery plugin for YouTubers, Video Bloggers, Course Creators, Podcasters, and anyone embedding videos on websites.

20K 11 CVEs
Wonder Video Embed

Wonder Video Embed

wonderplugin-video-embed

A
91

Embed MP4, Youtube, Vimeo, Wistia videos to the sidebar widget, WordPress posts and pages.

5K 2 CVEs
Video Gallery YouTube Vimeo

Video Gallery YouTube Vimeo

new-video-gallery

A
100

Create responsive YouTube and Vimeo video galleries with custom layouts, lightbox display, and easy shortcode embedding.

1K 1 CVE
WP Videos

WP Videos

video-sync-for-vimeo

A
92

WP Videos creates Video post types that you can easily add Vimeo, YouTube, WordPress, Shortcode or custom embed (third party) HTML and JS videos to.

100 No CVEs
VideoIgniter – Video Player

VideoIgniter – Video Player

videoigniter

A
100

VideoIgniter lets you create video playlists and embed them in your WordPress posts, pages or custom post types and serve your video content in style!

100 No CVEs
Developer Profile

SmartVideo – Video Player and CDN Developer Profile

JDAdmin

1 plugin · 1K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect SmartVideo – Video Player and CDN

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/smartvideo/includes/page-builders/elementor/css/swarmify-elementor.css
Version Parameters
smartvideo/style.css?ver=swarmify-elementor-css?ver=

HTML / DOM Fingerprints

CSS Classes
swarmify-elementor
FAQ

Frequently Asked Questions about SmartVideo – Video Player and CDN