WP-Safety

Subscriber Login for YouTube Security & Risk Analysis

wordpress.org/plugins/subscriber-login-for-youtube

Introduction

10 active installs v1.0.4 PHP 7.0+ WP 4.4+ Updated Feb 7, 2022
oauth2youtube-api-v3youtube-sign-in
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Subscriber Login for YouTube Safe to Use in 2026?

Generally Safe

Score 85/100

Subscriber Login for YouTube has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago
Risk Assessment

The 'subscriber-login-for-youtube' plugin, version 1.0.4, exhibits a generally positive security posture based on the provided static analysis. The absence of any reported CVEs and the use of prepared statements for all SQL queries are strong indicators of good development practices. Furthermore, the plugin demonstrates a relatively small attack surface with no directly exposed AJAX handlers, REST API routes, or shortcodes. However, several areas warrant attention. A significant portion of output (56%) is not properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is not handled carefully. Additionally, the presence of two taint flows with unsanitized paths, although not classified as critical or high severity, suggests potential for unexpected behavior or data leakage under certain conditions. The complete lack of nonce checks is a concern, especially given the external HTTP requests, as it could be exploited in cross-site request forgery (CSRF) attacks if those requests are triggered by user actions without proper validation.

Key Concerns

  • High percentage of unescaped output
  • Taint flows with unsanitized paths
  • No nonce checks
Vulnerabilities
None known

Subscriber Login for YouTube Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Subscriber Login for YouTube Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
18
14 escaped
Nonce Checks
0
Capability Checks
6
File Operations
0
External Requests
2
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

44% escaped32 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
editProfile (src\Site\User.php:198)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Subscriber Login for YouTube Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 14
actionadmin_menusrc\Admin\Setting.php:41
actionadmin_initsrc\Admin\Setting.php:49
actioninitsrc\Site\Plugin.php:70
actionadmin_initsrc\Site\Plugin.php:71
filterquery_varssrc\Site\Plugin.php:82
filterpre_get_avatar_datasrc\Site\Plugin.php:83
filterlogin_messagesrc\Site\Plugin.php:84
actioninitsrc\Site\Plugin.php:87
actionlogin_enqueue_scriptssrc\Site\Plugin.php:88
actiondelete_usersrc\Site\Plugin.php:89
actionshow_user_profilesrc\Site\Plugin.php:90
actionedit_user_profilesrc\Site\Plugin.php:91
actionadmin_noticessubscriber-login-for-youtube.php:43
actionadmin_noticessubscriber-login-for-youtube.php:45
Maintenance & Trust

Subscriber Login for YouTube Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13
Last updatedFeb 7, 2022
PHP min version7.0
Downloads1K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

Subscriber Login for YouTube Alternatives

OpenID Connect Generic Client

OpenID Connect Generic Client

daggerhart-openid-connect-generic

A
98

A simple client that provides SSO or opt-in authentication against a generic OAuth2 Server implementation.

10K 2 CVEs
WP OAuth Server (OAuth Authentication)

WP OAuth Server (OAuth Authentication)

oauth2-provider

A
92

Adds Authentication through OAuth 2. Provides the ability for Single Sign On for websites & Mobile Applications.

3K 7 CVEs
WP OAuth Server ( Login with WordPress )

WP OAuth Server ( Login with WordPress )

miniorange-oauth-20-server

A
98

Single Sign-On using WordPress - Login with WordPress to your application/sites using your WordPress account. [24/7 Support]

900 1 CVE
OAuth client Single Sign On for WordPress ( OAuth 2.0 SSO )

OAuth client Single Sign On for WordPress ( OAuth 2.0 SSO )

oauth-client-for-user-authentication

B
83

WordPress OAuth client SSO ( OAuth 2.0 & OpenID SSO ) plugin allows login ( Single Sign On ) with your OAuth Servers like AWS Cognito, Amazon, Az …

200 2 CVEs
[凹凸曼]一键微信登录

[凹凸曼]一键微信登录

apoyl-weixin

A
100

这是一款实现微信互联一键登录网站,让用户不在繁琐去注册用户,一键实现微信登录,可以让电脑版网站扫描登录和手机微信登录,多个公众号,甚至以后需要移动APP应用微信登录,统一用户账号的需求,极大的方便用户登录网站.

20 No CVEs
Developer Profile

Subscriber Login for YouTube Developer Profile

LCMAquino

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Subscriber Login for YouTube

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/subscriber-login-for-youtube/resources/css/style_admin.css

HTML / DOM Fingerprints

CSS Classes
settings_row
Data Attributes
label_for
FAQ

Frequently Asked Questions about Subscriber Login for YouTube