WP-Safety

Super Video player – Fully Customizable Video Player with Playlist Security & Risk Analysis

wordpress.org/plugins/super-video-player

Improve WordPress user experience with Super Video Player plugin. Self-hosted, supports mp4/OGG, captions, and subtitle for engagement.

2K active installs v1.8.8 PHP 7.1+ WP 5.2+ Updated Mar 11, 2026
mp4-playerplyrsuper-video-playervideovideo-player
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Super Video player – Fully Customizable Video Player with Playlist Safe to Use in 2026?

Generally Safe

Score 100/100

Super Video player – Fully Customizable Video Player with Playlist has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 23d ago
Risk Assessment

The "super-video-player" plugin v1.8.8 exhibits a generally good security posture based on the provided static analysis and vulnerability history. The absence of known CVEs and the strong emphasis on prepared statements for SQL queries and nonces for AJAX handlers are positive indicators. The plugin also demonstrates good practices with a significant portion of its output being properly escaped and no file operations or external HTTP requests being detected.

However, a notable concern arises from the output escaping metrics, where 71% of outputs are properly escaped, implying that 29% of outputs are not. While the taint analysis found no unsanitized paths or critical/high severity issues, this lack of complete output escaping could still lead to potential Cross-Site Scripting (XSS) vulnerabilities if malicious input is not properly handled before rendering. The presence of a bundled library, Freemius v1.0, also warrants attention; while not explicitly flagged as outdated, keeping bundled libraries updated is crucial for patching any underlying vulnerabilities.

Overall, the plugin's security is bolstered by its clean vulnerability history and robust use of WordPress security features. The primary area for improvement lies in ensuring 100% of output is properly escaped to mitigate XSS risks. The bundled library should also be monitored for updates. The low number of entry points and the lack of critical findings in taint analysis suggest a responsible development approach, but diligence regarding output sanitization remains important.

Key Concerns

  • 29% of outputs not properly escaped
  • Bundled Freemius v1.0 library
Vulnerabilities
None known

Super Video player – Fully Customizable Video Player with Playlist Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Super Video player – Fully Customizable Video Player with Playlist Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
230
561 escaped
Nonce Checks
12
Capability Checks
4
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Freemius1.0

SQL Query Safety

100% prepared2 total queries

Output Escaping

71% escaped791 total outputs
Data Flows
All sanitized

Data Flow Analysis

3 flows
csf_export (admin\codestar-framework\functions\actions.php:62)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Super Video player – Fully Customizable Video Player with Playlist Attack Surface

Entry Points7
Unprotected0

AJAX Handlers 5

authwp_ajax_csf-get-iconsadmin\codestar-framework\functions\actions.php:50
authwp_ajax_csf-exportadmin\codestar-framework\functions\actions.php:87
authwp_ajax_csf-importadmin\codestar-framework\functions\actions.php:123
authwp_ajax_csf-resetadmin\codestar-framework\functions\actions.php:150
authwp_ajax_csf-chosenadmin\codestar-framework\functions\actions.php:189

Shortcodes 2

[vplayer] inc\shortcode-free copy.php:106
[vplayer] inc\shortcode-free.php:31
WordPress Hooks 70
actioninitadmin\blocks\init.php:3
actionwp_enqueue_scriptsadmin\blocks\init.php:65
actionwp_enqueue_scriptsadmin\codestar-framework\classes\abstract.class.php:20
actionadmin_menuadmin\codestar-framework\classes\admin-options.class.php:107
actionadmin_bar_menuadmin\codestar-framework\classes\admin-options.class.php:108
actionnetwork_admin_menuadmin\codestar-framework\classes\admin-options.class.php:112
filteradmin_footer_textadmin\codestar-framework\classes\admin-options.class.php:432
actionadd_meta_boxes_commentadmin\codestar-framework\classes\comment-options.class.php:38
actionedit_commentadmin\codestar-framework\classes\comment-options.class.php:39
actioncustomize_registeradmin\codestar-framework\classes\customize-options.class.php:44
actioncustomize_save_afteradmin\codestar-framework\classes\customize-options.class.php:45
actionwp_enqueue_scriptsadmin\codestar-framework\classes\customize-options.class.php:49
actionadd_meta_boxesadmin\codestar-framework\classes\metabox-options.class.php:52
actionsave_postadmin\codestar-framework\classes\metabox-options.class.php:53
actionedit_attachmentadmin\codestar-framework\classes\metabox-options.class.php:54
actionwp_nav_menu_item_custom_fieldsadmin\codestar-framework\classes\nav-menu-options.class.php:32
actionwp_update_nav_menu_itemadmin\codestar-framework\classes\nav-menu-options.class.php:33
filterwp_edit_nav_menu_walkeradmin\codestar-framework\classes\nav-menu-options.class.php:35
actionadmin_initadmin\codestar-framework\classes\profile-options.class.php:32
actionshow_user_profileadmin\codestar-framework\classes\profile-options.class.php:44
actionedit_user_profileadmin\codestar-framework\classes\profile-options.class.php:45
actionpersonal_options_updateadmin\codestar-framework\classes\profile-options.class.php:47
actionedit_user_profile_updateadmin\codestar-framework\classes\profile-options.class.php:48
actionafter_setup_themeadmin\codestar-framework\classes\setup.class.php:73
actioninitadmin\codestar-framework\classes\setup.class.php:74
actionswitch_themeadmin\codestar-framework\classes\setup.class.php:75
actionadmin_enqueue_scriptsadmin\codestar-framework\classes\setup.class.php:76
actionwp_enqueue_scriptsadmin\codestar-framework\classes\setup.class.php:77
actionwp_headadmin\codestar-framework\classes\setup.class.php:78
filteradmin_body_classadmin\codestar-framework\classes\setup.class.php:79
actionadmin_footeradmin\codestar-framework\classes\shortcode-options.class.php:47
actioncustomize_controls_print_footer_scriptsadmin\codestar-framework\classes\shortcode-options.class.php:48
actionelementor/editor/before_enqueue_scriptsadmin\codestar-framework\classes\shortcode-options.class.php:59
actionelementor/editor/footeradmin\codestar-framework\classes\shortcode-options.class.php:60
actionelementor/editor/footeradmin\codestar-framework\classes\shortcode-options.class.php:61
actionenqueue_block_editor_assetsadmin\codestar-framework\classes\shortcode-options.class.php:258
actionmedia_buttonsadmin\codestar-framework\classes\shortcode-options.class.php:262
actionadmin_initadmin\codestar-framework\classes\taxonomy-options.class.php:41
actionadmin_footeradmin\codestar-framework\fields\icon\icon.php:41
actioncustomize_controls_print_footer_scriptsadmin\codestar-framework\fields\icon\icon.php:42
actionadmin_print_footer_scriptsadmin\codestar-framework\fields\link\link.php:65
actionprint_default_editor_scriptsadmin\codestar-framework\fields\wp_editor\wp_editor.php:62
actionadmin_menuadmin\codestar-framework\views\welcome.php:19
filterplugin_action_linksadmin\codestar-framework\views\welcome.php:20
filterplugin_row_metaadmin\codestar-framework\views\welcome.php:21
actionadmin_enqueue_scriptsadmin\inc\help-usages.php:12
actionadmin_menuadmin\inc\help-usages.php:15
actionadmin_enqueue_scriptsadmin\inc\metabox-free.php:636
filtercsf_sc__saveadmin\inc\metabox-free.php:677
actionadmin_enqueue_scriptsinc\Dashboard.php:6
actioninitinc\Init.php:12
actionwoocommerce_after_register_post_typeinc\Init.php:13
actioninitinc\Init.php:29
actionadmin_enqueue_scriptsinc\Model\EnqueueAssets.php:8
actionwp_enqueue_scriptsinc\Model\EnqueueAssets.php:9
actioninitinc\PostType\SVPPlayer.php:9
actionadmin_menuinc\PostType\SVPPlayer.php:12
filterpost_row_actionsinc\PostType\SVPPlayer.php:14
filtergettextinc\PostType\SVPPlayer.php:15
filterpost_updated_messagesinc\PostType\SVPPlayer.php:17
actionedit_form_after_titleinc\PostType\SVPPlayer.php:18
filteradmin_footer_textinc\PostType\SVPPlayer.php:19
filtermanage_svplayer_posts_columnsinc\PostType\SVPPlayer.php:20
actionmanage_svplayer_posts_custom_columninc\PostType\SVPPlayer.php:21
actionadmin_head-post.phpinc\PostType\SVPPlayer.php:24
actionadmin_head-post-new.phpinc\PostType\SVPPlayer.php:25
actionadmin_enqueue_scriptsinc\PostType\SVPPlayer.php:27
actioninitsuper-video-player.php:63
actionenqueue_block_assetsvideo-player-block.php:8
actioninitvideo-player-block.php:9
Maintenance & Trust

Super Video player – Fully Customizable Video Player with Playlist Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedMar 11, 2026
PHP min version7.1
Downloads87K

Community Trust

Rating82/100
Number of ratings31
Active installs2K
Alternatives

Super Video player – Fully Customizable Video Player with Playlist Alternatives

HTML5 Video Player – Embed and Play Videos in Custom Player

HTML5 Video Player – Embed and Play Videos in Custom Player

html5-video-player

A
94

HTML5 Video Player Plugin lets you embed responsive videos in WordPress. It’s easy to use, fast, and supports MP4, WebM, OGG, FLV, Youtube and Vimeo.

20K 8 CVEs
YT Player – Embed and Customize Video Players

YT Player – Embed and Customize Video Players

yt-player

A
100

A modern, accessible, fully customizable & user-friendly YouTube Video Player for WordPress.

1K 1 CVE
HTML5 Video Player with Playlist

HTML5 Video Player with Playlist

html5-video-player-with-playlist

D
42

Allows Wordpress users to easily use HTML5 < video > the element enable native video playback within the browser. It supports Android, iOS/iPad/ &hellip;

50 2 unpatched
dPlayer – Video Player for WordPress

dPlayer – Video Player for WordPress

dplayer

A
92

A nice video player plugin. This video player support various video file type, It support logo overlay and call to action button on the video player.

40 No CVEs
IV Player

IV Player

ivplayer

A
85

IV Player is an interactive video player, if you are a teacher/educator/guru who wants to provide video content to your students/learners, then IV Pla &hellip;

10 No CVEs
Developer Profile

Super Video player – Fully Customizable Video Player with Playlist Developer Profile

colorlibplugins

120 plugins · 738K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
140 days
View full developer profile
Detection Fingerprints

How We Detect Super Video player – Fully Customizable Video Player with Playlist

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/super-video-player/blocks/dist/blocks.style.build.css/wp-content/plugins/super-video-player/blocks/dist/blocks.editor.build.css/wp-content/plugins/super-video-player/blocks/block-script.js
Script Paths
/wp-content/plugins/super-video-player/blocks/dist/blocks.build.js
Version Parameters
super-video-player/style.css?ver=super-video-player/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
svp_block_free_existing
Data Attributes
data-type="svp/free"
JS Globals
cgbGlobal
Shortcode Output
[vplayer id=
FAQ

Frequently Asked Questions about Super Video player – Fully Customizable Video Player with Playlist