Does TubEntertain have any unpatched vulnerabilities?

No. All known vulnerabilities in TubEntertain have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is TubEntertain compatible with WordPress 4.4.34?

According to WordPress.org data, TubEntertain 2.0 has been tested up to WordPress 4.4.34. Check the plugin's changelog for the latest compatibility information.

How often is TubEntertain updated?

TubEntertain was last updated on Mar 6, 2016. Frequent updates are generally a positive security signal.

What is TubEntertain's security score?

TubEntertain has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

TubEntertain Security & Risk Analysis

wordpress.org/plugins/tubentertain

TubEntertain Is a Powerful wordpress Plugin That Let You Create a Video Gallery of Your YouTube Videos and Live Stream in your WordPress or Other We …

10 active installs v2.0 PHP + WP 3.0.1+ Updated Mar 6, 2016

advanced-youtubebulk-youtube-postschannelembed-videoembed-videos

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is TubEntertain Safe to Use in 2026?

Generally Safe

Score 85/100

TubEntertain has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The 'tubentertain' v2.0 plugin exhibits a concerning security posture due to significant weaknesses in input validation and authentication. The static analysis reveals two AJAX handlers that lack authentication checks, presenting a direct attack surface for potential unauthorized actions. Furthermore, the plugin's output escaping is notably poor, with only 25% of outputs being properly escaped, increasing the risk of cross-site scripting (XSS) vulnerabilities. The taint analysis, while not reporting critical or high severity flows, does indicate three flows with unsanitized paths, which, combined with the unescaped outputs, could lead to exploitable vulnerabilities. The complete absence of nonce and capability checks on critical entry points like AJAX handlers further exacerbates these risks. Despite a clean vulnerability history, this does not guarantee future security, and the current code analysis suggests a reactive rather than proactive security approach. The plugin's strengths lie in its minimal use of dangerous functions and the majority of its SQL queries utilizing prepared statements, but these are overshadowed by the identified weaknesses in authentication and output sanitization.

Key Concerns

AJAX handlers without auth checks
Low percentage of properly escaped output
Taint flows with unsanitized paths
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

TubEntertain Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

TubEntertain Code Analysis

Dangerous Functions

Raw SQL Queries

12 prepared

Unescaped Output

30 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

71% prepared17 total queries

Output Escaping

25% escaped121 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths

TubEntertainSettings (tubentertain.php:1324)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

TubEntertain Attack Surface

Entry Points3

Unprotected2

AJAX Handlers 2

noprivwp_ajax_TubReceiver_Sendtubentertain.php:3979

authwp_ajax_TubReceiver_Sendtubentertain.php:3981

Shortcodes 1

[tubentertain] tubentertain.php:2933

WordPress Hooks 9

actionplugins_loadedtubentertain.php:273

actionwp_enqueue_scriptstubentertain.php:1255

actionwp_enqueue_scriptstubentertain.php:1269

actionadmin_menutubentertain.php:1291

actionwp_enqueue_scriptstubentertain.php:1305

filterwp_headerstubentertain.php:1308

filterwidget_texttubentertain.php:2937

filterthe_excerpttubentertain.php:2939

filterthe_contenttubentertain.php:2941

Maintenance & Trust

TubEntertain Maintenance & Trust

Maintenance Signals

WordPress version tested4.4.34

Last updatedMar 6, 2016

PHP min version

Downloads3K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

TubEntertain Alternatives

Embed Videos For Product Image Gallery Using WooCommerce

woocommerce-embed-videos-to-product-image-gallery

100

Embed videos to product gallery along with images on product page of WooCommerce.

400 No CVEs

Faster YouTube Embed

faster-youtube-embed

100

Faster YouTube Embed enables you to insert YouTube videos to any page and post quickly and efficiently & you’ll have no hassle of slow YouTube vid …

100 No CVEs

Rio Video Gallery

rio-video-gallery

A powerful Video Gallery plugin that allows you to embed videos from YouTube, Vimeo and Dailymotion through categories. You can manage them through a …

100 1 unpatched

skiv video embedding

muse-ai

This plugin enables skiv.com oEmbed links, and adds shortcodes to easily embed videos hosted on skiv.com.

30 1 CVE

Feeds for YouTube (YouTube video, channel, and gallery plugin)

feeds-for-youtube

The Feeds for YouTube plugin allows you to display customizable YouTube feeds from any YouTube channel.

100K 4 CVEs

Developer Profile

TubEntertain Developer Profile

ShapCyber

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect TubEntertain

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Version Parameters

tubentertain/style.css?ver=tubentertain/js/main.js?ver=

HTML / DOM Fingerprints

CSS Classes

tubentertain-wrappertubentertain-playertubentertain-controlstubentertain-playlist-item

Data Attributes

data-tubentertain-channeldata-tubentertain-playlist-iddata-tubentertain-video-iddata-tubentertain-api-key

JS Globals

tubentertain_playertubentertain_playlist

Shortcode Output

[tubentertain

FAQ