Does Video Background have any unpatched vulnerabilities?

No. All known vulnerabilities in Video Background have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Video Background compatible with WordPress 6.5.8?

According to WordPress.org data, Video Background 2.7.7 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

How often is Video Background updated?

Video Background was last updated on May 7, 2024. Frequent updates are generally a positive security signal.

What is Video Background's security score?

Video Background has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Video Background Security & Risk Analysis

wordpress.org/plugins/video-background

Easily assign a video background to any element on your WordPress pages or posts. Now compatible with WPBakery (Visual Composer) and SiteOrigin Page B …

10K active installs v2.7.7 PHP + WP 4.5+ Updated May 7, 2024

page-buildersiteoriginvideo-backgroundvisual-composerwpbakery

A · Safe

CVEs total1

Unpatched0

Last CVEFeb 20, 2023

Plugin page Download

Safety Verdict

Is Video Background Safe to Use in 2026?

Generally Safe

Score 92/100

Video Background has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Feb 20, 2023Updated 1yr ago

Risk Assessment

The 'video-background' plugin v2.7.7 exhibits a mixed security posture. While it demonstrates good practices in SQL query handling and file operations, significant concerns arise from its attack surface and lack of robust input validation. The presence of an unprotected AJAX handler is a critical vulnerability, allowing unauthenticated users to potentially trigger actions within the plugin, which could lead to unauthorized operations or information disclosure. The absence of nonce checks on this handler further exacerbates this risk. The plugin's history includes a past medium-severity Cross-Site Scripting (XSS) vulnerability, indicating a potential recurring weakness in how user input is handled. Although this specific CVE is patched, it highlights a pattern of past security flaws that warrants caution. Overall, the plugin has strengths in secure database interactions but is weakened by its exposed entry points and past vulnerability history, necessitating careful monitoring and user awareness.

Key Concerns

Unprotected AJAX handler
Missing nonce checks on AJAX handler
Past medium severity CVE
Moderate output escaping issues

Vulnerabilities

Video Background Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2022-4652medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Video Background <= 2.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Feb 20, 2023 Patched in 2.7.4 (337d)

Code Analysis

Analyzed Mar 16, 2026

Video Background Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

75% escaped12 total outputs

Attack Surface

1 unprotected

Video Background Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 1

authwp_ajax_vidbg_dismiss_premium_noticeadmin_premium_notice.php:30

Shortcodes 1

[vidbg] candide-vidbg.php:513

WordPress Hooks 16

actionadmin_noticesadmin_premium_notice.php:18

actionin_plugin_update_message-video-background/candide-vidbg.phpcandide-vidbg.php:53

actionafter_setup_themecandide-vidbg.php:106

actionafter_setup_themecandide-vidbg.php:118

actionplugins_loadedcandide-vidbg.php:131

actionadmin_enqueue_scriptscandide-vidbg.php:153

actionwp_enqueue_scriptscandide-vidbg.php:171

filtercmb2_localized_datacandide-vidbg.php:184

actioncmb2_admin_initcandide-vidbg.php:391

actionwp_footercandide-vidbg.php:451

actionadmin_menucandide-vidbg.php:531

filtercmb2_render_vidbg_sliderinc\classes\cmb2_field_slider.php:5

filtersiteorigin_panels_row_style_fieldsinc\classes\vidbg_siteorigin.php:41

filtersiteorigin_panels_row_style_groupsinc\classes\vidbg_siteorigin.php:42

filtersiteorigin_panels_before_rowinc\classes\vidbg_siteorigin.php:43

actionvc_before_initinc\classes\vidbg_wpbakery.php:41

Maintenance & Trust

Video Background Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedMay 7, 2024

PHP min version

Downloads269K

Community Trust

Rating90/100

Number of ratings63

Active installs10K

Alternatives

Video Background Alternatives

Mega Addons For WPBakery Page Builder

mega-addons-for-visual-composer

34+ Addons WPBakery extension, Beautifully designed unique elements, Includes Premium quality addons For WPBakery Page Builder.

30K 2 unpatched

Video Backgrounds for SiteOrigin Page Builder

video-backgrounds-for-siteorigin-page-builder

Add self-hosted background videos to your SiteOrigin Page Builder rows, with optional coloured or patterned overlays. Built and maintained by BG Stock …

2K No CVEs

Innovs WPBakery Visual Composer WHMCS Elements

void-visual-whmcs-element

🚀 This WordPress Plugin seamlessly integrates various WPBakery Page Builder widgets with WHMCS, the leading solution for hosting companies to bill and …

2K 2 unpatched

Post Slider For WPBakery Page Builder

post-carousel-slider-for-visual-composer

Drag & touch Post Carousel anything at any position (row / column) in VC

1K No CVEs

Pricing Table For WPBakery Page Builder

price-table-for-wpbakery-page-builder

Add Stylish, Unique and Fully Customizable Price table to your site. A unique Pricing Tables to suit your needs.

600 No CVEs

Developer Profile

Video Background Developer Profile

pushlabs

3 plugins · 10K total installs

trust score

Avg Security Score

87/100

Avg Patch Time

337 days

View full developer profile

Detection Fingerprints

How We Detect Video Background

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/video-background/css/vidbg-style.css/wp-content/plugins/video-background/js/vidbg-backend.js/wp-content/plugins/video-background/js/vidbg.min.js/wp-content/plugins/video-background/css/pushlabs-vidbg.css

Script Paths

/wp-content/plugins/video-background/js/vidbg-backend.js/wp-content/plugins/video-background/js/vidbg.min.js

Version Parameters

video-background/css/vidbg-style.css?ver=video-background/js/vidbg-backend.js?ver=video-background/js/vidbg.min.js?ver=video-background/css/pushlabs-vidbg.css?ver=

HTML / DOM Fingerprints

CSS Classes

vidbg-update-messagevidbg-inline-css

HTML Comments

Data Attributes

data-vidbg-settings

JS Globals

vidbg_localized_text

Shortcode Output

[vidbg]

FAQ