Does Video Callout have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Video Callout compatible with WordPress 6.9.4?

According to WordPress.org data, Video Callout 1.4.1.17818 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Video Callout compatible with PHP 7.2+?

Video Callout requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Video Callout updated?

Video Callout was last updated on Mar 2, 2026. Frequent updates are generally a positive security signal.

What is Video Callout's security score?

Video Callout has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Video Callout Security & Risk Analysis

wordpress.org/plugins/video-callout

Add a video popup to your posts with an optional delay and display frequency. Fully customisable window with modal option.

50 active installs v1.4.1.17818 PHP 7.2+ WP 5.8+ Updated Mar 2, 2026

google-drivepopupvideovimeoyoutube

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Video Callout Safe to Use in 2026?

Generally Safe

Score 100/100

Video Callout has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The static analysis of the 'video-callout' plugin v1.4.1.17818 indicates a strong security posture, with no critical findings in attack surface, dangerous functions, SQL injection vectors, or taint analysis. The plugin demonstrates good security practices by utilizing prepared statements for all SQL queries and properly escaping the vast majority of its outputs (98%). The presence of nonce and capability checks further bolsters its defenses against common web vulnerabilities.

However, the complete absence of documented vulnerabilities and CVEs, while generally positive, could also be interpreted as a lack of rigorous security auditing or a limited attack surface that hasn't attracted malicious attention. While the current code analysis reveals no immediate threats, the plugin's limited entry points (0 total) and lack of recorded vulnerability history mean there's less external validation of its security robustness.

Overall, the plugin appears to be well-developed from a security perspective based on the provided static analysis. The strengths lie in its clean code, adherence to prepared statements, and good output escaping. The primary area for caution is the lack of historical vulnerability data, which, in the absence of active security testing, leaves a small degree of uncertainty. Despite this, the current code signals are overwhelmingly positive.

Key Concerns

Lack of documented vulnerability history

Vulnerabilities

None known

Video Callout Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Video Callout Release Timeline

v1.4.1.17818Current

v1.4.1.17817

v1.4.0.17816

v1.3.0.14760

v1.2.9.14334

v1.2.9.14327

v1.2.9.14310

v1.2.9

v1.2.8

v1.2.7

v1.2.6

v1.2.5

v1.2.4

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.1.9

v1.1.8

v1.1.7

Code Analysis

Analyzed Apr 16, 2026

Video Callout Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

227 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

98% escaped232 total outputs

Attack Surface

Video Callout Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 14

actionadmin_menuclasses/video-callout-admin.php:35

actionadmin_initclasses/video-callout-admin.php:47

actionwp_dashboard_setupclasses/video-callout-admin.php:50

filterplugin_row_metaclasses/video-callout-admin.php:52

actionadmin_enqueue_scriptsclasses/video-callout-admin.php:53

actioninitclasses/video-callout-admin.php:56

actionsave_postclasses/video-callout-admin.php:147

actionadd_meta_boxesclasses/video-callout-admin.php:153

actionenqueue_block_editor_assetsclasses/video-callout-admin.php:158

actionadmin_footerclasses/video-callout-admin.php:1032

actionwp_footerclasses/video-callout.php:33

filterwe_video_popup_htmlclasses/video-callout.php:36

actionwp_enqueue_scriptsclasses/video-callout.php:39

actionadmin_enqueue_scriptsclasses/video-callout.php:42

Maintenance & Trust

Video Callout Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 2, 2026

PHP min version7.2

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs50

Alternatives

Video Callout Alternatives

WP Video Popup – WordPress Video Lightbox for YouTube, Rumble & Vimeo

responsive-youtube-vimeo-popup

100

WP Video Popup lets you add a responsive YouTube, Rumble or Vimeo video lightbox to any page, post or custom post type of your website.

9K No CVEs

Video gallery and Player

html5-videogallery-plus-player

100

Easy to add and display your HTML5, YouTube, Vimeo vedio gallery with Magnific Popup to your website. Also work with Gutenberg shortcode block.

1K No CVEs

Video Popup for Elementor – WPTD

wptd-video-popup

Simple video popup plugin for elementor. You can make video lightbox popup in elementor. YouTube, Vimeo videos are supported.

1K No CVEs

Video Lightbox for YouTube/Vimeo

youtubefancybox

Embed YouTube/Vimeo videos in a lightbox popup. Easily create thumbnails and customize playback settings. Supports both platforms and is compatible wi …

100 No CVEs

Responsive Popup for YouTube & Vimeo

vk-popup-for-youtube-and-video

This plugin generates a hyperlink through the shortcode. When that link is clicked, the given video (depends upon configuration) will be displayed in …

0 No CVEs

Developer Profile

Video Callout Developer Profile

Web Engineer

2 plugins · 90 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Video Callout

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/video-callout/classes/../../assets/css/video-callout.css/wp-content/plugins/video-callout/classes/../../assets/js/video-callout.js/wp-content/plugins/video-callout/classes/../../assets/js/video-callout-backend.js

Script Paths

/wp-content/plugins/video-callout/classes/../../assets/js/video-callout.js/wp-content/plugins/video-callout/classes/../../assets/js/video-callout-backend.js

Version Parameters

video-callout/assets/css/video-callout.css?ver=video-callout/assets/js/video-callout.js?ver=video-callout/assets/js/video-callout-backend.js?ver=

HTML / DOM Fingerprints

CSS Classes

wp-block-webengine-limited-video-callout

HTML Comments

Dashboard template.

Data Attributes

data-video-callout-iddata-video-callout-typedata-video-callout-modal-sizedata-video-callout-modal-widthdata-video-callout-modal-heightdata-video-callout-modal-position+11 more

JS Globals

wevp_player_settingsWebEngineLimitedVideoCallout

Shortcode Output

[video-callout

FAQ