Does Video Playlist For YouTube have any unpatched vulnerabilities?

Yes — Video Playlist For YouTube currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Video Playlist For YouTube compatible with WordPress 6.8.5?

According to WordPress.org data, Video Playlist For YouTube 6.7.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Video Playlist For YouTube compatible with PHP 7.4+?

Video Playlist For YouTube requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Video Playlist For YouTube updated?

Video Playlist For YouTube was last updated on Aug 21, 2025. Frequent updates are generally a positive security signal.

What is Video Playlist For YouTube's security score?

Video Playlist For YouTube has a WP-Safety security score of 77/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Video Playlist For YouTube Security & Risk Analysis

wordpress.org/plugins/video-playlist-for-youtube

Video Playlist for Youtube is a very nifty responsive video gallery plugin that helps you put videos and playlist wherever you need.

1K active installs v6.7.1 PHP 7.4+ WP 4.9+ Updated Aug 21, 2025

video-galleryvideosyoutube-galleryyoutube-slideryoutube-video

B · Generally Safe

CVEs total2

Unpatched1

Last CVEApr 4, 2025

Plugin page Download

Safety Verdict

Is Video Playlist For YouTube Safe to Use in 2026?

Mostly Safe

Score 77/100

Video Playlist For YouTube is generally safe to use. 2 past CVEs were resolved. Keep it updated.

2 known CVEs 1 unpatched Last CVE: Apr 4, 2025Updated 7mo ago

Risk Assessment

The "video-playlist-for-youtube" plugin v6.7.1 exhibits a mixed security posture. On the positive side, static analysis reveals strong adherence to secure coding practices, with 100% of SQL queries using prepared statements and all identified output being properly escaped. The plugin also implements nonce and capability checks on its entry points, and the attack surface appears to be well-secured at first glance. However, the existence of known vulnerabilities, particularly an unpatched medium severity CVE, is a significant concern. The history of Cross-Site Scripting and CSRF vulnerabilities suggests a pattern where user-supplied data might not always be handled with sufficient sanitization or validation, even if current static analysis doesn't flag immediate critical issues. The presence of external HTTP requests also introduces a potential vector for supply chain attacks if those endpoints are compromised. While the current codebase appears robust in terms of immediate static flaws, the past vulnerability history and the unpatched CVE necessitate caution.

Key Concerns

Unpatched medium severity CVE
Vulnerability history includes XSS and CSRF
Two external HTTP requests present

Vulnerabilities

Video Playlist For YouTube Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2025-32183medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Video Playlist For YouTube <= 6.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

Apr 4, 2025Unpatched

CVE-2023-45653medium · 4.3Cross-Site Request Forgery (CSRF)

Video Playlist For YouTube <= 6.1 - Cross-Site Request Forgery

Oct 12, 2023 Patched in 6.2 (166d)

Code Analysis

Analyzed Mar 16, 2026

Video Playlist For YouTube Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

95 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped95 total outputs

Data Flows

All sanitized

Data Flow Analysis

4 flows

vpfytGetYoutubeDuration (video-playlist-ytb-plugin.php:444)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Video Playlist For YouTube Attack Surface

Entry Points4

Unprotected0

AJAX Handlers 2

authwp_ajax_vpfytGetYoutubeDurationvideo-playlist-ytb-plugin.php:498

noprivwp_ajax_vpfytGetYoutubeDurationvideo-playlist-ytb-plugin.php:499

Shortcodes 2

[videoPlaylist] video-playlist-ytb-plugin.php:309

[channel4Youtube] vpfy-api-playlist-shortcode.php:4

WordPress Hooks 12

actionadmin_noticesvideo-playlist-ytb-plugin.php:50

actionadmin_menuvideo-playlist-ytb-plugin.php:53

actionadmin_initvideo-playlist-ytb-plugin.php:59

actioninitvideo-playlist-ytb-plugin.php:68

actionadmin_initvideo-playlist-ytb-plugin.php:121

actionadmin_initvideo-playlist-ytb-plugin.php:138

actionsave_postvideo-playlist-ytb-plugin.php:240

filtermanage_vid_playlist_ytub_posts_columnsvideo-playlist-ytb-plugin.php:403

actionmanage_vid_playlist_ytub_posts_custom_columnvideo-playlist-ytb-plugin.php:411

filterplugin_row_metavideo-playlist-ytb-plugin.php:517

actionadmin_enqueue_scriptsvpfy-vplaylist-functions.php:6

actionwp_enqueue_scriptsvpfy-vplaylist-functions.php:16

Maintenance & Trust

Video Playlist For YouTube Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 21, 2025

PHP min version7.4

Downloads20K

Community Trust

Rating94/100

Number of ratings6

Active installs1K

Alternatives

Video Playlist For YouTube Alternatives

Video Gallery – YouTube Playlist, Channel Gallery by YotuWP

yotuwp-easy-youtube-embed

Modern responsive YouTube video gallery helps your website getting noticed from visitors, increase the reach and stand out from the competitors.

20K 5 CVEs

FancyTube – Video Gallery, Video Slider, and Playlist Slider for YouTube

video-gallery-playlist

100

Create stunning YouTube video galleries, sliders, and playlists. Perfect for bloggers, vloggers, and businesses.

1K No CVEs

GS YouTube Gallery – Video Feed, Channel Playlist & YouTube Slider

gs-youtube-gallery

100

Create a Stunning & Responsive Video Gallery for Channel or Playlist Videos.

80 No CVEs

Vidplex – Ultimate Video Gallery Block for YouTube in Gutenberg

vidplex

100

YouTube gallery plugin for WordPress – display channel videos or with video link/URL in responsive sliders, galleries, and featured layouts.

10 No CVEs

All-in-One Video Gallery

all-in-one-video-gallery

The ultimate video player & video gallery plugin for YouTubers, Video Bloggers, Course Creators, Podcasters, and anyone embedding videos on websites.

20K 11 CVEs

Developer Profile

Video Playlist For YouTube Developer Profile

Galaxy Weblinks

40 plugins · 25K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

310 days

View full developer profile

Detection Fingerprints

How We Detect Video Playlist For YouTube

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/video-playlist-for-youtube/vpfy-vplay-admin.css/wp-content/plugins/video-playlist-for-youtube/vpfy-vplay-front.css/wp-content/plugins/video-playlist-for-youtube/vpfy-vplay-gallery-style.css/wp-content/plugins/video-playlist-for-youtube/vpfy-vplay-public.js/wp-content/plugins/video-playlist-for-youtube/vpfy-vplay-admin.js/wp-content/plugins/video-playlist-for-youtube/vpfy-vplay-repeatmeta.js

Script Paths

/wp-content/plugins/video-playlist-for-youtube/vpfy-vplay-repeatmeta.js

Version Parameters

video-playlist-for-youtube/vpfy-vplay-admin.css?ver=video-playlist-for-youtube/vpfy-vplay-front.css?ver=video-playlist-for-youtube/vpfy-vplay-gallery-style.css?ver=video-playlist-for-youtube/vpfy-vplay-public.js?ver=video-playlist-for-youtube/vpfy-vplay-admin.js?ver=video-playlist-for-youtube/vpfy-vplay-repeatmeta.js?ver=

HTML / DOM Fingerprints

CSS Classes

ytub-sortbledrgble-sectytubedraggable

Data Attributes

vpfy-vplay-gallery-for-shortcodevpfy-vplay-videogallery-setingsytube-vplay-gallery

JS Globals

vpfyt-vplay-repeatmetavpfy-vplay-adminstylevpfy-vplay-repeatmeta

REST Endpoints

/wp-json/wp/v2/vid_playlist_ytub

Shortcode Output

[videoPlaylist id=

FAQ