Does Video Gallery for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Video Gallery for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Video Gallery for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Video Gallery for WooCommerce 2.5 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Video Gallery for WooCommerce compatible with PHP 7.4+?

Video Gallery for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Video Gallery for WooCommerce updated?

Video Gallery for WooCommerce was last updated on Mar 12, 2026. Frequent updates are generally a positive security signal.

What is Video Gallery for WooCommerce's security score?

Video Gallery for WooCommerce has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Video Gallery for WooCommerce Security & Risk Analysis

wordpress.org/plugins/video-wc-gallery

Video Gallery for WooCommerce: Add WordPress library videos to product pages with customization. Requires WooCommerce activation.

3K active installs v2.5 PHP 7.4+ WP 5.3+ Updated Mar 12, 2026

for-woocommerceproduct-pageproduct-videovideo-galleryvideo-player

A · Safe

CVEs total1

Unpatched0

Last CVENov 5, 2024

Plugin page Download

Safety Verdict

Is Video Gallery for WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

Video Gallery for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Nov 5, 2024Updated 22d ago

Risk Assessment

The "video-wc-gallery" v2.5 plugin exhibits a mixed security posture. While it demonstrates good practices in several areas, such as using prepared statements for all SQL queries and having a reasonable number of nonces and capability checks, significant concerns remain. The presence of one unprotected AJAX handler represents a direct avenue for potential unauthorized actions. The historical vulnerability data, while showing no currently unpatched issues, indicates a past medium-severity vulnerability likely related to missing authorization, which aligns with the static analysis finding of an unprotected AJAX endpoint. This pattern suggests a recurring need for more robust access control mechanisms. Overall, the plugin has strengths in data handling, but its attack surface management, specifically regarding AJAX endpoints, requires immediate attention to mitigate risks.

Key Concerns

Unprotected AJAX handler
Medium severity vulnerability history
Output escaping not fully implemented

Vulnerabilities

Video Gallery for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-10535medium · 5.3Missing Authorization

Video Gallery for WooCommerce <= 1.31 - Missing Authorization to Unauthenticated Limited File Deletion

Nov 5, 2024 Patched in 1.32 (1d)

Code Analysis

Analyzed Mar 16, 2026

Video Gallery for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

256 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared4 total queries

Output Escaping

76% escaped338 total outputs

Attack Surface

1 unprotected

Video Gallery for WooCommerce Attack Surface

Entry Points4

Unprotected1

AJAX Handlers 4

authwp_ajax_vwg_delete_videos_by_product_idadmin\admin-ui-setup.php:1072

authwp_ajax_remove_unused_thumbnailsadmin\admin-ui-setup.php:1133

noprivwp_ajax_remove_unused_thumbnailsadmin\admin-ui-setup.php:1134

authwp_ajax_dismiss_monthly_noticeadmin\basic-setup.php:244

WordPress Hooks 45

actionadmin_enqueue_scriptsadmin\admin-ui-setup.php:95

actionadmin_initadmin\admin-ui-setup.php:145

actionadmin_initadmin\admin-ui-setup.php:914

filterwc_help_tipadmin\admin-ui-setup.php:1157

filtermanage_edit-product_columnsadmin\admin-ui-setup.php:1178

actionmanage_product_posts_custom_columnadmin\admin-ui-setup.php:1200

actionadmin_headadmin\admin-ui-setup.php:1219

actionmanage_posts_extra_tablenavadmin\admin-ui-setup.php:1244

actionadmin_head-edit.phpadmin\admin-ui-setup.php:1265

actionplugins_loadedadmin\basic-setup.php:56

actionadmin_menuadmin\basic-setup.php:107

actionadmin_menuadmin\basic-setup.php:125

filterplugin_row_metaadmin\basic-setup.php:159

filteradmin_footer_textadmin\basic-setup.php:179

actionadmin_initadmin\basic-setup.php:197

actionvwg_monthly_admin_noticeadmin\basic-setup.php:204

actionadmin_noticesadmin\basic-setup.php:236

actionwp_enqueue_scriptsfunctions\do.php:37

filterwoocommerce_product_data_tabsfunctions\do.php:52

actionwoocommerce_product_data_panelsfunctions\do.php:170

actionwoocommerce_process_product_metafunctions\do.php:250

actionadmin_footer-post.phpfunctions\do.php:1047

actionadmin_footer-post-new.phpfunctions\do.php:1048

actionwp_footerfunctions\do.php:1705

actionvwg_woocommerce_product_thumbnails_first_showfunctions\do.php:1780

actionvwg_woocommerce_product_thumbnails_first_show_flatsome_themefunctions\do.php:1782

actionwoocommerce_product_thumbnailsfunctions\do.php:1785

actionwp_enqueue_scriptsfunctions\do.php:1862

filterrender_block_woocommerce/product-galleryfunctions\product-gallery-block.php:171

filterrender_block_woocommerce/product-gallery-large-imagefunctions\product-gallery-block.php:271

filterrender_block_woocommerce/product-gallery-thumbnailsfunctions\product-gallery-block.php:395

actionwp_enqueue_scriptsfunctions\product-gallery-block.php:586

filterwc_get_templatefunctions\theme-supports.php:68

filterwc_get_template_partfunctions\theme-supports.php:89

filterblocksy:woocommerce:product-view:use-defaultfunctions\theme-supports.php:125

filterblocksy:woocommerce:product-view:contentfunctions\theme-supports.php:157

actionadmin_initupdate.php:94

actionwp_loadedupdate.php:95

actionadmin_noticesupdate.php:115

actionadmin_initvideo-wc-gallery.php:45

actionadmin_initvideo-wc-gallery.php:58

actionadmin_initvideo-wc-gallery.php:82

actionadmin_noticesvideo-wc-gallery.php:97

actionadmin_noticesvideo-wc-gallery.php:112

actionwp_enqueue_scriptsvideo-wc-gallery.php:140

Scheduled Events 1

vwg_monthly_admin_notice

Maintenance & Trust

Video Gallery for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 12, 2026

PHP min version7.4

Downloads36K

Community Trust

Rating100/100

Number of ratings36

Active installs3K

Alternatives

Video Gallery for WooCommerce Alternatives

All-in-One Video Gallery

all-in-one-video-gallery

The ultimate video player & video gallery plugin for YouTubers, Video Bloggers, Course Creators, Podcasters, and anyone embedding videos on websites.

20K 11 CVEs

Videopack

video-embed-thumbnail-generator

Makes video thumbnails, allows resolution switching, and embeds responsive self-hosted videos and galleries.

10K 4 CVEs

Video Gallery YouTube Vimeo

new-video-gallery

Create responsive YouTube and Vimeo video galleries with custom layouts, lightbox display, and easy shortcode embedding.

1K 1 CVE

Product Image and Video Gallery Slider for WooCommerce

product-gallery-slider-for-wc

100

Beautiful image and video gallery slider for WooCommerce products.

600 No CVEs

ReelsWp – Shoppable Videos & Vertical Reels Carousels

ecomm-reels

100

Add user-generated videos or images to your website to give customers a better look at products and shop directly from the videos or images.

100 No CVEs

Developer Profile

Video Gallery for WooCommerce Developer Profile

Nitramix

1 plugin · 3K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

1 days

View full developer profile

Detection Fingerprints

How We Detect Video Gallery for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/video-wc-gallery/includes/css/admin/admin.css/wp-content/plugins/video-wc-gallery/includes/fontawesome_v6-6-0/css/all.css/wp-content/plugins/video-wc-gallery/includes/js/vwg-admin.js/wp-content/plugins/video-wc-gallery/includes/css/admin/pricing-modal.css/wp-content/plugins/video-wc-gallery/includes/video-js/video-js.min.js/wp-content/plugins/video-wc-gallery/includes/sweetalert2/sweetalert2.all.min.js/wp-content/plugins/video-wc-gallery/includes/js/vwg-pricing.js

Script Paths

includes/js/vwg-admin.jsincludes/video-js/video-js.min.jsincludes/sweetalert2/sweetalert2.all.min.jsincludes/js/vwg-pricing.js

Version Parameters

video-wc-gallery/includes/css/admin/admin.css?ver=video-wc-gallery/includes/fontawesome_v6-6-0/css/all.css?ver=video-wc-gallery/includes/js/vwg-admin.js?ver=video-wc-gallery/includes/css/admin/pricing-modal.css?ver=video-wc-gallery/includes/video-js/video-js.min.js?ver=video-wc-gallery/includes/sweetalert2/sweetalert2.all.min.js?ver=video-wc-gallery/includes/js/vwg-pricing.js?ver=

HTML / DOM Fingerprints

CSS Classes

vwg-admin-cssvwg_fontawesomevwg-admin-pricing-cssvwg-admin

HTML Comments

Admin setup for the pluginEnqueue Admin CSS and JSif settings page VWG pluginTranslate array for JS vwg-admin

Data Attributes

data-id="vwg-admin-notice"

JS Globals

vwg_variable_objvwg_adminPagevwg_pro_adminPage

FAQ