Does Featured Video for WordPress – VideographyWP have any unpatched vulnerabilities?

No. All known vulnerabilities in Featured Video for WordPress – VideographyWP have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Featured Video for WordPress – VideographyWP compatible with WordPress 6.9.4?

According to WordPress.org data, Featured Video for WordPress – VideographyWP 1.0.20 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Featured Video for WordPress – VideographyWP compatible with PHP 7.4+?

Featured Video for WordPress – VideographyWP requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Featured Video for WordPress – VideographyWP updated?

Featured Video for WordPress – VideographyWP was last updated on Dec 5, 2025. Frequent updates are generally a positive security signal.

What is Featured Video for WordPress – VideographyWP's security score?

Featured Video for WordPress – VideographyWP has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Featured Video for WordPress – VideographyWP Security Review

Safety Verdict

Is Featured Video for WordPress – VideographyWP Safe to Use in 2026?

Generally Safe

Score 99/100

Featured Video for WordPress – VideographyWP has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Dec 30, 2025Updated 3mo ago

Risk Assessment

The "videographywp" plugin v1.0.20 demonstrates a mixed security posture. On the positive side, the static analysis reveals a clean attack surface with no direct entry points such as AJAX handlers, REST API routes, shortcodes, or cron events that lack authentication or permission checks. Furthermore, all SQL queries are properly prepared, indicating good database interaction practices, and there are no detected file operations or external HTTP requests, which mitigates certain attack vectors. However, a significant concern arises from the output escaping, where only 64% of outputs are properly escaped. This leaves a portion of user-generated or dynamically generated content potentially vulnerable to Cross-Site Scripting (XSS) attacks, a risk amplified by the plugin's history of a medium-severity XSS vulnerability. The taint analysis showing zero flows is encouraging, but it doesn't negate the existing risk from unescaped output and past vulnerabilities.

Key Concerns

Moderate percentage of unescaped output
Past medium severity XSS vulnerability

Vulnerabilities

1

Featured Video for WordPress – VideographyWP Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1

1 total CVE

CVE-2025-62746medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Featured Video for WordPress – VideographyWP <= 1.0.18 - Authenticated (Contributor+) Stored Cross-Site Scripting

Dec 30, 2025 Patched in 1.0.20 (7d)

Code Analysis

Analyzed Mar 16, 2026

Featured Video for WordPress – VideographyWP Code Analysis

Dangerous Functions

0

Raw SQL Queries

0

1 prepared

Unescaped Output

31

56 escaped

Nonce Checks

0

Capability Checks

1

File Operations

0

External Requests

0

Bundled Libraries

0

SQL Query Safety

100% prepared1 total queries

Output Escaping

64% escaped87 total outputs

Attack Surface

Featured Video for WordPress – VideographyWP Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionadmin_noticesindex.php:33

actioninitindex.php:75

filterthe_contentindex.php:77

filterpost_thumbnail_htmlindex.php:79

actionwidgets_initindex.php:82

Maintenance & Trust

Featured Video for WordPress – VideographyWP Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 5, 2025

PHP min version7.4

Downloads58K

Community Trust

Rating90/100

Number of ratings31

Active installs2K

Alternatives

Featured Video for WordPress – VideographyWP Alternatives

Simply Featured Video – Featured video support for WordPress

simply-featured-video

A

85

Simply Featured Video allows you to set a featured video from media library, YouTube, Vimeo, and more.

0 No CVEs

The Ultimate Video Player For WordPress – by Presto Player

presto-player

A

99

The Ultimate WordPress Video Player.

100K 2 CVEs

All-in-One Video Gallery

all-in-one-video-gallery

A

88

The ultimate video player & video gallery plugin for YouTubers, Video Bloggers, Course Creators, Podcasters, and anyone embedding videos on websites.

20K 11 CVEs

WP Video Popup – WordPress Video Lightbox for YouTube, Rumble & Vimeo

responsive-youtube-vimeo-popup

A

100

WP Video Popup lets you add a responsive YouTube, Rumble or Vimeo video lightbox to any page, post or custom post type of your website.

9K No CVEs

Automatic Featured Images from Videos

automatic-featured-images-from-videos

A

98

If a YouTube or Vimeo video embed exists near the start of a post, we'll automatically set the post's featured image to a thumbnail of the video.

8K 2 CVEs

Developer Profile

Featured Video for WordPress – VideographyWP Developer Profile

CodeFlavors

3 plugins · 2K total installs

97

trust score

Avg Security Score

95/100

Avg Patch Time

7 days

View full developer profile

Detection Fingerprints

How We Detect Featured Video for WordPress – VideographyWP

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/videographywp/assets/css/videographywp.css/wp-content/plugins/videographywp/assets/js/videographywp.js

Script Paths

/wp-content/plugins/videographywp/assets/js/videographywp.js

Version Parameters

videographywp/assets/css/videographywp.css?ver=videographywp/assets/js/videographywp.js?ver=

HTML / DOM Fingerprints

CSS Classes

cvwp-video-wrapper

FAQ

Featured Video for WordPress – VideographyWP Security & Risk Analysis