Does VidLog have any unpatched vulnerabilities?

No. All known vulnerabilities in VidLog have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is VidLog compatible with WordPress 6.9.4?

According to WordPress.org data, VidLog 1.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is VidLog compatible with PHP 7.0+?

VidLog requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is VidLog updated?

VidLog was last updated on Dec 25, 2025. Frequent updates are generally a positive security signal.

What is VidLog's security score?

VidLog has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

VidLog Security & Risk Analysis

wordpress.org/plugins/vidlog

VidLog logs instant video plays in WordPress such as date, IP, country, file, slug, email and referrer.

0 active installs v1.0 PHP 7.0+ WP 5.0+ Updated Dec 25, 2025

analyticslogstatsvideoviews

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is VidLog Safe to Use in 2026?

Generally Safe

Score 100/100

VidLog has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The "vidlog" v1.0 plugin exhibits a strong security posture based on the provided static analysis and vulnerability history. The absence of dangerous functions, the exclusive use of prepared statements for SQL queries, and 100% proper output escaping are significant strengths. Furthermore, all identified entry points (AJAX handlers) include capability checks, and nonce checks are present on a majority of them, demonstrating good security practices in handling user-initiated actions. The plugin also shows no history of known vulnerabilities, which is a positive indicator of its current security maturity.

While the static analysis reveals no critical or high-severity taint flows and no unpatched CVEs, there are minor areas for improvement. The presence of file operations and external HTTP requests, though not inherently insecure in this context, warrants careful review in more detailed audits. The fact that not all AJAX handlers have nonce checks, while there are capability checks, could potentially leave a small window for certain types of attacks if not thoroughly validated within the AJAX handler's logic. However, given the current data, the overall risk associated with "vidlog" v1.0 is low, with a strong foundation of secure coding practices evident.

Key Concerns

Missing nonce check on some AJAX handlers

Vulnerabilities

None known

VidLog Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

VidLog Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

61 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped61 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

vidlog_handle_log_play (vidlog.php:171)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

VidLog Attack Surface

Entry Points5

Unprotected0

AJAX Handlers 5

noprivwp_ajax_vidlog_log_playvidlog.php:29

authwp_ajax_vidlog_log_playvidlog.php:30

authwp_ajax_vidlog_delete_log_rowvidlog.php:31

authwp_ajax_vidlog_delete_selected_log_rowsvidlog.php:32

authwp_ajax_vidlog_delete_all_log_rowsvidlog.php:33

WordPress Hooks 4

actionwp_enqueue_scriptsvidlog.php:27

actionadmin_enqueue_scriptsvidlog.php:28

actionadmin_menuvidlog.php:34

actionadmin_enqueue_scriptsvidlog.php:35

Maintenance & Trust

VidLog Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 25, 2025

PHP min version7.0

Downloads135

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

VidLog Alternatives

Statify

statify

100

Visitor statistics for WordPress with focus on data protection, transparency and clarity. Perfect as a widget in your WordPress Dashboard.

100K No CVEs

Simple Blog Stats

simple-blog-stats

Displays a wealth of useful statistics about your site. Display total number of posts, pages, categories, tags, and much more.

4K 1 CVE

User Activity Tracking and Log

user-activity-tracking-and-log

Track time and monitor user activity & history on your website, LMS online learning system, membership or WooCommerce site.

3K 2 CVEs

Weblix – Online Users

weblix

Display online users and page views in the last 30 minutes, just like Google Analytics, but without slowing down your website.

80 No CVEs

Advanced Views Counter – Post Views Counter Analytics & Popular Posts Tracker

advanced-views-counter

100

Track and display post views with detailed stats. Exclude bots, set intervals, and see top posts and referrers.

10 No CVEs

Developer Profile

VidLog Developer Profile

Lise Rasmussen

2 plugins · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect VidLog

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/vidlog/assets/js/vidlog.js/wp-content/plugins/vidlog/assets/css/vidlog.css/wp-content/plugins/vidlog/assets/js/vidlog-admin.js/wp-content/plugins/vidlog/assets/css/upgradepage.css

Script Paths

/wp-content/plugins/vidlog/assets/js/vidlog.js/wp-content/plugins/vidlog/assets/js/vidlog-admin.js

Version Parameters

vidlog/assets/js/vidlog.js?ver=vidlog/assets/css/vidlog.css?ver=vidlog/assets/js/vidlog-admin.js?ver=vidlog/assets/css/upgradepage.css?ver=

HTML / DOM Fingerprints

JS Globals

VidlogData

FAQ