Does 3D viewer by Visody have any unpatched vulnerabilities?

No. All known vulnerabilities in 3D viewer by Visody have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is 3D viewer by Visody compatible with WordPress 6.9.4?

According to WordPress.org data, 3D viewer by Visody 2.4.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is 3D viewer by Visody updated?

3D viewer by Visody was last updated on Dec 6, 2025. Frequent updates are generally a positive security signal.

What is 3D viewer by Visody's security score?

3D viewer by Visody has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

3D viewer by Visody Security & Risk Analysis

wordpress.org/plugins/visody-3d-product-viewer

Easily add beautiful, fully-customizable 3D viewers to your WooCommerce product galleries and WordPress pages! AR capabilies included.

900 active installs v2.4.2 PHP + WP 5.1+ Updated Dec 6, 2025

3d-model3d-product-viewer3d-viewerar

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is 3D viewer by Visody Safe to Use in 2026?

Generally Safe

Score 100/100

3D viewer by Visody has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The plugin 'visody-3d-product-viewer' v2.4.2 exhibits a generally good security posture with several positive indicators. The absence of known CVEs and critical taint flows is a significant strength. Furthermore, the plugin demonstrates strong practices in SQL query handling, with 100% prepared statements, and a high percentage of properly escaped output (96%). It also includes a reasonable number of nonce and capability checks. However, a notable concern is the presence of an unprotected AJAX handler, which represents a direct attack vector if not handled with extreme caution by the user. The attack surface, while small overall, has a single unprotected entry point, which slightly elevates risk. The bundled Freemius library, while not explicitly flagged as outdated, is a component that should be monitored for security updates. Overall, the plugin is well-developed from a security perspective, but the unprotected AJAX handler requires attention.

Key Concerns

Unprotected AJAX handler
Bundled Freemius v1.0 library

Vulnerabilities

None known

3D viewer by Visody Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

3D viewer by Visody Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

220 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

Output Escaping

96% escaped230 total outputs

Attack Surface

1 unprotected

3D viewer by Visody Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 1

authwp_ajax_save_form_optionadmin\class-visody-admin.php:57

Shortcodes 1

[visody_viewer] public\class-visody-public.php:566

WordPress Hooks 43

actionadmin_enqueue_scriptsadmin\class-visody-admin.php:56

filterwp_check_filetype_and_extadmin\class-visody-admin.php:59

filterupload_mimesadmin\class-visody-admin.php:60

actionin_admin_headeradmin\class-visody-admin.php:62

filterplugin_row_metaadmin\class-visody-admin.php:63

actionafter_setup_themeadmin\class-visody-admin.php:64

filteradmin_footer_textadmin\class-visody-admin.php:66

filterupdate_footeradmin\class-visody-admin.php:67

filtervisody_register_option_pagesadmin\class-visody-options.php:35

actioninitadmin\class-visody-viewer-template.php:35

filtervisody_register_metaboxesadmin\class-visody-viewer-template.php:36

actioninitadmin\class-visody-viewer.php:35

filtervisody_register_metaboxesadmin\class-visody-viewer.php:36

filtermanage_visody_viewer_posts_columnsadmin\class-visody-viewer.php:37

filtermanage_visody_viewer_posts_custom_columnadmin\class-visody-viewer.php:38

actionadmin_menuadmin\class-visody-welcome.php:33

actionadmin_headadmin\class-visody-woocommerce.php:34

filterwoocommerce_product_data_tabsadmin\class-visody-woocommerce.php:35

actionwoocommerce_product_data_panelsadmin\class-visody-woocommerce.php:36

actionwoocommerce_process_product_metaadmin\class-visody-woocommerce.php:37

actionplugins_loadedincludes\class-visody.php:183

actionadd_meta_boxesincludes\simple-fields\includes\class-visody-meta-boxes.php:16

actionsave_postincludes\simple-fields\includes\class-visody-meta-boxes.php:17

actionadmin_enqueue_scriptsincludes\simple-fields\includes\class-visody-meta-boxes.php:18

actionadmin_menuincludes\simple-fields\includes\class-visody-option-pages.php:19

actionadmin_initincludes\simple-fields\includes\class-visody-option-pages.php:22

actionadmin_enqueue_scriptsincludes\simple-fields\includes\class-visody-option-pages.php:23

actionadmin_enqueue_scriptsincludes\simple-fields\visody-simple-fields.php:26

actionadmin_footer-edit-tags.phpincludes\simple-fields\visody-simple-fields.php:93

actionafter_setup_themeincludes\simple-fields\visody-simple-fields.php:124

actioninitpublic\class-visody-public.php:66

actionwp_enqueue_scriptspublic\class-visody-public.php:67

actionvisody_output_scriptspublic\class-visody-public.php:68

filterscript_loader_tagpublic\class-visody-public.php:69

filterwoocommerce_single_product_image_thumbnail_htmlpublic\class-visody-public.php:71

actionwoocommerce_product_thumbnailspublic\class-visody-public.php:72

actionwoo_variation_product_gallery_endpublic\class-visody-public.php:73

actioninitpublic\class-visody-public.php:75

actionwppublic\class-visody-public.php:77

actionwoocommerce_before_single_product_summarypublic\class-visody-public.php:89

filterrender_blockpublic\class-visody-public.php:129

actionwoocommerce_product_thumbnailspublic\class-visody-public.php:132

actionwoo_variation_product_gallery_endpublic\class-visody-public.php:133

Maintenance & Trust

3D viewer by Visody Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 6, 2025

PHP min version

Downloads12K

Community Trust

Rating100/100

Number of ratings4

Active installs900

Alternatives

3D viewer by Visody Alternatives

3D Viewer Online

3dvieweronline-wp

An easy, realistic and customizable 3D Viewer to embed 3D models of your products/designs into your Wordpress/WooCommerce website (responsive layout)

40 1 CVE

3D Viewer Block – Interactive 3D Model Display

3d-viewer-block

100

Embed 3D models. Display interactive 3D models within a few clicks using the Gutenberg Editor.

900 No CVEs

AR for WordPress

ar-for-wordpress

Augmented Reality for WordPress lets you showcase 3D models in an interactive viewer and AR on iOS and Android, with no app downloads needed.

400 1 unpatched

SwiftXR (3D/AR/VR) Viewer

swiftxr-3darvr-viewer

Easily enhance customer engagement with immersive 3D, AR, and VR experiences

100 1 unpatched

3D Viewer – glb/gltf Viewer by WPSE

advanced-3d-model-viewer

100

Embed and interact with 3D models in your WordPress content using a block, shortcode, or custom post type.

40 No CVEs

Developer Profile

3D viewer by Visody Developer Profile

visodywp

1 plugin · 900 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect 3D viewer by Visody

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/visody-3d-product-viewer/includes/css/visody-admin.css/wp-content/plugins/visody-3d-product-viewer/includes/css/visody-font.css/wp-content/plugins/visody-3d-product-viewer/includes/js/visody-admin.js

Script Paths

visody-admin.jsvisody-font.cssvisody-admin.css

Version Parameters

visody-admin.css?ver=visody-font.css?ver=visody-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

visody-admin-wrap

HTML Comments

<!-- Currently plugin version.<!-- This file is read by WordPress to generate the plugin information in the plugin<!-- The code that runs during plugin activation.<!-- The code that runs during plugin deactivation.+2 more

Data Attributes

data-plugin-name="visody"data-plugin-version="2.4.2"

JS Globals

visody_fs

FAQ