Does WIDEO视频播放器 have any unpatched vulnerabilities?

No. All known vulnerabilities in WIDEO视频播放器 have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WIDEO视频播放器 compatible with WordPress 6.1.10?

According to WordPress.org data, WIDEO视频播放器 2.0.3 has been tested up to WordPress 6.1.10. Check the plugin's changelog for the latest compatibility information.

Is WIDEO视频播放器 compatible with PHP 5.2.4+?

WIDEO视频播放器 requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WIDEO视频播放器 updated?

WIDEO视频播放器 was last updated on Jan 29, 2023. Frequent updates are generally a positive security signal.

What is WIDEO视频播放器's security score?

WIDEO视频播放器 has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WIDEO视频播放器 Security & Risk Analysis

wordpress.org/plugins/wideo

WIDEO视频播放器，整合dplayer,支持mp4,flv,hls等协议视频播放

100 active installs v2.0.3 PHP 5.2.4+ WP 4.7+ Updated Jan 29, 2023

dplayer%e8%a7%86%e9%a2%91%e8%a7%86%e9%a2%91%e6%92%ad%e6%94%be%e5%99%a8%e6%92%ad%e6%94%be%e5%99%a8

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WIDEO视频播放器 Safe to Use in 2026?

Generally Safe

Score 85/100

WIDEO视频播放器 has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

Based on the provided static analysis and vulnerability history, the 'wideo' v2.0.3 plugin exhibits a generally strong security posture. The code analysis reveals no dangerous functions, all SQL queries use prepared statements, and all output is properly escaped, which are excellent security practices. Furthermore, the absence of file operations and external HTTP requests minimizes potential attack vectors. The vulnerability history is also clean, with no known CVEs, indicating a stable and well-maintained plugin over time.

However, there are a few areas that warrant attention. The most significant concern is the complete lack of nonce checks and the presence of two capability checks, suggesting that authenticated actions may not be adequately protected against CSRF attacks. While the attack surface is small, consisting of only one shortcode, any unprotected entry points could be a risk. The taint analysis showing zero flows is positive, but this could also be due to the limited scope of the analysis or the plugin's simple functionality. Overall, the plugin is well-coded with good sanitization and escaping, but the lack of robust authentication checks on potential action-triggering shortcodes is a notable weakness that could be exploited if combined with other vulnerabilities or if the shortcode's functionality allows for sensitive operations.

Key Concerns

Missing nonce checks
Presence of unprotected shortcode

Vulnerabilities

None known

WIDEO视频播放器 Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WIDEO视频播放器 Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

24 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped24 total outputs

Attack Surface

WIDEO视频播放器 Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[wideo] class.wideo.php:33

WordPress Hooks 8

actionadmin_menuclass.wideo.php:30

actionadmin_initclass.wideo.php:31

actionwp_enqueue_scriptsclass.wideo.php:32

filterplugin_action_linksclass.wideo.php:34

actionadmin_print_scriptsclass.wideo.php:35

actioninitclass.wideo.php:36

filtermce_external_pluginsclass.wideo.php:218

filtermce_buttonsclass.wideo.php:219

Maintenance & Trust

WIDEO视频播放器 Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10

Last updatedJan 29, 2023

PHP min version5.2.4

Downloads10K

Community Trust

Rating96/100

Number of ratings6

Active installs100

Alternatives

WIDEO视频播放器 Alternatives

[凹凸曼]播放视频

apoyl-video

100

实现复制视频超链接解析播放bilibili视频、优酷视频、youtube视频、腾讯视频、西瓜视频，并且可以统一控制视频大小，操作非常简单不需要去复制视频分享代码，直接到游览器复制URL链接即可，添加到编辑器里，非常方便用户使用。

90 No CVEs

网易云音乐

nines-music

网易云音乐播放器（详情看截图）

40 No CVEs

[凹凸曼]自由控制视频大小

apoyl-videoctrl

100

实现统一自定义控制本地视频video和bilibili宽度和高度，显示合适大小的视频，让页面变得更加美观

10 No CVEs

record player musicbox 唱片播放器

record-player-musicbox

100

一个仿古风的唱片背景音乐播放器，支持自动播放、禁播设置、自定义位置、进度记忆及移动端控制等功能。

10 No CVEs

[凹凸曼]直传阿里云视频点播

apoyl-aliyunvideo

100

实现视频上传到阿里云，实现文章能播放视频，大量节约服务器带宽流量，视频点播是集视频采集、编辑、上传、媒体资源管理、自动化转码处理（窄带高清™）、视频审核分析、分发加速于一体的一站式音视频点播解决方案

0 No CVEs

Developer Profile

WIDEO视频播放器 Developer Profile

upcwayne

1 plugin · 100 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WIDEO视频播放器

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wideo/DPlayer/flv.min.js/wp-content/plugins/wideo/DPlayer/hls.min.js/wp-content/plugins/wideo/DPlayer/DPlayer.min.js/wp-content/plugins/wideo/js/wideo_quicktags.js

Version Parameters

WIDEO_VERSION

HTML / DOM Fingerprints

CSS Classes

wideo

JS Globals

DPlayer

Shortcode Output

<div class="wideo" style="position:relative;"><div id="wideoconst dpnew DPlayer({

FAQ