Does Dynamic Product Gallery for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Dynamic Product Gallery for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Dynamic Product Gallery for WooCommerce compatible with WordPress 6.9.0?

According to WordPress.org data, Dynamic Product Gallery for WooCommerce 3.5.3 has been tested up to WordPress 6.9.0. Check the plugin's changelog for the latest compatibility information.

How often is Dynamic Product Gallery for WooCommerce updated?

Dynamic Product Gallery for WooCommerce was last updated on Dec 2, 2025. Frequent updates are generally a positive security signal.

What is Dynamic Product Gallery for WooCommerce's security score?

Dynamic Product Gallery for WooCommerce has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Dynamic Product Gallery for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woocommerce-dynamic-gallery

Bring your product pages and presentation alive with Dynamic Product Gallery for WooCommerce. Beautifully.

1K active installs v3.5.3 PHP + WP 6.0+ Updated Dec 2, 2025

woocommercewoocommerce-dynamic-gallerywoocommerce-image-gallerywoocommerce-product-gallerywoocommerce-product-images

A · Safe

CVEs total2

Unpatched0

Last CVENov 2, 2022

Plugin page Download

Safety Verdict

Is Dynamic Product Gallery for WooCommerce Safe to Use in 2026?

Generally Safe

Score 98/100

Dynamic Product Gallery for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Nov 2, 2022Updated 4mo ago

Risk Assessment

The "woocommerce-dynamic-gallery" plugin v3.5.3 exhibits a mixed security posture. While it demonstrates good practices in output escaping (87%) and includes a reasonable number of nonce and capability checks, several significant concerns emerge from the static analysis. The presence of two AJAX handlers without authentication checks is a major vulnerability, opening the door for potential unauthorized actions if these handlers perform sensitive operations. Furthermore, all six SQL queries are executed without prepared statements, posing a significant risk of SQL injection vulnerabilities. The vulnerability history reveals two past high-severity CVEs, both identified as Cross-Site Request Forgery (CSRF), suggesting a recurring pattern of weaknesses in protecting against unauthorized requests, even though none are currently unpatched.

Despite the generally good output escaping and the absence of critical taint flows or dangerous functions, the combination of unprotected AJAX endpoints and raw SQL queries creates a tangible attack surface. The past CSRF vulnerabilities, although patched, highlight a historical susceptibility that warrants vigilance. The plugin's strengths lie in its robust output escaping and the presence of security checks. However, the unprotected entry points and lack of SQL parameterization are critical flaws that significantly elevate its risk profile. A comprehensive review and remediation of these specific issues are essential to improve the plugin's overall security.

Key Concerns

Unprotected AJAX handlers present
SQL queries without prepared statements
Past high severity CVEs (CSRF)
Flows with unsanitized paths found

Vulnerabilities

Dynamic Product Gallery for WooCommerce Security Vulnerabilities

CVEs by Year

2 CVEs in 2022

2022

Patched Has unpatched

Severity Breakdown

High

2 total CVEs

WF-0a5a0ca6-f355-4110-a533-04e46c741ec9-woocommerce-dynamic-galleryhigh · 8.8Cross-Site Request Forgery (CSRF)

a3 Lazy Load <= 2.6.0 - Cross-Site Request Forgery to Settings Reset

Nov 2, 2022 Patched in 3.0.2 (447d)

WF-9133fa10-036b-4f42-9d0c-8e15d2625f5e-woocommerce-dynamic-galleryhigh · 8.8Cross-Site Request Forgery (CSRF)

a3rev Multiple Plugins <= Various Versions - Cross-Site Request Forgery to Settings Changes

May 24, 2022 Patched in 3.0.0 (609d)

Code Analysis

Analyzed Mar 16, 2026

Dynamic Product Gallery for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

154

1004 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

jQuery

SQL Query Safety

0% prepared6 total queries

Output Escaping

87% escaped1158 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

8 flows2 with unsanitized paths

a3_admin_ui_event (admin\admin-interface.php:174)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Dynamic Product Gallery for WooCommerce Attack Surface

Entry Points4

Unprotected2

AJAX Handlers 2

authwp_ajax_woo_dynamic_gallery_previewadmin\settings\gallery-style-settings.php:99

noprivwp_ajax_woo_dynamic_gallery_previewadmin\settings\gallery-style-settings.php:100

Shortcodes 2

[wc_product_dgallery] admin\wc_gallery_woocommerce_admin.php:64

[wc_product_dynamic_gallery] admin\wc_gallery_woocommerce_admin.php:65

WordPress Hooks 39

actionplugins_loadedadmin\admin-init.php:39

actionplugins_loadedadmin\admin-init.php:47

actioninitadmin\admin-interface.php:49

actioninitadmin\admin-interface.php:50

actionadmin_enqueue_scriptsadmin\admin-interface.php:65

actionadmin_enqueue_scriptsadmin\admin-interface.php:66

actionadmin_print_scriptsadmin\admin-interface.php:69

actionadmin_print_footer_scriptsadmin\admin-interface.php:70

actionadmin_enqueue_scriptsadmin\admin-interface.php:81

actionadmin_enqueue_scriptsadmin\includes\uploader\class-uploader.php:59

filterfilesystem_methodadmin\less\sass.php:57

actionplugins_loadedadmin\settings\gallery-style-settings.php:81

actionadmin_enqueue_scriptsadmin\settings\gallery-style-settings.php:205

actionadmin_footeradmin\settings\gallery-style-settings.php:714

actioninitadmin\wc_gallery_woocommerce_admin.php:33

actionadmin_enqueue_scriptsadmin\wc_gallery_woocommerce_admin.php:36

filterplugin_row_metaadmin\wc_gallery_woocommerce_admin.php:39

actionwidgets_initadmin\wc_gallery_woocommerce_admin.php:49

actionwpadmin\wc_gallery_woocommerce_admin.php:57

filterrender_block_core/shortcodeadmin\wc_gallery_woocommerce_admin.php:60

filterrender_block_core/paragraphadmin\wc_gallery_woocommerce_admin.php:61

filterwoocommerce_cart_item_thumbnailadmin\wc_gallery_woocommerce_admin.php:68

actionwpadmin\wc_gallery_woocommerce_admin.php:70

filterwc_get_template_partadmin\wc_gallery_woocommerce_admin.php:88

actionwoocommerce_before_single_product_summaryadmin\wc_gallery_woocommerce_admin.php:103

actioninitadmin\wc_gallery_woocommerce_admin.php:115

filterwoocommerce_product_data_tabsclasses\class-wc-dynamic-gallery-metaboxes.php:20

actionwoocommerce_product_data_panelsclasses\class-wc-dynamic-gallery-metaboxes.php:21

actionsave_postclasses\class-wc-dynamic-gallery-metaboxes.php:23

actionwp_enqueue_scriptsclasses\class-wc-dynamic-gallery.php:56

actionadmin_initincludes\class-plugin-notices.php:9

actionadmin_initincludes\class-plugin-notices.php:10

actionadmin_noticesincludes\class-plugin-notices.php:17

actionadmin_noticesincludes\class-plugin-notices.php:43

actioninitsrc\blocks\product-dgallery\block.php:58

actioninitsrc\blocks.php:21

actionenqueue_block_assetssrc\blocks.php:24

filterblock_categories_allsrc\blocks.php:29

actionbefore_woocommerce_initwc_dynamic_gallery_woocommerce.php:49

Maintenance & Trust

Dynamic Product Gallery for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.0

Last updatedDec 2, 2025

PHP min version

Downloads380K

Community Trust

Rating62/100

Number of ratings37

Active installs1K

Alternatives

Dynamic Product Gallery for WooCommerce Alternatives

Product Gallery Slider, Additional Variation Images, Product Video, Product Image Zoom and Lightbox for WooCommerce – WooGallery

gallery-slider-for-woocommerce

100

🔥 All-in-One WooCommerce Product Image and Video Gallery Solution to Enhance Your Customers' Shopping Experience and Boost Sales Instantly! 🚀

20K No CVEs

Product Gallery Slider, Additional Variation Images for WooCommerce

woo-product-gallery-slider

Enhance your customers' shopping experience and boost sales instantly with this WooCommerce Product Gallery Slider! 🚀

20K 2 CVEs

TP Product Image Flipper for Woocommerce

tp-product-image-flipper-for-woocommerce

100

Add more image to your product shop/category page and flip them by mouse over.

9K No CVEs

TP WooCommerce Product Gallery

tp-woocommerce-product-gallery

100

Increase your sales by change woocommerce default product gallery to beautiful gallery with a lot of new features.

1K No CVEs

Delete product images for WooCommerce

wc-delete-product-images

Removes product assigned images (featured and gallery only) on product delete.

1K No CVEs

Developer Profile

Dynamic Product Gallery for WooCommerce Developer Profile

Steve Truman

13 plugins · 117K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

539 days

View full developer profile

Detection Fingerprints

How We Detect Dynamic Product Gallery for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/woocommerce-dynamic-gallery/assets/css/style.css/wp-content/plugins/woocommerce-dynamic-gallery/assets/css/frontend.css/wp-content/plugins/woocommerce-dynamic-gallery/assets/css/magnific-popup.css/wp-content/plugins/woocommerce-dynamic-gallery/assets/css/modal.css/wp-content/plugins/woocommerce-dynamic-gallery/assets/css/bootstrap/util.css/wp-content/plugins/woocommerce-dynamic-gallery/assets/css/bootstrap/modal.css/wp-content/plugins/woocommerce-dynamic-gallery/assets/js/frontend.js/wp-content/plugins/woocommerce-dynamic-gallery/assets/js/magnific-popup.js+3 more

Script Paths

/wp-content/plugins/woocommerce-dynamic-gallery/assets/js/frontend.js/wp-content/plugins/woocommerce-dynamic-gallery/assets/js/magnific-popup.js/wp-content/plugins/woocommerce-dynamic-gallery/assets/js/bootstrap/util.js/wp-content/plugins/woocommerce-dynamic-gallery/assets/js/bootstrap/modal.js/wp-content/plugins/woocommerce-dynamic-gallery/src/blocks/product-dgallery/product-dgallery.js

Version Parameters

/wp-content/plugins/woocommerce-dynamic-gallery/assets/css/style.css?ver=/wp-content/plugins/woocommerce-dynamic-gallery/assets/css/frontend.css?ver=/wp-content/plugins/woocommerce-dynamic-gallery/assets/css/magnific-popup.css?ver=/wp-content/plugins/woocommerce-dynamic-gallery/assets/css/modal.css?ver=/wp-content/plugins/woocommerce-dynamic-gallery/assets/css/bootstrap/util.css?ver=/wp-content/plugins/woocommerce-dynamic-gallery/assets/css/bootstrap/modal.css?ver=/wp-content/plugins/woocommerce-dynamic-gallery/assets/js/frontend.js?ver=/wp-content/plugins/woocommerce-dynamic-gallery/assets/js/magnific-popup.js?ver=/wp-content/plugins/woocommerce-dynamic-gallery/assets/js/bootstrap/util.js?ver=/wp-content/plugins/woocommerce-dynamic-gallery/assets/js/bootstrap/modal.js?ver=/wp-content/plugins/woocommerce-dynamic-gallery/src/blocks/product-dgallery/product-dgallery.js?ver=

HTML / DOM Fingerprints

CSS Classes

woocommerce-product-gallery-dynamicwc-dynamic-gallerywcdg-wrapwcdg-gallery-wrapwcdg-gallery-itemwcdg-gallery-item-wrapwcdg-gallery-img-wrapwcdg-gallery-img+44 more

HTML Comments

+18 more

Data Attributes

data-wcdg-gallery-iddata-wcdg-item-iddata-wcdg-post-iddata-wcdg-max-widthdata-wcdg-max-heightdata-a3rev-admin-ui-event+5 more

JS Globals

WOO_DYNAMIC_GALLERY_FILE_PATHWOO_DYNAMIC_GALLERY_DIR_NAMEWOO_DYNAMIC_GALLERY_FOLDERWOO_DYNAMIC_GALLERY_NAMEWOO_DYNAMIC_GALLERY_URLWOO_DYNAMIC_GALLERY_DIR+19 more

REST Endpoints

/wp-json/a3rev/wcdg/v1/gallery-images/wp-json/a3rev/wcdg/v1/gallery-image

FAQ