Does Album Photostream Flickr Gallery have any unpatched vulnerabilities?

No. All known vulnerabilities in Album Photostream Flickr Gallery have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Album Photostream Flickr Gallery compatible with WordPress 6.9.4?

According to WordPress.org data, Album Photostream Flickr Gallery 1.5.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Album Photostream Flickr Gallery compatible with PHP 7.0+?

Album Photostream Flickr Gallery requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Album Photostream Flickr Gallery updated?

Album Photostream Flickr Gallery was last updated on Jan 2, 2026. Frequent updates are generally a positive security signal.

What is Album Photostream Flickr Gallery's security score?

Album Photostream Flickr Gallery has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Album Photostream Flickr Gallery Security & Risk Analysis

wordpress.org/plugins/wp-flickr-gallery

Display your Flickr albums, photostream, and photos on any page or widget. Responsive and easy to set up using Flickr API.

1K active installs v1.5.2 PHP 7.0+ WP 4.0+ Updated Jan 2, 2026

album-galleryflickrflickr-galleryflickr-widgetphoto-gallery

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Album Photostream Flickr Gallery Safe to Use in 2026?

Generally Safe

Score 100/100

Album Photostream Flickr Gallery has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The wp-flickr-gallery plugin v1.5.2 exhibits a generally good security posture, with several key strengths noted in the static analysis. A significant positive is the complete absence of raw SQL queries; all 100% are properly prepared. The plugin also demonstrates strong output escaping practices, with 92% of outputs being properly escaped, which helps mitigate Cross-Site Scripting (XSS) risks. Furthermore, robust nonce and capability checks are implemented, and there are no known vulnerabilities (CVEs) associated with this version. The attack surface is minimal, with no unprotected entry points identified. However, a notable concern is the presence of three instances of the 'unserialize' function. While no taint flows were identified in this analysis, the use of 'unserialize' can be a significant security risk if the data being unserialized originates from untrusted sources, as it can lead to Remote Code Execution (RCE) vulnerabilities. The plugin also makes three external HTTP requests, which, without further analysis of their targets and data handling, represent a potential avenue for supply chain attacks or information leakage.

Key Concerns

Use of 'unserialize' function
External HTTP requests present

Vulnerabilities

None known

Album Photostream Flickr Gallery Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Album Photostream Flickr Gallery Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

282 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$rsp_obj = unserialize($rsp['body']);flickr-get-album.php:20

unserialize$rsp_obj = unserialize($rsp['body']);flickr-get-photostream.php:22

unserialize$rsp_obj = unserialize($rsp['body']);flickr-post-settings.php:484

Output Escaping

92% escaped305 total outputs

Attack Surface

Album Photostream Flickr Gallery Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 1

authwp_ajax_api_settings_actionwp-flickr-gallery.php:81

Shortcodes 1

[FGAL] shortcode.php:9

WordPress Hooks 35

actioninitclass-tgm-plugin-activation.php:268

filterload_textdomain_mofileclass-tgm-plugin-activation.php:269

actioninitclass-tgm-plugin-activation.php:272

actionadmin_menuclass-tgm-plugin-activation.php:421

actionadmin_headclass-tgm-plugin-activation.php:422

filterinstall_plugin_complete_actionsclass-tgm-plugin-activation.php:425

filterupdate_plugin_complete_actionsclass-tgm-plugin-activation.php:426

actionadmin_noticesclass-tgm-plugin-activation.php:429

actionadmin_initclass-tgm-plugin-activation.php:430

actionadmin_enqueue_scriptsclass-tgm-plugin-activation.php:431

actionload-plugins.phpclass-tgm-plugin-activation.php:436

actionswitch_themeclass-tgm-plugin-activation.php:439

actionswitch_themeclass-tgm-plugin-activation.php:442

actionadmin_initclass-tgm-plugin-activation.php:447

actionswitch_themeclass-tgm-plugin-activation.php:452

actionload_textdomain_mofileclass-tgm-plugin-activation.php:475

filterupgrader_source_selectionclass-tgm-plugin-activation.php:889

actionplugins_loadedclass-tgm-plugin-activation.php:2132

filtertgmpa_table_data_itemsclass-tgm-plugin-activation.php:2256

filterupgrader_source_selectionclass-tgm-plugin-activation.php:2997

actionadmin_initclass-tgm-plugin-activation.php:3167

actionupgrader_process_completeclass-tgm-plugin-activation.php:3262

filterupgrader_post_installclass-tgm-plugin-activation.php:3321

filterupgrader_post_installclass-tgm-plugin-activation.php:3470

actionplugins_loadedwp-flickr-gallery.php:59

actionadmin_menuwp-flickr-gallery.php:62

actioninitwp-flickr-gallery.php:65

actionadd_meta_boxeswp-flickr-gallery.php:68

actionsave_postwp-flickr-gallery.php:70

filterwidget_textwp-flickr-gallery.php:73

filtermanage_flickr_gallery_posts_columnswp-flickr-gallery.php:76

actionmanage_flickr_gallery_posts_custom_columnwp-flickr-gallery.php:79

actionwp_enqueue_scriptswp-flickr-gallery.php:83

actionwp_enqueue_scriptswp-flickr-gallery.php:348

actiontgmpa_registerwp-flickr-gallery.php:351

Maintenance & Trust

Album Photostream Flickr Gallery Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 2, 2026

PHP min version7.0

Downloads97K

Community Trust

Rating94/100

Number of ratings21

Active installs1K

Alternatives

Album Photostream Flickr Gallery Alternatives

Album Gallery For Flickr

flickr-album-gallery

100

Display Flickr albums on WordPress with lightbox preview, SEO-friendly galleries, and easy shortcode integration.

4K No CVEs

Photo Gallery – Responsive Image Galleries by Supsystic

gallery-by-supsystic

Photo Gallery helps you create clean, responsive image galleries and album galleries without wrestling with complex settings, layouts, or custom CSS.

20K 3 CVEs

Album Gallery

new-album-gallery

Create stunning photo and video albums with responsive layouts, lightbox display, and customizable hover effects.

4K 3 CVEs

Simple Flickr Photostream

simple-flickr-photostream-widget

Simple Flickr Photostream widget allow you display pictures from Flickr in a widgetized area of you choice. Based on the WP 2.7 widget model

100 No CVEs

Srizon Responsive Flickr Gallery Basic

srizon-flickr-gallery-basic

This Plugin is designed to show your flickr photos into your WordPress site either as an album or as a gallery (A collection of albums).

30 No CVEs

Developer Profile

Album Photostream Flickr Gallery Developer Profile

A WP Life

61 plugins · 64K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

267 days

View full developer profile

Detection Fingerprints

How We Detect Album Photostream Flickr Gallery

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-flickr-gallery/js/common.js/wp-content/plugins/wp-flickr-gallery/css/bootstrap.min.css/wp-content/plugins/wp-flickr-gallery/css/owl.carousel.css/wp-content/plugins/wp-flickr-gallery/css/custom.css/wp-content/plugins/wp-flickr-gallery/js/owl.carousel.min.js/wp-content/plugins/wp-flickr-gallery/js/jquery.fancybox.pack.js/wp-content/plugins/wp-flickr-gallery/js/flickr-gallery.js

Script Paths

/wp-content/plugins/wp-flickr-gallery/js/common.js/wp-content/plugins/wp-flickr-gallery/js/owl.carousel.min.js/wp-content/plugins/wp-flickr-gallery/js/jquery.fancybox.pack.js/wp-content/plugins/wp-flickr-gallery/js/flickr-gallery.js

Version Parameters

wp-flickr-gallery/css/bootstrap.min.css?ver=wp-flickr-gallery/css/owl.carousel.css?ver=wp-flickr-gallery/css/custom.css?ver=wp-flickr-gallery/js/owl.carousel.min.js?ver=wp-flickr-gallery/js/jquery.fancybox.pack.js?ver=wp-flickr-gallery/js/flickr-gallery.js?ver=

HTML / DOM Fingerprints

CSS Classes

fg-flickr-gallery-wrapperflickr-gallery-container

Data Attributes

data-flickr-id

JS Globals

FLICKRCopyShortcode

Shortcode Output

<input type='text' class='button button-primary' id='flickr-shortcode-' value='[FGAL id=

FAQ