WP-Safety

WP Gallery Manager Security & Risk Analysis

wordpress.org/plugins/wp-gallery-manager

Make jquery based custom responsive galleries using custom images. Override wordpress default gallery display optionally.

10 active installs v1.0 PHP + WP 3.0+ Updated Feb 24, 2017
gallerygallery-managerjquery-responsive-image-sliderresponsive-gallerywordpress-image-gallery
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WP Gallery Manager Safe to Use in 2026?

Generally Safe

Score 85/100

WP Gallery Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago
Risk Assessment

The wp-gallery-manager plugin v1.0 exhibits a generally positive security posture, with a commendable absence of known vulnerabilities in its history. The static analysis reveals a proactive approach to security, as evidenced by the high percentage of SQL queries utilizing prepared statements and the presence of nonce and capability checks. This suggests the developers are aware of common WordPress security best practices.

However, there are notable areas of concern. The output escaping is significantly lacking, with only 8% of outputs being properly escaped. This represents a substantial risk for Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data could be rendered directly in the browser without proper sanitization. Additionally, the taint analysis identified one flow with unsanitized paths, which, while not classified as critical or high, warrants investigation to ensure it doesn't lead to path traversal or arbitrary file access.

While the plugin's history is clean, the significant number of file operations (14) combined with the low output escaping rate and the single unsanitized path flow present potential vectors for exploitation if not rigorously reviewed and remediated. The overall assessment is that the plugin has good foundational security but requires immediate attention to its output handling and path sanitization to mitigate potential XSS and file-related vulnerabilities.

Key Concerns

  • Low percentage of properly escaped output
  • Flow with unsanitized paths found
Vulnerabilities
None known

WP Gallery Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

WP Gallery Manager Code Analysis

Dangerous Functions
0
Raw SQL Queries
19
74 prepared
Unescaped Output
226
19 escaped
Nonce Checks
9
Capability Checks
2
File Operations
14
External Requests
0
Bundled Libraries
0

SQL Query Safety

80% prepared93 total queries

Output Escaping

8% escaped245 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

11 flows1 with unsanitized paths
<add-gallery> (admin\add-gallery.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

WP Gallery Manager Attack Surface

Entry Points6
Unprotected0

AJAX Handlers 2

authwp_ajax_xyz_gallery_load_imagesadmin\ajax-handler.php:209
authwp_ajax_xyz_gallery_ajax_backlinkadmin\ajax-handler.php:233

Shortcodes 4

[xyz_gallery] shortcode-handler.php:5
[gallery] shortcode-handler.php:973
[xyz_gallery_shc] shortcode-handler.php:989
[xyz_gallery_cls] shortcode-handler.php:998
WordPress Hooks 5
actionadmin_menuadmin\menu.php:5
actionadmin_enqueue_scriptsadmin\menu.php:119
actionwpadmin\menu.php:133
actionwp_footerwp-gallery-manager.php:40
filterplugin_row_metaxyz-functions.php:238
Maintenance & Trust

WP Gallery Manager Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32
Last updatedFeb 24, 2017
PHP min version
Downloads7K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

WP Gallery Manager Alternatives

WP News Photo Gallery

WP News Photo Gallery

wp-news-photo-gallery

A
85

WP News Photo Gallery is a WordPress plugin to create photo gallery on your WordPress website! View "Photo Gallery" page for photo gallery &hellip;

0 No CVEs
Photo Gallery by 10Web – Mobile-Friendly Image Gallery

Photo Gallery by 10Web – Mobile-Friendly Image Gallery

photo-gallery

D
39

Photo Gallery is a powerful image gallery plugin with a list of advanced options for creating responsive image galleries with beautiful lightbox.

200K 1 unpatched
Gallery by FooGallery

Gallery by FooGallery

foogallery

A
88

Photo Gallery, Image Gallery by FooGallery — fast, responsive, SEO-optimized, and packed with beautiful layouts.

100K 20 CVEs
Modula Image Gallery – Photo Grid & Video Gallery

Modula Image Gallery – Photo Grid & Video Gallery

modula-best-grid-gallery

A
87

Create responsive image galleries with drag-and-drop grid builder. Custom layouts, video support, AI optimization. Works with any theme.

100K 14 CVEs
Robo Gallery – Photo & Image Slider

Robo Gallery – Photo & Image Slider

robo-gallery

A
87

Robo Gallery is a powerful image gallery and photo gallery plugin with advanced features to create responsive galleries with a beautiful lightbox

40K 17 CVEs
Developer Profile

WP Gallery Manager Developer Profile

f1logic

15 plugins · 142K total installs

73
trust score
Avg Security Score
92/100
Avg Patch Time
352 days
View full developer profile
Detection Fingerprints

How We Detect WP Gallery Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-gallery-manager/css/slider.css/wp-content/plugins/wp-gallery-manager/css/style.css/wp-content/plugins/wp-gallery-manager/js/notice.js
Script Paths
/wp-content/plugins/wp-gallery-manager/js/notice.js

HTML / DOM Fingerprints

CSS Classes
xyz_gallery_manager_wrap
HTML Comments
<!-- This plugin allow you to create any number of image galleries and render in any page by simply inserting shortcodes. --><!-- Gallery Powered By : XYZScripts.com -->
Data Attributes
data-gallery-id
JS Globals
xyz_gallery_manager
Shortcode Output
<div class='xyz_gallery_manager_wrap'>
FAQ

Frequently Asked Questions about WP Gallery Manager