Does WP Latest Video Widget have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Latest Video Widget have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Latest Video Widget compatible with WordPress 3.5.2?

According to WordPress.org data, WP Latest Video Widget 1.70 has been tested up to WordPress 3.5.2. Check the plugin's changelog for the latest compatibility information.

How often is WP Latest Video Widget updated?

WP Latest Video Widget was last updated on Apr 28, 2013. Frequent updates are generally a positive security signal.

What is WP Latest Video Widget's security score?

WP Latest Video Widget has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Latest Video Widget Security & Risk Analysis

wordpress.org/plugins/wp-latest-video-widget

WP Latest Video Widget is a sidebar widget that displays latest video from a custom set category. Based on custom fields.

20 active installs v1.70 PHP + WP 2.9+ Updated Apr 28, 2013

sidebarvideowidgetyoutube

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Latest Video Widget Safe to Use in 2026?

Generally Safe

Score 85/100

WP Latest Video Widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The wp-latest-video-widget plugin, version 1.70, exhibits a mixed security posture. On the positive side, the plugin shows excellent practices regarding SQL queries, with 100% using prepared statements, and has no known vulnerabilities (CVEs) in its history. The absence of file operations and external HTTP requests also reduces potential attack vectors. However, significant concerns arise from the code analysis. The presence of the `create_function` function is a strong indicator of potential security risks, as it is deprecated and can lead to execution vulnerabilities if not handled with extreme care. Furthermore, a very low percentage (2%) of outputs are properly escaped, creating a high likelihood of cross-site scripting (XSS) vulnerabilities. The lack of nonce checks and capability checks, combined with the absence of any identifiable attack surface, is peculiar and could indicate that the plugin doesn't expose functionality requiring such checks, or that these checks are entirely missing from its limited functionality.

Key Concerns

Use of dangerous function create_function
Low output escaping (2%)
No nonce checks implemented
No capability checks implemented

Vulnerabilities

None known

WP Latest Video Widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

WP Latest Video Widget Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

WP Latest Video Widget Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_functionadd_action('widgets_init', create_function('', 'return register_widget("specimen_latestvideo");'));wp_latest_video.php:247

Output Escaping

2% escaped63 total outputs

Attack Surface

WP Latest Video Widget Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actionwidgets_initwp_latest_video.php:247

Maintenance & Trust

WP Latest Video Widget Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2

Last updatedApr 28, 2013

PHP min version

Downloads7K

Community Trust

Rating20/100

Number of ratings1

Active installs20

Alternatives

WP Latest Video Widget Alternatives

YouTube Sidebar

youtube-sidebar

YouTube Sidebar displays videos on a per post basis. To make good use of a single space it allows ads to be displayed when no video present

20 No CVEs

Wonder Video Embed

wonderplugin-video-embed

Embed MP4, Youtube, Vimeo, Wistia videos to the sidebar widget, WordPress posts and pages.

5K 2 CVEs

My YouTube Channel

youtube-channel

Show video thumbnails or playable video block of recent YouTube Playlist, Channel (User Uploads) videos.

5K 4 CVEs

Auto Last Youtube Video

auto-last-youtube-video

This plugin provides both Widget and Shortcode to show latest videos from any public Youtube channel.

100 1 unpatched

TechGasp Tube Master

youtube-master

TechGasp Tube Master displays Youtube Playlists or Single Videos with optional Youtube Subscribe Channel button and Google Hangouts.

90 No CVEs

Developer Profile

WP Latest Video Widget Developer Profile

specimen

1 plugin · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Latest Video Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-latest-video-widget/wp_latest_video.php

HTML / DOM Fingerprints

CSS Classes

specimen_widget_video

Data Attributes

data-youtube_video_iddata-vimeo_video_iddata-apropo_video_iddata-apropo_video_keydata-widthdata-height

FAQ