Does WP Lazy Spotify have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Lazy Spotify compatible with WordPress 3.5.2?

According to WordPress.org data, WP Lazy Spotify 1.0 has been tested up to WordPress 3.5.2. Check the plugin's changelog for the latest compatibility information.

How often is WP Lazy Spotify updated?

WP Lazy Spotify was last updated on Feb 3, 2013. Frequent updates are generally a positive security signal.

What is WP Lazy Spotify's security score?

WP Lazy Spotify has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Lazy Spotify Security & Risk Analysis

wordpress.org/plugins/wp-lazy-spotify

WP Lazy Spotify allows you to lazy load multiple tracks and playlists from Spotify.

10 active installs v1.0 PHP + WP 3.0+ Updated Feb 3, 2013

lazy-loadspotify

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Lazy Spotify Safe to Use in 2026?

Generally Safe

Score 85/100

WP Lazy Spotify has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago

Risk Assessment

The wp-lazy-spotify v1.0 plugin exhibits a generally strong security posture based on the provided static analysis. There are no identified dangerous functions, SQL queries are all prepared, and there are no file operations or external HTTP requests, which significantly reduces the attack surface in those areas. The presence of a nonce check is also a positive indicator of security awareness. However, the plugin does have a weakness in its output escaping, with 50% of outputs not being properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is involved in these outputs. Additionally, the complete lack of capability checks on any entry points, including the single shortcode, means that any authenticated user, regardless of their role, could potentially trigger its functionality, which might be an unintended consequence. The absence of any historical vulnerabilities further suggests a good track record, but this cannot be relied upon as a guarantee of future security, especially given the identified output escaping and capability check concerns.

Key Concerns

Half of outputs are not properly escaped
No capability checks on any entry points

Vulnerabilities

None known

WP Lazy Spotify Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

WP Lazy Spotify Release Timeline

No version history available.

Code Analysis

Analyzed Apr 16, 2026

WP Lazy Spotify Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

50% escaped8 total outputs

Attack Surface

WP Lazy Spotify Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[wplazyspotify] wplazyspotify.php:49

WordPress Hooks 5

actioninitwplazyspotify.php:44

actionadmin_initwplazyspotify.php:45

actiondo_meta_boxeswplazyspotify.php:46

actionsave_postwplazyspotify.php:47

filterthe_contentwplazyspotify.php:48

Maintenance & Trust

WP Lazy Spotify Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2

Last updatedFeb 3, 2013

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

WP Lazy Spotify Alternatives

EWWW Image Optimizer

ewww-image-optimizer

Comprehensive image optimization that doesn't require a rocket science degree. Optimize images automatically for Faster Sites and Happy Visitors.

1.0M 6 CVEs

Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization

optimole-wp

Automatically optimize images: bulk compression, lazy loading, WebP/AVIF conversion. With CloudFront image CDN to boost Core Web Vitals & conversions!

200K 5 CVEs

LazyLoad Plugin – Lazy Load Images, Videos, and Iframes

rocket-lazy-load

100

The best free lazy load plugin for WordPress. Lazy load images, videos, and iframes to improve performance and Core Web Vitals scores.

100K No CVEs

Embed Plus for YouTube Gallery, Livestream and Lazy Loading with Facades

youtube-embed-plus

A multi-featured plugin to embed YouTube in WordPress. Embed a video, YouTube channel gallery, playlist, or YouTube livestream. Defer JavaScript too!

100K 2 CVEs

a3 Lazy Load

a3-lazy-load

Use a3 Lazy Load for images, videos, iframes that are not lazy loaded by WordPress core. Instantly improve your sites load time and dramatically impro …

90K 3 CVEs

Developer Profile

WP Lazy Spotify Developer Profile

Tom Morton

2 plugins · 310 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Lazy Spotify

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-lazy-spotify/wplazyspotify.css

Script Paths

/wp-content/plugins/wp-lazy-spotify/Socialite/socialite.min.js/wp-content/plugins/wp-lazy-spotify/Socialite/extensions/socialite.spotify.js/wp-content/plugins/wp-lazy-spotify/wplazyspotify.js

Version Parameters

wp-lazy-spotify/wplazyspotify.css?ver=wp-lazy-spotify/Socialite/socialite.min.js?ver=wp-lazy-spotify/Socialite/extensions/socialite.spotify.js?ver=wp-lazy-spotify/wplazyspotify.js?ver=

HTML / DOM Fingerprints

CSS Classes

wplazyspotifyspotify

Data Attributes

data-height

Shortcode Output

<div class="wplazyspotify<div class="spotify">

FAQ