WP-Safety

Movie Helper Security & Risk Analysis

wordpress.org/plugins/yet-another-movie

Movie Helper allows you to easily add links to movie and tv shows, just by searching them while you're writing your content. Search, click, done!

70 active installs v1.2.3 PHP 5.4+ WP 5.0+ Updated Feb 10, 2025
moviemovie-databasetmdbtv-linkstv-show
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Movie Helper Safe to Use in 2026?

Generally Safe

Score 92/100

Movie Helper has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

Based on the provided static analysis and vulnerability history, the 'yet-another-movie' plugin v1.2.3 exhibits a generally strong security posture. The complete absence of identified vulnerabilities in its history, combined with the static analysis showing no dangerous functions, no unsanitized taint flows, and SQL queries exclusively using prepared statements, indicates a commitment to secure coding practices. The plugin also demonstrates good output escaping with 89% of outputs properly handled and includes capability checks where appropriate. The limited attack surface, with no AJAX handlers, REST API routes, shortcodes, or cron events without authentication, further enhances its security.

However, a few areas warrant attention. The presence of two external HTTP requests without explicit details on their handling could introduce risks if these external endpoints are compromised or if the requests themselves are not properly secured (e.g., lack of SSL verification, insecure data transmission). Furthermore, the absence of nonce checks on the (hypothetical, as none are listed) AJAX handlers is a potential concern, as nonces are crucial for preventing CSRF attacks. While the current version appears secure, continued vigilance and thorough review of any new external requests or entry points are recommended.

Key Concerns

  • External HTTP requests without apparent checks
  • No nonce checks on potential AJAX handlers
Vulnerabilities
None known

Movie Helper Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Movie Helper Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
34 escaped
Nonce Checks
0
Capability Checks
4
File Operations
0
External Requests
2
Bundled Libraries
0

Output Escaping

89% escaped38 total outputs
Attack Surface

Movie Helper Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 14
actionadd_meta_boxesadmin\editor\movieHelperEditor.php:29
actioninitadmin\movieHelper.php:68
actionplugins_loadedadmin\movieHelper.php:74
actionadmin_enqueue_scriptsadmin\movieHelperScripts.php:10
actionadmin_menuadmin\movieHelperSettingsPage.php:33
actionadmin_initadmin\movieHelperSettingsPage.php:37
actionadmin_initadmin\movieHelperSettingsPage.php:39
actionadd_meta_boxestrunk\admin\editor\movieHelperEditor.php:29
actioninittrunk\admin\movieHelper.php:68
actionplugins_loadedtrunk\admin\movieHelper.php:74
actionadmin_enqueue_scriptstrunk\admin\movieHelperScripts.php:10
actionadmin_menutrunk\admin\movieHelperSettingsPage.php:33
actionadmin_inittrunk\admin\movieHelperSettingsPage.php:37
actionadmin_inittrunk\admin\movieHelperSettingsPage.php:39
Maintenance & Trust

Movie Helper Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedFeb 10, 2025
PHP min version5.4
Downloads10K

Community Trust

Rating100/100
Number of ratings3
Active installs70
Alternatives

Movie Helper Alternatives

MAS Videos

MAS Videos

masvideos

B
75

MAS Videos is a free plugin that allows you to to create and list movies, videos and TV shows.

1K 1 unpatched
GeeK! – Movie & Game Database

GeeK! – Movie & Game Database

geekpress

A
92

The GeeK plugin is a comprehensive tool for WordPress, enabling the creation of detailed movie and game databases.

80 No CVEs
JustWatch – Partner Integrations

JustWatch – Partner Integrations

justwatch-partner-integrations

A
100

Connect your audience to the best streaming services worldwide.

40 No CVEs
F13 Movies

F13 Movies

f13-movie-shortcode

A
85

Do you blog about movies? It can be tedious adding movie information manually, now you can add movie information with shortcode using an IMDB ID.

30 No CVEs
FilmGetter

FilmGetter

filmgetter

A
85

FilmGetter uses tags to show information like Poster, plot, rating, release date, TMDb and imdb urls.

10 No CVEs
Developer Profile

Movie Helper Developer Profile

dudo

2 plugins · 270 total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Movie Helper

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/yet-another-movie/admin/css/admin.css/wp-content/plugins/yet-another-movie/admin/js/wrappers/themoviedb.js/wp-content/plugins/yet-another-movie/admin/js/editor.js/wp-content/plugins/yet-another-movie/admin/js/settings.js
Script Paths
/wp-content/plugins/yet-another-movie/admin/js/wrappers/themoviedb.js/wp-content/plugins/yet-another-movie/admin/js/editor.js/wp-content/plugins/yet-another-movie/admin/js/settings.js
Version Parameters
yet-another-movie/admin/css/admin.css?ver=yet-another-movie/admin/js/wrappers/themoviedb.js?ver=yet-another-movie/admin/js/editor.js?ver=yet-another-movie/admin/js/settings.js?ver=

HTML / DOM Fingerprints

JS Globals
movieHelperCommonData
FAQ

Frequently Asked Questions about Movie Helper