WP-Safety

YouTube Dev Facile Security & Risk Analysis

wordpress.org/plugins/youtube-dev-facile

Display Total Views, Total number of Public Videos from a channel YouTube. Affiche le nombre de vues, le nombre de vidéos d'une chaîne YouTube.

10 active installs v0.1 PHP + WP 3.0+ Updated May 11, 2015
chainechanneltotalvideoviewyoutube
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is YouTube Dev Facile Safe to Use in 2026?

Generally Safe

Score 85/100

YouTube Dev Facile has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago
Risk Assessment

The 'youtube-dev-facile' v0.1 plugin exhibits a mixed security posture. On the positive side, it has a very small attack surface with only one shortcode and no AJAX handlers, REST API routes, or cron events exposed. Furthermore, all identified SQL queries utilize prepared statements, which is a strong indicator of good database interaction practices. The absence of any recorded vulnerability history or known CVEs suggests a clean track record.

However, significant concerns arise from the static analysis. The presence of the 'unserialize' function is a critical red flag, as it is notoriously dangerous when used with untrusted input, potentially leading to remote code execution. Compounding this risk is the fact that 100% of its identified output operations are not properly escaped, opening the door for cross-site scripting (XSS) vulnerabilities. The complete lack of nonce checks and capability checks on its entry points means that any functionality exposed, especially if it involves sensitive operations, could be exploited by unauthenticated or unauthorized users.

In conclusion, while the plugin boasts a limited attack surface and good database practices, the severe security flaws identified in the code analysis – namely the use of 'unserialize' and unescaped output, coupled with absent authentication checks – present a high-risk profile. The lack of past vulnerabilities should not be relied upon as a sole indicator of safety given these critical code-level weaknesses.

Key Concerns

  • Dangerous unserialize function used
  • Output not properly escaped
  • No nonce checks
  • No capability checks
Vulnerabilities
None known

YouTube Dev Facile Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

YouTube Dev Facile Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
5
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
11
External Requests
1
Bundled Libraries
0

Dangerous Functions Found

unserialize$data = unserialize($data);google-api-client\Cache\File.php:75

Output Escaping

0% escaped5 total outputs
Attack Surface

YouTube Dev Facile Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[YTcount] youtube-devfacile.php:131
WordPress Hooks 3
actionadmin_menuyoutube-devfacile.php:114
actionplugins_loadedyoutube-devfacile.php:123
filterlocaleyoutube-devfacile.php:139
Maintenance & Trust

YouTube Dev Facile Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39
Last updatedMay 11, 2015
PHP min version
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

YouTube Dev Facile Alternatives

Real Testimonials – Testimonial Slider, Collect Customer Reviews and Video Testimonials

Real Testimonials – Testimonial Slider, Collect Customer Reviews and Video Testimonials

testimonial-free

A
97

A Customizable Testimonial plugin to Automate Collecting, Filtering, and Publishing Customer Reviews. Testimonial Slider, Grid & More to Grow Sales

40K 3 CVEs
Video Gallery – YouTube Playlist, Channel Gallery by YotuWP

Video Gallery – YouTube Playlist, Channel Gallery by YotuWP

yotuwp-easy-youtube-embed

A
86

Modern responsive YouTube video gallery helps your website getting noticed from visitors, increase the reach and stand out from the competitors.

20K 5 CVEs
My YouTube Channel

My YouTube Channel

youtube-channel

A
91

Show video thumbnails or playable video block of recent YouTube Playlist, Channel (User Uploads) videos.

5K 4 CVEs
Meks Video Importer

Meks Video Importer

meks-video-importer

A
91

Easily import YouTube and Vimeo videos in bulk to your posts, pages or any custom post type.

2K 2 CVEs
Video Gallery – YouTube Gallery & Responsive Video Playlist

Video Gallery – YouTube Gallery & Responsive Video Playlist

youtube-showcase

A
96

Responsive video gallery and YouTube gallery for WordPress. Create a video grid or YouTube playlist visually in the block editor. No shortcodes!

2K 3 CVEs
Developer Profile

YouTube Dev Facile Developer Profile

Matthieu20

2 plugins · 20 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect YouTube Dev Facile

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

HTML Comments
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.calvin = "6 years"; hobbes = "stuffed";+2 more
Shortcode Output
[YTcount select="nbVideos"][YTcount select="nbViews"]
FAQ

Frequently Asked Questions about YouTube Dev Facile