Does YouTube Subscribe widget have any unpatched vulnerabilities?

No. All known vulnerabilities in YouTube Subscribe widget have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is YouTube Subscribe widget compatible with WordPress 3.1.4?

According to WordPress.org data, YouTube Subscribe widget 1.0 has been tested up to WordPress 3.1.4. Check the plugin's changelog for the latest compatibility information.

How often is YouTube Subscribe widget updated?

YouTube Subscribe widget was last updated on Apr 28, 2013. Frequent updates are generally a positive security signal.

What is YouTube Subscribe widget's security score?

YouTube Subscribe widget has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

YouTube Subscribe widget Security & Risk Analysis

wordpress.org/plugins/youtube-subscribe-widget

Add a widget to display YouTube subscribe box in the sidebar.

400 active installs v1.0 PHP + WP 2.8.0+ Updated Apr 28, 2013

widgetyou-tubeyoutubeyoutube-subscribeyoutube-subscribers

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is YouTube Subscribe widget Safe to Use in 2026?

Generally Safe

Score 85/100

YouTube Subscribe widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The youtube-subscribe-widget plugin, version 1.0, presents a mixed security posture. While the static analysis indicates no direct vulnerabilities such as dangerous functions, SQL injection, or insecure file operations, and there is no known vulnerability history, significant concerns arise from the complete lack of output escaping. This suggests that any data processed and outputted by the plugin could be susceptible to cross-site scripting (XSS) attacks. Furthermore, the absence of nonce and capability checks on all entry points, although the current attack surface is reported as zero, is a concerning oversight that would become a critical weakness if new entry points were introduced without proper authorization.

Key Concerns

0% output escaping
0 capability checks
0 nonce checks

Vulnerabilities

None known

YouTube Subscribe widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

YouTube Subscribe widget Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped9 total outputs

Attack Surface

YouTube Subscribe widget Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actionwidgets_inityoutube-subscribe.php:131

Maintenance & Trust

YouTube Subscribe widget Maintenance & Trust

Maintenance Signals

WordPress version tested3.1.4

Last updatedApr 28, 2013

PHP min version

Downloads39K

Community Trust

Rating80/100

Number of ratings1

Active installs400

Alternatives

YouTube Subscribe widget Alternatives

YouTube widget

youtube-widget

This widget will display a YouTube video in the sidebar. Just enter the URL of the video, and it’ll show in the sidebar. You can change the width and …

500 No CVEs

Skyboot Subscribe Button for Youtube

skyboot-subscribe-button-for-youtube

This is simple widget of showing youtube subscribe button. Easy to use.

10 No CVEs

Youtube Subscribe Link Locker

yt-subscribe-link-locker

By using this link locker you can convert each visitor into a subscriber of your youtube channel. You can lock any type of links like download links e …

10 No CVEs

YT Subscribe Button

yt-subscribe-button

YT Subscribe Button is a minimal plugin when it comes to just showing a working widget containing the YouTube Subscribe Button, that works with any Yo …

0 No CVEs

Feeds for YouTube (YouTube video, channel, and gallery plugin)

feeds-for-youtube

The Feeds for YouTube plugin allows you to display customizable YouTube feeds from any YouTube channel.

100K 4 CVEs

Developer Profile

YouTube Subscribe widget Developer Profile

ebreeze

1 plugin · 400 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect YouTube Subscribe widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

widget-title

Shortcode Output

<iframe src='http://www.youtube.com/subscribe_widget?p=%username%' style='border: 1px solid red; overflow: hidden; height: %height%px; width: %width%px; border: none;' scrolling='no' frameborder='0'></iframe>

FAQ