Title: Plugin is a Security Risk Last modified: June 28, 2022 --- # Plugin is a Security Risk * [OFS](https://wordpress.org/support/users/ep2012/) * (@ep2012) * [3 years, 11 months ago](https://wordpress.org/support/topic/plugin-is-a-security-risk/) * We just found out that this plugin allows anyone who has subscribers to upload any video they want AND the developer knew about this 2 years ago and still hasn’t fixed it. * JUST NUTS!!! Viewing 1 replies (of 1 total) * Plugin Contributor [wpvideogallery](https://wordpress.org/support/users/wpvideogallery/) * (@wpvideogallery) * [3 years, 11 months ago](https://wordpress.org/support/topic/plugin-is-a-security-risk/#post-15779818) * My sincere apologies for any inconvenience caused. * **Solution:** We have released a quick version now that disables the back-end access to any user roles other than the “Administrator” & “Editor”. * Please don’t mistake us like we didn’t take your complaint seriously. We had the same fix applied in our earlier versions that is before 2.4.4. * But, we removed it again from the 2.4.4 version again due to some user requests. Actually, we should have made this an option like whether to allow the subscribers to upload videos or not. Once again, sorry about this. I understand that whatever I explain is not acceptable. But, as a quick solution, we have disabled the back- end access to any user roles other than the “Administrator” & “Editor”. You can check the solution added here [https://plugins.trac.wordpress.org/changeset/2749394/#file1](https://plugins.trac.wordpress.org/changeset/2749394/#file1) * I promise that we will have an option in the next version like whether to allow users (with the required capability) to access the plugin back-end or not. Viewing 1 replies (of 1 total) The topic ‘Plugin is a Security Risk’ is closed to new replies. * ![](https://ps.w.org/all-in-one-video-gallery/assets/icon-256x256.png?rev=3078876) * [All-in-One Video Gallery](https://wordpress.org/plugins/all-in-one-video-gallery/) * [Frequently Asked Questions](https://wordpress.org/plugins/all-in-one-video-gallery/#faq) * [Support Threads](https://wordpress.org/support/plugin/all-in-one-video-gallery/) * [Active Topics](https://wordpress.org/support/plugin/all-in-one-video-gallery/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/all-in-one-video-gallery/unresolved/) * [Reviews](https://wordpress.org/support/plugin/all-in-one-video-gallery/reviews/) * 1 reply * 2 participants * Last reply from: [wpvideogallery](https://wordpress.org/support/users/wpvideogallery/) * Last activity: [3 years, 11 months ago](https://wordpress.org/support/topic/plugin-is-a-security-risk/#post-15779818)