Does 3DHubs have any unpatched vulnerabilities?

No. All known vulnerabilities in 3DHubs have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is 3DHubs compatible with WordPress 4.1.42?

According to WordPress.org data, 3DHubs 0.2 has been tested up to WordPress 4.1.42. Check the plugin's changelog for the latest compatibility information.

How often is 3DHubs updated?

3DHubs was last updated on Jan 11, 2015. Frequent updates are generally a positive security signal.

What is 3DHubs's security score?

3DHubs has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

3DHubs Security & Risk Analysis

wordpress.org/plugins/3dhubs

Displays a 3DHubs button in the sidebar or directly in a text field.

10 active installs v0.2 PHP + WP 3.0+ Updated Jan 11, 2015

3d3dhubs3dprinting

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is 3DHubs Safe to Use in 2026?

Generally Safe

Score 85/100

3DHubs has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The 3dhubs plugin v0.2 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries, avoiding file operations, and making no external HTTP requests. The static analysis also indicates a limited attack surface with only one shortcode and no AJAX handlers or REST API routes. Furthermore, there's a history of zero known vulnerabilities, suggesting a relatively stable and secure codebase over time.

However, several concerning signals are present in the static analysis. The presence of `create_function` is a significant risk, as it can lead to code injection vulnerabilities if user-supplied data is passed to it without proper sanitization. A critical concern is that 100% of the output is not properly escaped, creating a high risk of Cross-Site Scripting (XSS) vulnerabilities. The absence of nonce checks on its single entry point, the shortcode, also means that actions triggered by this shortcode could be vulnerable to Cross-Site Request Forgery (CSRF) if they perform sensitive operations.

In conclusion, while the plugin has a clean vulnerability history and avoids several common pitfalls like raw SQL and external requests, the unescaped output and the use of `create_function` represent significant security weaknesses that require immediate attention. The lack of nonce checks further exacerbates the risk associated with the shortcode. Addressing these issues will be crucial to improving the plugin's overall security.

Key Concerns

Unescaped output detected
Use of dangerous function: create_function
Missing nonce checks on entry point

Vulnerabilities

None known

3DHubs Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

3DHubs Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_functionadd_action( 'widgets_init', create_function( '', 'return register_widget( "ThreeDHubsWidget" );' ) )main.php:133

Output Escaping

0% escaped13 total outputs

Attack Surface

3DHubs Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[3DHubs] main.php:52

WordPress Hooks 4

actionwidgets_initmain.php:133

actionwp_enqueue_scriptsmain.php:136

actionadmin_initsettings.php:6

actionadmin_menusettings.php:7

Maintenance & Trust

3DHubs Maintenance & Trust

Maintenance Signals

WordPress version tested4.1.42

Last updatedJan 11, 2015

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

3DHubs Alternatives

3DPrint Lite

3dprint-lite

A plugin for selling 3D printing services.

800 7 CVEs

Shop3D – 3D Print on Demand

shop-3d

Instant on-demand manufacturing plugin - from 3D file into physical product

30 No CVEs

Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer

3d-flipbook-dflip-lite

Dear Flipbook creates PDF Flipbook, 3D Flipbook, PDF viewer, PDF embed for WordPress sites. Create impressive and realistic 3D flipbooks with PDFs.

100K 8 CVEs

3D Viewer – Display Interactive 3D Models

3d-viewer

100

3D Viewer lets you embed interactive 3D models and 360 product views on WordPress sites with support for GLB, GLTF, OBJ, STL, FBX, DAE, and BIM.

10K No CVEs

Panorama – 360 Virtual Tour, Panoramic image viewer and More

panorama

100

Panorama Viewer displays panoramic images/videos easily on your WordPress site. Supports various files like .png, .jpeg, .mp4, and more.

3K No CVEs

Developer Profile

3DHubs Developer Profile

christian.loelkes

3 plugins · 120 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect 3DHubs

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/3dhubs/3dhubs.css

Version Parameters

3dhubs.css?ver=

HTML / DOM Fingerprints

CSS Classes

hubs-btnhubs-btn-red

Data Attributes

data-3dhubs-url

Shortcode Output

<a href="class="hubs-btn hubs-btn-red"><img src="width="30px"><span>3D Print</span></a>

FAQ