Does Author Bio On Hover – Author Box have any unpatched vulnerabilities?

No. All known vulnerabilities in Author Bio On Hover – Author Box have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Author Bio On Hover – Author Box compatible with WordPress 6.7.5?

According to WordPress.org data, Author Bio On Hover – Author Box 5.0.2 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Author Bio On Hover – Author Box compatible with PHP 5.2.4+?

Author Bio On Hover – Author Box requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Author Bio On Hover – Author Box updated?

Author Bio On Hover – Author Box was last updated on Jan 11, 2025. Frequent updates are generally a positive security signal.

What is Author Bio On Hover – Author Box's security score?

Author Bio On Hover – Author Box has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Author Bio On Hover – Author Box Security & Risk Analysis

wordpress.org/plugins/author-on-hover

If you are looking to add a responsive and professional author profile, bio, social links & icons, this is the perfect author box plugin to displa …

70 active installs v5.0.2 PHP 5.2.4+ WP 4.6+ Updated Jan 11, 2025

author-bioauthor-boxauthor-on-hoverauthor-social-icons

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Author Bio On Hover – Author Box Safe to Use in 2026?

Generally Safe

Score 92/100

Author Bio On Hover – Author Box has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The author-on-hover plugin version 5.0.2 exhibits a generally strong security posture based on the provided static analysis. The absence of any critical or high severity taint flows, along with 100% of SQL queries using prepared statements, indicates good coding practices in these areas. Furthermore, the presence of numerous nonce and capability checks across its entry points suggests an effort to secure against common WordPress attack vectors. The plugin also has no recorded vulnerabilities or CVEs, which is a positive indicator of its security track record.

Despite these strengths, a minor concern arises from the output escaping. While 79% of outputs are properly escaped, the remaining 21% (approximately 64 outputs) represent a potential area for Cross-Site Scripting (XSS) vulnerabilities, particularly if user-supplied data is involved in these unescaped outputs. Although the static analysis did not flag any specific unsanitized paths or dangerous functions, this percentage of unescaped output warrants attention. The plugin's attack surface, while entirely protected by authentication checks, consists of 6 entry points, which is a moderate surface to manage.

In conclusion, author-on-hover v5.0.2 appears to be a relatively secure plugin with a clean vulnerability history and good internal security practices like prepared statements and authentication checks. The primary area for improvement lies in ensuring 100% output escaping to mitigate any potential XSS risks. The lack of historical vulnerabilities is a significant strength, suggesting diligent development and maintenance.

Key Concerns

Unescaped output present (21%)

Vulnerabilities

None known

Author Bio On Hover – Author Box Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Author Bio On Hover – Author Box Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

239 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

79% escaped304 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

aoh_export (admin\aoh-framework\functions\actions.php:62)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Author Bio On Hover – Author Box Attack Surface

Entry Points6

Unprotected0

AJAX Handlers 5

authwp_ajax_aoh-get-iconsadmin\aoh-framework\functions\actions.php:50

authwp_ajax_aoh-exportadmin\aoh-framework\functions\actions.php:87

authwp_ajax_aoh-importadmin\aoh-framework\functions\actions.php:123

authwp_ajax_aoh-resetadmin\aoh-framework\functions\actions.php:150

authwp_ajax_aoh-chosenadmin\aoh-framework\functions\actions.php:189

Shortcodes 1

[aoh_profile_card] includes\class-author-on-hover.php:229

WordPress Hooks 38

actionwp_enqueue_scriptsadmin\aoh-framework\classes\abstract.class.php:21

actionadmin_menuadmin\aoh-framework\classes\admin-options.class.php:107

actionadmin_bar_menuadmin\aoh-framework\classes\admin-options.class.php:108

actionnetwork_admin_menuadmin\aoh-framework\classes\admin-options.class.php:112

filteradmin_footer_textadmin\aoh-framework\classes\admin-options.class.php:432

actionadd_meta_boxesadmin\aoh-framework\classes\metabox-options.class.php:50

actionsave_postadmin\aoh-framework\classes\metabox-options.class.php:51

actionedit_attachmentadmin\aoh-framework\classes\metabox-options.class.php:52

actionadmin_initadmin\aoh-framework\classes\profile-options.class.php:32

actionshow_user_profileadmin\aoh-framework\classes\profile-options.class.php:44

actionedit_user_profileadmin\aoh-framework\classes\profile-options.class.php:45

actionpersonal_options_updateadmin\aoh-framework\classes\profile-options.class.php:47

actionedit_user_profile_updateadmin\aoh-framework\classes\profile-options.class.php:48

actionafter_setup_themeadmin\aoh-framework\classes\setup.class.php:73

actioninitadmin\aoh-framework\classes\setup.class.php:74

actionswitch_themeadmin\aoh-framework\classes\setup.class.php:75

actionadmin_enqueue_scriptsadmin\aoh-framework\classes\setup.class.php:76

actionwp_enqueue_scriptsadmin\aoh-framework\classes\setup.class.php:77

actionwp_headadmin\aoh-framework\classes\setup.class.php:78

filteradmin_body_classadmin\aoh-framework\classes\setup.class.php:79

actionadmin_footeradmin\aoh-framework\fields\icon\icon.php:41

actioncustomize_controls_print_footer_scriptsadmin\aoh-framework\fields\icon\icon.php:42

actionprint_default_editor_scriptsadmin\aoh-framework\fields\wp_editor\wp_editor.php:62

actionplugins_loadedincludes\class-author-on-hover.php:163

actionadmin_enqueue_scriptsincludes\class-author-on-hover.php:177

actionadmin_enqueue_scriptsincludes\class-author-on-hover.php:178

actioninitincludes\class-author-on-hover.php:182

filterpost_updated_messagesincludes\class-author-on-hover.php:183

filteraoh_blocks_posts_columnsincludes\class-author-on-hover.php:184

actionaoh_blocks_posts_custom_columnincludes\class-author-on-hover.php:185

actionadmin_menuincludes\class-author-on-hover.php:186

filterplugin_action_linksincludes\class-author-on-hover.php:187

actionadmin_noticesincludes\class-author-on-hover.php:206

actionwp_enqueue_scriptsincludes\class-author-on-hover.php:220

actionwp_enqueue_scriptsincludes\class-author-on-hover.php:221

filterthe_contentincludes\class-author-on-hover.php:224

actionaoh_action_tag_for_shortcodeincludes\class-author-on-hover.php:228

actioninitincludes\class-author-on-hover.php:235

Maintenance & Trust

Author Bio On Hover – Author Box Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 11, 2025

PHP min version5.2.4

Downloads4K

Community Trust

Rating60/100

Number of ratings2

Active installs70

Alternatives

Author Bio On Hover – Author Box Alternatives

Simple Author Box

simple-author-box

Add a responsive author box or guest author box with social icons to any post. Great author box for any site!

80K 2 CVEs

WP Post Author – Author Box, Co-Authors & Guest Authors

wp-post-author

WP Post Author provides a complete solution for displaying author information, managing multiple authors, collecting post ratings, and creating user r …

10K 6 CVEs

Author Box WP Lens

author-box-for-divi

100

A plugin which provides an author box for your WordPress blog. Originally known as "Author Box for Divi."

1K No CVEs

Cool Author Box – For Widget and Post Content

hm-cool-author-box-widget

Cool Author Box displays an responsive author box with social media links to your widget and post content area.

600 2 CVEs

Smart Author Box Widget

smart-author-box-widget

100

Smart Author Box Widget displays author bio box with an image, description, and social links—perfect for multi-author blogs and personal sites.

70 No CVEs

Developer Profile

Author Bio On Hover – Author Box Developer Profile

Pluginic

7 plugins · 3K total installs

trust score

Avg Security Score

94/100

Avg Patch Time

12 days

View full developer profile

Detection Fingerprints

How We Detect Author Bio On Hover – Author Box

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/author-on-hover/assets/css/author-on-hover.css/wp-content/plugins/author-on-hover/assets/js/author-on-hover.js/wp-content/plugins/author-on-hover/admin/aoh-framework/assets/css/framework.css/wp-content/plugins/author-on-hover/admin/aoh-framework/assets/js/framework.js

Version Parameters

author-on-hover/assets/css/author-on-hover.css?ver=author-on-hover/assets/js/author-on-hover.js?ver=aoh-framework/assets/css/framework.css?ver=aoh-framework/assets/js/framework.js?ver=

HTML / DOM Fingerprints

CSS Classes

aoh-author-profileaoh-avataraoh-author-nameaoh-author-bioaoh-author-social

Data Attributes

data-aoh-author-iddata-aoh-show-avatardata-aoh-show-namedata-aoh-show-biodata-aoh-show-social

JS Globals

AOH_FRAMEWORK_OPTIONSAOH_METABOX_PROFILE_CARD_OPTIONS

FAQ