WP-Safety

Background Slider Master Security & Risk Analysis

wordpress.org/plugins/background-slider-master

Creates easy to use fully responsive background sliders that can be applied globally, or to individual pages and posts.

300 active installs v2.2.0 PHP + WP 4.1+ Updated Oct 16, 2018
background-sliderfull-page-background-sliderfull-width-background-slidermulti-page-background-sliderresponsive-background-slider
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Background Slider Master Safe to Use in 2026?

Generally Safe

Score 85/100

Background Slider Master has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago
Risk Assessment

The plugin 'background-slider-master' v2.2.0 presents a mixed security posture. On the positive side, it demonstrates good practices by avoiding dangerous functions, using prepared statements for all SQL queries, and having no recorded vulnerability history. This indicates a developer who is aware of common security pitfalls.

However, significant concerns arise from the static analysis. The plugin exposes a single AJAX handler without any authentication checks, creating a direct, unprotected entry point that could be exploited by unauthenticated users. While there are no reported vulnerabilities and no critical taint flows, this unprotected AJAX handler is a substantial risk. The fact that only 55% of output is properly escaped also suggests a potential for cross-site scripting (XSS) vulnerabilities, although the absence of taint analysis makes it difficult to quantify this risk precisely.

In conclusion, while the plugin has a clean vulnerability history and good SQL practices, the unprotected AJAX endpoint is a critical flaw that overshadows its strengths. The moderate output escaping also warrants attention. The lack of critical issues in the past is positive, but this does not mitigate the immediate risk posed by the current code.

Key Concerns

  • Unprotected AJAX handler
  • Insecure output escaping (55% proper)
Vulnerabilities
None known

Background Slider Master Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Background Slider Master Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
14
17 escaped
Nonce Checks
1
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

55% escaped31 total outputs
Attack Surface
1 unprotected

Background Slider Master Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_bsm_portfolio_dismiss_pro_noticeincludes\class-background-slider-master.php:160
WordPress Hooks 14
actionplugins_loadedincludes\class-background-slider-master.php:140
actionadmin_enqueue_scriptsincludes\class-background-slider-master.php:155
actionadmin_enqueue_scriptsincludes\class-background-slider-master.php:156
actionadmin_menuincludes\class-background-slider-master.php:157
actioninitincludes\class-background-slider-master.php:158
actionwp_loginincludes\class-background-slider-master.php:159
actionadmin_initincludes\class-background-slider-master.php:161
actionadd_meta_boxesincludes\class-background-slider-master.php:162
actionsave_postincludes\class-background-slider-master.php:163
filteris_protected_metaincludes\class-background-slider-master.php:164
actionadmin_noticesincludes\class-background-slider-master.php:167
actionadmin_noticesincludes\class-background-slider-master.php:170
actionwp_enqueue_scriptsincludes\class-background-slider-master.php:183
actionwp_headpublic\class-background-slider-master-public.php:104
Maintenance & Trust

Background Slider Master Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29
Last updatedOct 16, 2018
PHP min version
Downloads28K

Community Trust

Rating90/100
Number of ratings4
Active installs300
Alternatives

Background Slider Master Alternatives

Unlimited Background Slider

Unlimited Background Slider

unlimited-background-slider

A
85

You can create unlimited numbers of slider and assign them to specific posts and pages.full Screen Responsive background slide show.

600 No CVEs
Responsive Full Width Background Slider

Responsive Full Width Background Slider

responsive-full-width-background-slider

A
85

Awesome Responsive Full Width Background Slider Plugin for full screen slide show in background of your WordPress site.

2K No CVEs
Fullscreen Slider

Fullscreen Slider

fullscreen-slider

A
85

Create a fullscreen background slider for your site in a couple of minutes with multiple images and transitions.

100 No CVEs
Developer Profile

Background Slider Master Developer Profile

WebSPI

7 plugins · 460 total installs

85
trust score
Avg Security Score
87/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Background Slider Master

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/background-slider-master/admin/css/background-slider-master-admin.css/wp-content/plugins/background-slider-master/admin/css/jquery-ui.min.css/wp-content/plugins/background-slider-master/admin/css/jquery-ui.structure.min.css/wp-content/plugins/background-slider-master/admin/js/background-slider-master-admin.js/wp-content/plugins/background-slider-master/assets/admin-icon.png
Script Paths
/wp-content/plugins/background-slider-master/admin/js/background-slider-master-admin.js
Version Parameters
background-slider-master/admin/css/background-slider-master-admin.css?ver=background-slider-master/admin/css/jquery-ui.min.css?ver=background-slider-master/admin/css/jquery-ui.structure.min.css?ver=background-slider-master/admin/js/background-slider-master-admin.js?ver=

HTML / DOM Fingerprints

Data Attributes
data-bsm-settings
JS Globals
bsm_admin_localized
FAQ

Frequently Asked Questions about Background Slider Master