WP-Safety

Wplms bigbluebutton addon Security & Risk Analysis

wordpress.org/plugins/bbb-wplms

Wplms bigbluebutton addon is a social login integration plugin for BuddyPress.

300 active installs v1.4 PHP + WP 3.6+ Updated Jan 17, 2020
bigbluebuttonelearninglive-converencelmswplms
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Wplms bigbluebutton addon Safe to Use in 2026?

Generally Safe

Score 85/100

Wplms bigbluebutton addon has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

The bbb-wplms plugin v1.4 exhibits a generally strong security posture with no known vulnerabilities in its history and a good use of prepared statements for SQL queries. The code analysis indicates robust use of nonce and capability checks on its AJAX handlers, and a complete absence of file operations and external HTTP requests, which are common sources of vulnerabilities. However, a significant concern arises from the output escaping, where only 25% of outputs are properly escaped. This indicates a potential for Cross-Site Scripting (XSS) vulnerabilities, especially if user-supplied data is involved in these unescaped outputs. While the taint analysis found no critical or high severity flows, the presence of one flow with unsanitized paths warrants attention as it could lead to unexpected behavior or even security issues if that path is exploited. The plugin's clean vulnerability history is a positive indicator, but the identified output escaping issue requires remediation to ensure a truly secure application.

Key Concerns

  • Low percentage of properly escaped output
  • Flow with unsanitized paths found
Vulnerabilities
None known

Wplms bigbluebutton addon Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Wplms bigbluebutton addon Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
3 prepared
Unescaped Output
76
25 escaped
Nonce Checks
9
Capability Checks
8
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared3 total queries

Output Escaping

25% escaped101 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

3 flows1 with unsanitized paths
print_edit (classes\wplmsbbb.class.php:1541)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Wplms bigbluebutton addon Attack Surface

Entry Points9
Unprotected0

AJAX Handlers 8

authwp_ajax_select_users_bbbclasses\wplmsbbb.class.php:20
authwp_ajax_create_new_meetingclasses\wplmsbbb.class.php:21
authwp_ajax_edit_meetingclasses\wplmsbbb.class.php:22
authwp_ajax_fetch_meeting_iframeclasses\wplmsbbb.class.php:25
authwp_ajax_join_bbb_wplms_bbb_do_actionclasses\wplmsbbb.class.php:27
authwp_ajax_meeting_logoutclasses\wplmsbbb.class.php:29
authwp_ajax_delete_wplms_bb_meetingclasses\wplmsbbb.class.php:35
authwp_ajax_get_front_groups_bbbclasses\wplmsbbb.class.php:45

Shortcodes 1

[wplms_bbb] classes\wplmsbbb.class.php:17
WordPress Hooks 18
actionmedia_buttonsclasses\wplmsbbb.class.php:18
actionmedia_upload_wplms_bbb_meetingsclasses\wplmsbbb.class.php:19
actionwplms_bbb_meeting_createdclasses\wplmsbbb.class.php:23
actionwplms_send_wplms_bbb_remindersclasses\wplmsbbb.class.php:24
actionwplms_bbb_user_meeting_logoutclasses\wplmsbbb.class.php:26
actionwplms_bbb_user_meeting_joinclasses\wplmsbbb.class.php:28
filterbp_course_all_mailsclasses\wplmsbbb.class.php:30
actionbp_setup_navclasses\wplmsbbb.class.php:31
filterwplms_get_all_meetingsclasses\wplmsbbb.class.php:32
actionwplms_bbb_meeting_editedclasses\wplmsbbb.class.php:34
actionadmin_print_scriptsclasses\wplmsbbb.class.php:36
actionbp_template_titleclasses\wplmsbbb.class.php:132
actionbp_template_contentclasses\wplmsbbb.class.php:133
filtermedia_upload_tabsclasses\wplmsbbb.class.php:1078
actioninitwplms-bbb.php:39
actionbp_initwplms-bbb.php:52
actionadmin_noticeswplms-bbb.php:56
actionplugins_loadedwplms-bbb.php:68

Scheduled Events 2

wplms_send_wplms_bbb_reminders
wplms_send_wplms_bbb_reminders
Maintenance & Trust

Wplms bigbluebutton addon Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21
Last updatedJan 17, 2020
PHP min version
Downloads43K

Community Trust

Rating80/100
Number of ratings1
Active installs300
Alternatives

Wplms bigbluebutton addon Alternatives

WPLMS H5P

WPLMS H5P

wplms-h5p-plugin

A
92

Integrates H5P with WPLMS.

1K No CVEs
WPLMS User Generated Quiz

WPLMS User Generated Quiz

wplms-user-generated-quiz

A
85

Adds shortcode for mock quiz which user selects tags and creates quiz for himself .

30 No CVEs
WPLMS Unit Access Addon

WPLMS Unit Access Addon

wplms-unit-access-addon

A
92

WPLMS Unit Access Addon adds functionality to set number of times a user can see content of unit.

10 No CVEs
Tutor LMS – eLearning and online course solution

Tutor LMS – eLearning and online course solution

tutor

B
75

A complete WordPress LMS plugin to create any eLearning website easily.

100K 60 CVEs
LearnPress – WordPress LMS Plugin for Create and Sell Online Courses

LearnPress – WordPress LMS Plugin for Create and Sell Online Courses

learnpress

B
76

A WordPress LMS Plugin to create WordPress Learning Management System. Turn your WordPress to LMS WordPress Website with Courses, Lessons, Quizzes &am …

80K 63 CVEs
Developer Profile

Wplms bigbluebutton addon Developer Profile

VibeThemes

20 plugins · 4K total installs

86
trust score
Avg Security Score
88/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Wplms bigbluebutton addon

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/bbb-wplms/css/bbb-wplms.css/wp-content/plugins/bbb-wplms/js/bbb-wplms.js
Script Paths
/wp-content/plugins/bbb-wplms/js/bbb-wplms.js
Version Parameters
bbb-wplms/css/bbb-wplms.css?ver=bbb-wplms/js/bbb-wplms.js?ver=

HTML / DOM Fingerprints

CSS Classes
wplms_bbb_meetings
HTML Comments
<!-- WPLMS BBB MEETINGS TAB -->
Data Attributes
data-bbb-meeting-iddata-bbb-meeting-join-urldata-wplms-bbb-admindata-wplms-bbb-security
JS Globals
bbb_wplms_ajax_objectwplms_bbb_vars
Shortcode Output
[wplms_bbb]
FAQ

Frequently Asked Questions about Wplms bigbluebutton addon