Does Beautiful Steps have any unpatched vulnerabilities?

No. All known vulnerabilities in Beautiful Steps have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Beautiful Steps compatible with WordPress 5.6.17?

According to WordPress.org data, Beautiful Steps 1.0 has been tested up to WordPress 5.6.17. Check the plugin's changelog for the latest compatibility information.

How often is Beautiful Steps updated?

Beautiful Steps was last updated on Mar 21, 2021. Frequent updates are generally a positive security signal.

What is Beautiful Steps's security score?

Beautiful Steps has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Beautiful Steps Security & Risk Analysis

wordpress.org/plugins/beautiful-steps

(Tiếng Việt ở dưới ^_^) Generate beautiful steps for your page.

0 active installs v1.0 PHP + WP 3.3+ Updated Mar 21, 2021

guild-boxprocesssteps

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Beautiful Steps Safe to Use in 2026?

Generally Safe

Score 85/100

Beautiful Steps has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The "beautiful-steps" v1.0 plugin exhibits a generally positive security posture based on the static analysis, with no detected dangerous functions, no SQL queries that are not prepared, and no file operations or external HTTP requests. The absence of known vulnerabilities in its history further suggests a stable codebase. However, a significant concern arises from the 100% of outputs that are not properly escaped. This indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, where user-supplied data could be injected into the page in an unescaped manner, potentially leading to malicious script execution in the user's browser. Additionally, the lack of nonce and capability checks across all entry points is alarming. While the static analysis reports zero unprotected entry points, the absence of these fundamental security mechanisms means that even the single shortcode present could be exploited by unauthenticated or unauthorized users if it handles any dynamic data or performs sensitive actions.

Key Concerns

Outputs not properly escaped
Missing nonce checks on entry points
Missing capability checks on entry points

Vulnerabilities

None known

Beautiful Steps Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Beautiful Steps Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

100

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped100 total outputs

Attack Surface

Beautiful Steps Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[bts_shortcode] inc\beautiful-steps-content.php:93

WordPress Hooks 6

actionadmin_initbeautiful-steps.php:42

actionwp_enqueue_scriptsbeautiful-steps.php:47

actionplugins_loadedbeautiful-steps.php:56

actionadmin_menuinc\beautiful-steps-admin.php:98

actionadmin_initinc\beautiful-steps-admin.php:104

actioninitinc\beautiful-steps-content.php:95

Maintenance & Trust

Beautiful Steps Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17

Last updatedMar 21, 2021

PHP min version

Downloads872

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Beautiful Steps Alternatives

Multi-Step Checkout for WooCommerce

wp-multi-step-checkout

Split the different sections of the default WooCommerce checkout page into multiple steps. Allow your customers a faster and easier checkout process.

8K 1 CVE

PiWeb Disable payment method / Partial payment for WooCommerce

disable-payment-method-for-woocommerce

100

Disable payment method for WooCommerce, Charge WooCommerce Payment processing FEES, Take Partial payment for Order, Advance COD or Partial payment for …

4K No CVEs

Less PHP Compiler

lessphp

Includes the less.php preprocessor so that it may be used by other plugins or themes.

3K No CVEs

Canvas Image Resize

canvas-image-resize

100

Re-sizes images right inside the browser BEFORE uploading them.

1K No CVEs

Square Thumbnails

square-thumbnails

100

Creates square thumbnails from images without cropping. Works like CSS background-size: contain.

800 1 CVE

Developer Profile

Beautiful Steps Developer Profile

andrewphanuit

1 plugin · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Beautiful Steps

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/beautiful-steps/css/styles.css/wp-content/plugins/beautiful-steps/js/script.js

Script Paths

/wp-content/plugins/beautiful-steps/js/script.js

Version Parameters

beautiful-steps-css?ver=1.0beautiful-steps-script?ver=1.0

HTML / DOM Fingerprints

CSS Classes

study-inforstepstep__titleguild-boxguild-box__contentguild-box__titleguild-listguild-item+5 more

Data Attributes

onMouseOveronMouseOut

JS Globals

window.beautiful_steps_options

Shortcode Output

[bts_shortcode]

FAQ