Does Before After Content have any unpatched vulnerabilities?

No. All known vulnerabilities in Before After Content have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Before After Content compatible with WordPress 4.9.29?

According to WordPress.org data, Before After Content 2.0 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is Before After Content updated?

Before After Content was last updated on Oct 27, 2018. Frequent updates are generally a positive security signal.

What is Before After Content's security score?

Before After Content has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Before After Content Security & Risk Analysis

wordpress.org/plugins/before-after-content

This plugin is for quickly adding text or image before or after content.

10 active installs v2.0 PHP + WP 3.0.1+ Updated Oct 27, 2018

add-after-contentadd-before-contentafter-contentbefore-contentimage-before-content

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Before After Content Safe to Use in 2026?

Generally Safe

Score 85/100

Before After Content has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The "before-after-content" v2.0 plugin exhibits a generally strong security posture, particularly in its avoidance of known vulnerabilities and its handling of SQL queries. The absence of any recorded CVEs, either historical or currently unpatched, is a significant positive indicator, suggesting a history of responsible development and maintenance. Furthermore, the fact that all SQL queries utilize prepared statements is a robust defense against SQL injection. The plugin also shows no external HTTP requests or file operations, which further limits potential attack vectors.

However, the static analysis reveals a critical weakness in output escaping, with 0% of outputs being properly escaped. This represents a significant risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data or dynamic content could be rendered in the browser without proper sanitization, allowing attackers to inject malicious scripts. The lack of nonce checks is also a concern, although in this case, the absence of AJAX handlers, shortcodes, and REST API routes with unauthenticated access points mitigates the immediate risk. The presence of one capability check is positive but doesn't offset the critical output escaping issue.

In conclusion, while the "before-after-content" v2.0 plugin demonstrates good practices in areas like SQL security and vulnerability history, the failure to properly escape output is a serious deficiency that exposes users to XSS attacks. This needs to be addressed urgently to improve the plugin's overall security.

Key Concerns

Outputs not properly escaped

Vulnerabilities

None known

Before After Content Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Before After Content Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped2 total outputs

Attack Surface

Before After Content Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 11

actionadmin_noticesbefore-after-content.php:84

actionplugins_loadedbefore-after-content.php:100

actioninitbefore-after-content.php:103

actiontf_create_optionsincludes\options.php:5

actionwp_enqueue_scriptsincludes\scripts-enque.php:11

actionwpincludes\show-options-after.php:12

filterthe_contentincludes\show-options-after.php:78

actionwp_headincludes\show-options-after.php:93

actionwpincludes\show-options-before.php:13

filterthe_contentincludes\show-options-before.php:89

actionwp_headincludes\show-options-before.php:104

Maintenance & Trust

Before After Content Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedOct 27, 2018

PHP min version

Downloads2K

Community Trust

Rating40/100

Number of ratings3

Active installs10

Alternatives

Before After Content Alternatives

Posts Footer Manager

intelly-posts-footer-manager

Clean the mess after your content! Organize your post's footer, insert what you want, order elements, create groups for specific categories.

20 1 unpatched

Thumbnail Before Content

thumbnail-before-content

This is a simple plugin that automatically inserts the post thumbnail (featured image) before the post content.

10 No CVEs

Coderlift Product Page Booster

coderlift-product-page-booster

Coderlift Product Page Booster plugin will add an extra field to add content after the cart in single product page

0 No CVEs

Developer Profile

Before After Content Developer Profile

Imtiaz Shamim

2 plugins · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Before After Content

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/before-after-content/includes/css/style.css

HTML / DOM Fingerprints

CSS Classes

_bac_box_bac_effect1_bac_active_bac_after_img

JS Globals

TitanFramework

FAQ