Does Bonboarding have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Bonboarding compatible with WordPress 6.8.5?

According to WordPress.org data, Bonboarding 1.0.8 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Bonboarding compatible with PHP 8.0+?

Bonboarding requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Bonboarding updated?

Bonboarding was last updated on Apr 17, 2025. Frequent updates are generally a positive security signal.

What is Bonboarding's security score?

Bonboarding has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Bonboarding Security & Risk Analysis

wordpress.org/plugins/bonboarding

Create stunning product tours to enhance user adoption and engagement with Bonboarding.

10 active installs v1.0.8 PHP 8.0+ WP 4.7+ Updated Apr 17, 2025

introintroductiononboardingproduct-tourtutorial

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Bonboarding Safe to Use in 2026?

Generally Safe

Score 92/100

Bonboarding has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "bonboarding" plugin version 1.0.8 presents a generally strong security posture based on the provided static analysis. The absence of any identified dangerous functions, file operations, or external HTTP requests is a positive indicator. Furthermore, all SQL queries are properly prepared, and a high percentage of output is correctly escaped, suggesting good development practices regarding data handling and sanitization. The lack of any recorded vulnerabilities, including CVEs, across its history is also a significant strength, implying a history of secure development or a lack of historical targeting. The very small attack surface with no identified unprotected entry points further bolsters this assessment.

Key Concerns

No nonce checks found
No capability checks found
13% of outputs not properly escaped

Vulnerabilities

None known

Bonboarding Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Bonboarding Release Timeline

v1.0.8Current

v1.0.7

v1.0.6

v1.0.5

v1.0.4

v1.0.3

v1.0.2

v1.0.1

v1.0.0

Code Analysis

Analyzed Mar 17, 2026

Bonboarding Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

13 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

87% escaped15 total outputs

Attack Surface

Bonboarding Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionactivated_pluginbonboarding.php:40

actionwp_headintegration.php:120

actionadmin_headintegration.php:121

actionadmin_menusettings.php:9

actionadmin_initsettings.php:10

actionadmin_enqueue_scriptssettings.php:11

Maintenance & Trust

Bonboarding Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 17, 2025

PHP min version8.0

Downloads2K

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

Bonboarding Alternatives

Admin Tour

admin-tour

100

Admin Tour helps you to create a tour for admin. Admin user can go through the tour and they will get the knowledge about how to use the admin panel.

20 No CVEs

Simple Tour Guide

simple-tour-guide

100

Easily add an interactive step-by-step user guide (intro tour) for your visitors. Based on Shepherd.js (https://shepherdjs.dev/).

300 No CVEs

Intro Tour Tutorial DeepPresentation

dp-intro-tours

Step-by-step tutorial guide, web or new feature intro tour created intuitively with the visual builder and detail configuration on the admin board

200 2 CVEs

Custom Welcome Guide

custom-welcome-guide

Easily add step-by-step tours/tutorials/walkthrough guides that get displayed in the WordPress admin. Replace the default welcome guide modal dialog i …

10 No CVEs

Blog Introduction

blog-introduction

Blog Introduction inserts a static intro before posts (on homepage or archive pages). Introduction content is taken from a designated page.

80 No CVEs

Developer Profile

Bonboarding Developer Profile

Resurs Bank Plugins & Onboarding

2 plugins · 100 total installs

trust score

Avg Security Score

96/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Bonboarding

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bonboarding/logo.svg/wp-content/plugins/bonboarding/new-tab.svg/wp-content/plugins/bonboarding/video.svg

HTML / DOM Fingerprints

CSS Classes

bonboarding-settingsflows-buttonbonboarding-settings .flexbonboarding-settings .logo-containerbonboarding-settings .flows-button-containerbonboarding-settings .flows-button imgbonboarding-settings .watch-videobonboarding-settings .watch-video img+5 more

Data Attributes

id="tutorial-video"class="thickbox watch-video"

FAQ