Does Bridaluxe have any unpatched vulnerabilities?

No. All known vulnerabilities in Bridaluxe have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Bridaluxe compatible with WordPress 2.6.2?

According to WordPress.org data, Bridaluxe 1.0.5 has been tested up to WordPress 2.6.2. Check the plugin's changelog for the latest compatibility information.

How often is Bridaluxe updated?

Bridaluxe was last updated on Oct 17, 2008. Frequent updates are generally a positive security signal.

What is Bridaluxe's security score?

Bridaluxe has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Bridaluxe Security & Risk Analysis

wordpress.org/plugins/bridaluxe-storefront

Instantly add a complete Bridaluxe affiliate store to your WordPress blog.

10 active installs v1.0.5 PHP + WP 2.6+ Updated Oct 17, 2008

adminaffiliatebridaluxestorefront

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Bridaluxe Safe to Use in 2026?

Generally Safe

Score 85/100

Bridaluxe has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 17yr ago

Risk Assessment

The "bridaluxe-storefront" v1.0.5 plugin exhibits a generally good security posture based on the provided static analysis. There are no identified critical or high severity vulnerabilities in the code, and the plugin avoids dangerous functions and raw SQL queries. The absence of known CVEs in its history further suggests a history of secure development.

However, there are significant concerns regarding output escaping. With 0% of outputs properly escaped, there's a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any dynamic data displayed to users without proper sanitization can be manipulated by attackers. Additionally, the presence of a file operation and an external HTTP request, while not inherently insecure, represent potential attack vectors if not handled with extreme care and validation.

The plugin's limited attack surface (1 shortcode) and lack of direct AJAX or REST API endpoints with unauthenticated access are positive indicators. Nevertheless, the critical unescaped output is a serious flaw that overshadows these strengths. A robust security strategy would involve immediate remediation of all unescaped outputs to prevent potential XSS exploits.

Key Concerns

All outputs are unescaped
File operations without context
External HTTP requests without context
No nonce checks
No capability checks

Vulnerabilities

None known

Bridaluxe Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Bridaluxe Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped2 total outputs

Attack Surface

Bridaluxe Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[bridaluxe] bridaluxe.php:36

WordPress Hooks 2

actionadmin_menubridaluxe.php:29

actionwp_headbridaluxe.php:30

Maintenance & Trust

Bridaluxe Maintenance & Trust

Maintenance Signals

WordPress version tested2.6.2

Last updatedOct 17, 2008

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Bridaluxe Alternatives

Featured Image for Categories and pages.

hmk-add-images-for-categories-and-pages

Featured Images enables the user to set different featured image for each category, sub category or page.

100 No CVEs

JotUrl Link Shortener

joturl-link-shortener

The JotUrl plugin for Wordpress provides you with the best way to turn any of your Wordpress posts and pages into a powerful short branded link.

20 No CVEs

Loginizer

loginizer

Loginizer is a WordPress security plugin which helps you fight against bruteforce attacks.

1.0M 8 CVEs

Redux Framework

redux-framework

Redux is a simple, truly extensible, and fully responsive options framework for WordPress themes and plugins. It ships with an integrated demo.

1.0M 6 CVEs

LightStart – Maintenance Mode, Coming Soon and Landing Page Builder

wp-maintenance-mode

Easy Drag & Drop Page Builder that adds a splash page to your site that it's perfect for a coming soon page, maintenance or landing page.

500K 6 CVEs

Developer Profile

Bridaluxe Developer Profile

nickohrn

12 plugins · 760 total installs

trust score

Avg Security Score

86/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Bridaluxe

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bridaluxe-storefront/css/istore/wordpress/main.css

HTML / DOM Fingerprints

FAQ