BS4WP Component Security & Risk Analysis
wordpress.org/plugins/bs4wp-componentThis is a plugin to display your favorite Bootstrap4 Slider. When activated you can add slider in any place using shortcode.
Is BS4WP Component Safe to Use in 2026?
Generally Safe
Score 100/100BS4WP Component has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "bs4wp-component" v1.1 plugin exhibits a generally positive security posture based on the provided static analysis. The absence of detected dangerous functions, raw SQL queries, file operations, and external HTTP requests is commendable. Furthermore, the plugin has no recorded vulnerability history, including no known CVEs. This suggests a responsible development approach and a lack of past exploitable flaws.
However, a significant concern arises from the output escaping. With one total output and 0% properly escaped, there is a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any data rendered to the user interface that is not properly sanitized or escaped can be leveraged by an attacker to inject malicious scripts. The lack of nonce checks and capability checks on entry points, although the number of entry points is low (two shortcodes), also presents a potential avenue for unauthorized actions or information disclosure if the shortcodes handle sensitive data or perform privileged operations.
While the plugin's history and foundational code appear secure, the critical deficiency in output escaping and the absence of robust authorization checks on its limited entry points represent the primary security weaknesses. Addressing the output escaping is paramount to mitigate XSS risks, and implementing capability checks on the shortcodes would further strengthen its security.
Key Concerns
- 0% properly escaped output
- 0 Nonce checks on entry points
- 0 Capability checks on entry points
BS4WP Component Security Vulnerabilities
BS4WP Component Code Analysis
Output Escaping
BS4WP Component Attack Surface
Shortcodes 2
WordPress Hooks 4
Maintenance & Trust
BS4WP Component Maintenance & Trust
Maintenance Signals
Community Trust
BS4WP Component Alternatives
Advanced Bootstrap Carousel
advanced-bootstrap-carousel
Advanced Bootstrap Carousel is a light weighted responsive slider plugin.
WP Bootstrap Carousel by IT Pixelz
wp-bootstrap-carousel-by-it-pixelz
Bootstrap responsive carousel slider, just install in clicks and get ready your bootstrap slider for your website.
Bootstrap Slider By themescode
bootstrap-slider-by-themescode
Twitter Bootstrap based professional WordPress carousel slider plugin on click installation.use the shortcode where want to use
TC Bootstrap Carousel
tc-bootstrap-carousel
Twitter Bootstrap based professional WordPress carousel plugin on click installation.use the shortcode where want to use
Fade Slider
fade-slider
A modern, responsive Bootstrap 5.3 carousel slider plugin with smooth fade/slide animations, works perfectly on all devices and themes.
BS4WP Component Developer Profile
4 plugins · 760 total installs
How We Detect BS4WP Component
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/bs4wp-component/public/css/bootstrap/bootstrap.min.css/wp-content/plugins/bs4wp-component/public/js/bootstrap/bootstrap.min.js/wp-content/plugins/bs4wp-component/public/css/main.css/wp-content/plugins/bs4wp-component/public/js/bootstrap/bootstrap.min.jsbs4wp-css-bootstrap?ver=4.4.1bs4wp-js-bootstrap?ver=4.4.1bs4wp-css-main?ver=1.0HTML / DOM Fingerprints
carouselslidecarousel-indicatorscarousel-control-prevcarousel-control-nextcarousel-control-prev-iconcarousel-control-next-iconsr-only+7 moredata-slidedata-slide-todata-ridearia-hiddenrolewp.codeEditor.initialize<div class="carousel slide<li data-target="#<span class="carousel-control-prev-icon"<span class="carousel-control-next-icon"