WP-Safety

Business Hub Toolbox Security & Risk Analysis

wordpress.org/plugins/business-hub-toolbox

Tags: instagram, instagram widget, instagram feeds, twitter, twitter widget, twitter feeds, events, upcoming events, event speakers, event widget, pri …

10 active installs v1.0.4 PHP + WP + Updated Unknown
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Business Hub Toolbox Safe to Use in 2026?

Generally Safe

Score 100/100

Business Hub Toolbox has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The business-hub-toolbox plugin v1.0.4 exhibits a generally good security posture based on the provided static analysis and vulnerability history. There are no recorded CVEs, and the code signals indicate responsible development practices, such as the absence of dangerous functions and the proper use of prepared statements for SQL queries. A significant majority of output is properly escaped, and capability checks and nonce checks are present, suggesting an awareness of common WordPress security pitfalls. The plugin also avoids bundling libraries, which can sometimes introduce outdated or vulnerable components. The absence of taint analysis findings further strengthens the impression of secure coding.

However, a closer examination reveals some potential areas for improvement. While the attack surface is small and all entry points appear to have some form of protection, the plugin does utilize shortcodes, which can sometimes be a vector for vulnerabilities if not handled meticulously. The fact that 20% of outputs are not properly escaped, while not classified as critical by this analysis, represents a potential XSS risk that could be exploited by a determined attacker. The single external HTTP request also warrants scrutiny to ensure it is handled securely and doesn't expose the site to risks from external sources. Overall, the plugin is robust but could benefit from addressing the minor output escaping gaps and ensuring the external HTTP request is as secure as possible.

Key Concerns

  • Outputs not properly escaped
  • External HTTP requests
Vulnerabilities
None known

Business Hub Toolbox Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Business Hub Toolbox Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
82
332 escaped
Nonce Checks
5
Capability Checks
2
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

80% escaped414 total outputs
Attack Surface

Business Hub Toolbox Attack Surface

Entry Points4
Unprotected0

Shortcodes 4

[rwspt-pricing-table] inc\bht-price-table.php:2
[rwsec-display-recent-event] inc\bht-shortcode.php:7
[rwsec-display-all-event] inc\bht-shortcode.php:92
[rwsec-display-upcoming-events] inc\bht-shortcode.php:117
WordPress Hooks 33
actionadmin_initbusiness-hub-toolbox.php:86
actionadmin_menubusiness-hub-toolbox.php:87
actionadmin_enqueue_scriptsbusiness-hub-toolbox.php:88
actionwp_enqueue_scriptsbusiness-hub-toolbox.php:89
actioninitbusiness-hub-toolbox.php:90
actionadd_meta_boxesbusiness-hub-toolbox.php:91
actionsave_postbusiness-hub-toolbox.php:92
filtermanage_bht-event_posts_columnsbusiness-hub-toolbox.php:93
actionmanage_bht-event_posts_custom_columnbusiness-hub-toolbox.php:94
filtermce_buttonsbusiness-hub-toolbox.php:95
filtermce_external_pluginsbusiness-hub-toolbox.php:96
filtersingle_templatebusiness-hub-toolbox.php:97
filterarchive_templatebusiness-hub-toolbox.php:98
actionwidgets_initbusiness-hub-toolbox.php:99
actioninitbusiness-hub-toolbox.php:107
actionadd_meta_boxesbusiness-hub-toolbox.php:108
actionadd_meta_boxesbusiness-hub-toolbox.php:109
actionadd_meta_boxesbusiness-hub-toolbox.php:110
actionsave_postbusiness-hub-toolbox.php:111
actionsave_postbusiness-hub-toolbox.php:112
filtermanage_rws-pricing-table_posts_columnsbusiness-hub-toolbox.php:113
actionmanage_rws-pricing-table_posts_custom_columnbusiness-hub-toolbox.php:114
actionwp_enqueue_scriptsinc\bht-insta-feeds.php:18
actionwidgets_initinc\bht-insta-feeds.php:227
actioninitinc\bht-testimonial.php:42
actionadd_meta_boxesinc\bht-testimonial.php:48
actionsave_postinc\bht-testimonial.php:116
actionwp_enqueue_scriptsinc\bht-twitter-feeds.php:24
actionwidgets_initinc\bht-twitter-feeds.php:288
actionadmin_enqueue_scriptsspeakers\event-metabox.php:429
actionadmin_headspeakers\event-metabox.php:430
actionadd_meta_boxesspeakers\event-metabox.php:431
actionsave_postspeakers\event-metabox.php:432
Maintenance & Trust

Business Hub Toolbox Maintenance & Trust

Maintenance Signals

WordPress version tested
Last updatedUnknown
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Business Hub Toolbox Alternatives

No alternatives data available yet.

Developer Profile

Business Hub Toolbox Developer Profile

Rigorous Themes

4 plugins · 90 total installs

86
trust score
Avg Security Score
89/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Business Hub Toolbox

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/business-hub-toolbox/assets/admin/css/bht-repeater.css/wp-content/plugins/business-hub-toolbox/assets/admin/css/jquery.datetimepicker.css/wp-content/plugins/business-hub-toolbox/assets/admin/js/bht-event-custom-jquery.js/wp-content/plugins/business-hub-toolbox/assets/admin/js/bht-repeater.js/wp-content/plugins/business-hub-toolbox/assets/admin/js/bht-shortcode-button.js/wp-content/plugins/business-hub-toolbox/assets/admin/js/bht-widget-customizer.js/wp-content/plugins/business-hub-toolbox/assets/admin/js/jquery.datetimepicker.full.min.js/wp-content/plugins/business-hub-toolbox/assets/public/css/bht-event-style-personal.css+5 more
Script Paths
/wp-content/plugins/business-hub-toolbox/assets/admin/js/bht-event-custom-jquery.js/wp-content/plugins/business-hub-toolbox/assets/admin/js/bht-repeater.js/wp-content/plugins/business-hub-toolbox/assets/admin/js/bht-shortcode-button.js/wp-content/plugins/business-hub-toolbox/assets/admin/js/bht-widget-customizer.js/wp-content/plugins/business-hub-toolbox/assets/admin/js/jquery.datetimepicker.full.min.js/wp-content/plugins/business-hub-toolbox/assets/public/js/bht-event-custom.js+2 more
Version Parameters
business-hub-toolbox/assets/admin/css/bht-repeater.css?ver=business-hub-toolbox/assets/admin/css/jquery.datetimepicker.css?ver=business-hub-toolbox/assets/admin/js/bht-event-custom-jquery.js?ver=business-hub-toolbox/assets/admin/js/bht-repeater.js?ver=business-hub-toolbox/assets/admin/js/bht-shortcode-button.js?ver=business-hub-toolbox/assets/admin/js/bht-widget-customizer.js?ver=business-hub-toolbox/assets/admin/js/jquery.datetimepicker.full.min.js?ver=business-hub-toolbox/assets/public/css/bht-event-style-personal.css?ver=business-hub-toolbox/assets/public/css/bht-event_style.css?ver=business-hub-toolbox/assets/public/css/bht-style.css?ver=business-hub-toolbox/assets/public/js/bht-event-custom.js?ver=business-hub-toolbox/assets/public/js/bht-simplecalendar.js?ver=business-hub-toolbox/assets/public/js/easyResponsiveTabs.js?ver=

HTML / DOM Fingerprints

CSS Classes
bht-event-custom-jquerybht-repeaterbht-shortcode-buttonbht-widget-customizerbht-simplecalendareasyResponsiveTabsbht-event-style-personalbht-event_style+1 more
JS Globals
BHP_DIRBHP_URIECA_IMAGE_DIRECA_JS_DIRECA_CSS_DIRECP_IMAGE_DIR+3 more
FAQ

Frequently Asked Questions about Business Hub Toolbox