WP-Safety

Bx Carousel Ultimate Security & Risk Analysis

wordpress.org/plugins/bx-carousel-ultimate

Bx Carousel Ultimate Wordpress is a jQuery supper awesome carousel for your theme. By Installing this plugin you will get eye catching carousel.

10 active installs vv1.1 PHP + WP 3.0.1+ Updated Apr 23, 2016
bx-carousel-ultimatebx-carousel-ultimate-wordpresscarousel-jqueryjquery-carousel-pluginjquery-wordpress-carousel
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Bx Carousel Ultimate Safe to Use in 2026?

Generally Safe

Score 85/100

Bx Carousel Ultimate has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago
Risk Assessment

The bx-carousel-ultimate plugin version 1.1 exhibits a strong security posture based on the provided static analysis. The absence of dangerous functions, reliance on prepared statements for SQL, and proper output escaping are excellent indicators of secure coding practices. Furthermore, the lack of file operations and external HTTP requests minimizes potential attack vectors. The plugin also demonstrates a commitment to security by including capability checks for its entry points.

However, there are some areas that warrant attention. The analysis reveals no active taint flows, indicating no immediately obvious vulnerabilities in that regard. Crucially, the plugin has no recorded vulnerability history, suggesting a well-maintained and secure past. Despite the positive findings, the absence of nonce checks on its four shortcodes, which represent the entire attack surface, could be a potential weakness if user-supplied data is not handled with extreme care within these shortcodes. While the capability checks are present, their specific implementation within the shortcodes is not detailed, leaving a small room for potential misconfigurations.

In conclusion, bx-carousel-ultimate v1.1 appears to be a secure plugin with a solid foundation. The development team has implemented many best practices. The primary concern is the lack of nonce checks on shortcodes, which, while not a critical flaw on its own, represents an area where additional security measures could further harden the plugin. The clean vulnerability history is a significant positive, suggesting a reliable and trustworthy codebase.

Key Concerns

  • No nonce checks on shortcodes
Vulnerabilities
None known

Bx Carousel Ultimate Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Bx Carousel Ultimate Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0
Attack Surface

Bx Carousel Ultimate Attack Surface

Entry Points4
Unprotected0

Shortcodes 4

[bx_carousel_image_only] inc\custom-posts-shortcode.php:109
[bx_carousel_bx] inc\custom-posts-shortcode.php:232
[bx_carousel_content] inc\custom-posts-shortcode.php:349
[bx_carousel_lateast] inc\custom-posts-shortcode.php:482
WordPress Hooks 8
actioninitbx-functions.php:15
actioninitbx-functions.php:36
actioninitinc\bx-custom-post.php:4
actioninitinc\bx-custom-post.php:38
filtermce_external_pluginsinc\bx-tynemce.php:10
filtermce_buttonsinc\bx-tynemce.php:11
actionadmin_headinc\bx-tynemce.php:14
actionadmin_enqueue_scriptsinc\bx-tynemce.php:31
Maintenance & Trust

Bx Carousel Ultimate Maintenance & Trust

Maintenance Signals

WordPress version tested3.4.2
Last updatedApr 23, 2016
PHP min version
Downloads2K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

Bx Carousel Ultimate Alternatives

No alternatives data available yet.

Developer Profile

Bx Carousel Ultimate Developer Profile

bootstrapgrid

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Bx Carousel Ultimate

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/bx-carousel-ultimate/css/animate.css/wp-content/plugins/bx-carousel-ultimate/css/carousel-style.css/wp-content/plugins/bx-carousel-ultimate/css/font-awesome.min.css/wp-content/plugins/bx-carousel-ultimate/css/my-mce-style.css/wp-content/plugins/bx-carousel-ultimate/css/owl.animate.css/wp-content/plugins/bx-carousel-ultimate/css/owl.carousel.min.css/wp-content/plugins/bx-carousel-ultimate/css/owl-carousel-theme.css/wp-content/plugins/bx-carousel-ultimate/css/owl.transitions.css+4 more
Script Paths
/wp-content/plugins/bx-carousel-ultimate/js/owl.carousel.js/wp-content/plugins/bx-carousel-ultimate/js/owl.animate.js/wp-content/plugins/bx-carousel-ultimate/js/owl.autoplay.js/wp-content/plugins/bx-carousel-ultimate/js/mce-button.js
Version Parameters
bx-carousel-ultimate/css/font-awesome.min.css?ver=bx-carousel-ultimate/css/owl.carousel.min.css?ver=bx-carousel-ultimate/css/owl-carousel-theme.css?ver=bx-carousel-ultimate/css/carousel-style.css?ver=bx-carousel-ultimate/css/owl.transitions.css?ver=bx-carousel-ultimate/css/owl.animate.css?ver=bx-carousel-ultimate/css/animate.css?ver=bx-carousel-ultimate/js/owl.carousel.js?ver=bx-carousel-ultimate/js/owl.animate.js?ver=bx-carousel-ultimate/js/owl.autoplay.js?ver=

HTML / DOM Fingerprints

CSS Classes
bx-carousel-singlebx-img-wrapperbx-details-contentbx-heading-ltbx-pr-ltvisit_bx
Data Attributes
carouselproimgonlycarouselpro
JS Globals
bx_carousel_latest_jquery
Shortcode Output
<div id="owlcarouselproimg<div id="owlcarouselpro
FAQ

Frequently Asked Questions about Bx Carousel Ultimate