WP-Safety

Carousel Horizontal Posts Content Slider Security & Risk Analysis

wordpress.org/plugins/carousel-horizontal-posts-content-slider

A simple posts content slider, product, images, videos, related posts, custom post type carousel plugin for WordPress.

2K active installs v3.3.2 PHP + WP 3.6+ Updated Aug 8, 2025
carouselposts-carouselposts-content-sliderposts-slider
78
B · Generally Safe
CVEs total1
Unpatched1
Last CVEDec 30, 2025
Download
Safety Verdict

Is Carousel Horizontal Posts Content Slider Safe to Use in 2026?

Mostly Safe

Score 78/100

Carousel Horizontal Posts Content Slider is generally safe to use. 1 past CVE were resolved. Keep it updated.

1 known CVE 1 unpatched Last CVE: Dec 30, 2025Updated 8mo ago
Risk Assessment

The "carousel-horizontal-posts-content-slider" plugin v3.3.2 exhibits a mixed security posture. While it demonstrates good practices such as exclusively using prepared statements for SQL queries and performing capability checks on all identified entry points, significant concerns remain. The presence of two AJAX handlers without authentication checks presents a clear attack vector, potentially allowing unauthorized actions. Furthermore, the taint analysis revealed one flow with an unsanitized path, which, despite not being classified as critical or high severity, warrants attention due to the potential for unexpected behavior or vulnerabilities.

The plugin's vulnerability history, particularly the single known medium-severity CVE related to Cross-Site Scripting, is a notable weakness. The fact that this vulnerability is currently unpatched is a critical concern, as it exposes users to known risks. The timing of the last vulnerability being in late 2025 also suggests a potential lack of active maintenance or a future unpatched issue. Overall, while the plugin avoids some common pitfalls like raw SQL queries, the combination of unprotected AJAX handlers and an unpatched XSS vulnerability significantly elevates its risk profile.

Key Concerns

  • Unpatched CVE (medium severity)
  • AJAX handlers without authentication checks
  • Flows with unsanitized paths
  • Bundled outdated library (jQuery v1.8.2)
Vulnerabilities
1

Carousel Horizontal Posts Content Slider Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched
2025
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2026-22347medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Carousel Horizontal Posts Content Slider <= 3.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Dec 30, 2025Unpatched
Code Analysis
Analyzed Mar 17, 2026

Carousel Horizontal Posts Content Slider Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
4 prepared
Unescaped Output
88
143 escaped
Nonce Checks
2
Capability Checks
4
File Operations
1
External Requests
0
Bundled Libraries
2

Bundled Libraries

Select2jQuery1.8.2

SQL Query Safety

100% prepared4 total queries

Output Escaping

62% escaped231 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths
wa_chpcs_action_callback (carousel-horizontal-posts-content-slider.php:889)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Carousel Horizontal Posts Content Slider Attack Surface

Entry Points4
Unprotected2

AJAX Handlers 3

noprivwp_ajax_wa_chpcs_actioncarousel-horizontal-posts-content-slider.php:102
authwp_ajax_wa_chpcs_actioncarousel-horizontal-posts-content-slider.php:103
authwp_ajax_wa-chpcs-never-show-review-noticecarousel-horizontal-posts-content-slider.php:127

Shortcodes 1

[carousel-horizontal-posts-content-slider] carousel-horizontal-posts-content-slider.php:81
WordPress Hooks 25
actionactivated_plugincarousel-horizontal-posts-content-slider.php:44
actionadmin_initcarousel-horizontal-posts-content-slider.php:54
actioninitcarousel-horizontal-posts-content-slider.php:57
actionadd_meta_boxescarousel-horizontal-posts-content-slider.php:60
actionsave_postcarousel-horizontal-posts-content-slider.php:61
actionpost_updated_messagescarousel-horizontal-posts-content-slider.php:64
actionplugins_loadedcarousel-horizontal-posts-content-slider.php:67
actioninitcarousel-horizontal-posts-content-slider.php:70
actionwp_enqueue_scriptscarousel-horizontal-posts-content-slider.php:80
actionadmin_menucarousel-horizontal-posts-content-slider.php:84
actionadmin_enqueue_scriptscarousel-horizontal-posts-content-slider.php:87
actionplugins_loadedcarousel-horizontal-posts-content-slider.php:90
filterplugin_action_linkscarousel-horizontal-posts-content-slider.php:97
actionadmin_footercarousel-horizontal-posts-content-slider.php:100
actionadmin_menucarousel-horizontal-posts-content-slider.php:106
actionadmin_print_scriptscarousel-horizontal-posts-content-slider.php:108
filterwa_chpcs_get_plugin_blockscarousel-horizontal-posts-content-slider.php:111
actionenqueue_block_editor_assetscarousel-horizontal-posts-content-slider.php:114
filterwa_chpcs_get_block_editor_assetscarousel-horizontal-posts-content-slider.php:117
filtermanage_edit-wa_chpcs_columnscarousel-horizontal-posts-content-slider.php:120
actionmanage_wa_chpcs_posts_custom_columncarousel-horizontal-posts-content-slider.php:123
actionadmin_noticescarousel-horizontal-posts-content-slider.php:126
filtermce_external_pluginscarousel-horizontal-posts-content-slider.php:2346
filtermce_buttonscarousel-horizontal-posts-content-slider.php:2348
actionwidgets_initincludes\class-wa-chpcs-widget.php:70
Maintenance & Trust

Carousel Horizontal Posts Content Slider Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedAug 8, 2025
PHP min version
Downloads248K

Community Trust

Rating82/100
Number of ratings76
Active installs2K
Alternatives

Carousel Horizontal Posts Content Slider Alternatives

Post Grid

Post Grid

post-grid

F
20

Post Grid is a powerful WordPress plugin for creating customizable post grid layouts with advanced query options, allowing users to display posts dyna &hellip;

30K 2 unpatched
Trending/Popular Post Slider and Widget

Trending/Popular Post Slider and Widget

wp-trending-post-slider-and-widget

A
100

A quick, easy way to add Popular/Trending posts slider, grid block and widget. Also work with Gutenberg shortcode block.

2K 1 CVE
JWD PostSlider Widget

JWD PostSlider Widget

jwd-postslider-widget

A
85

Display your posts through a full responsive and highly customisable carousel widget.

80 No CVEs
WP Posts Carousel

WP Posts Carousel

wp-posts-carousel

A
94

WP Posts Carousel is a widget and a shortcode generator to displays posts or custom post types in Owl Carousel.

3K 5 CVEs
Post Sliders

Post Sliders

post-sliders

A
100

Post Slider Plugin is a handy and effective solution for anyone seeking a responsive post slider. It offers a variety of slider templates to set up yo &hellip;

200 No CVEs
Developer Profile

Carousel Horizontal Posts Content Slider Developer Profile

subhansanjaya

3 plugins · 12K total installs

86
trust score
Avg Security Score
88/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Carousel Horizontal Posts Content Slider

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/carousel-horizontal-posts-content-slider/assets/js/owl.carousel.js/wp-content/plugins/carousel-horizontal-posts-content-slider/assets/css/owl.carousel.css/wp-content/plugins/carousel-horizontal-posts-content-slider/assets/css/owl.theme.css/wp-content/plugins/carousel-horizontal-posts-content-slider/assets/css/custom.css/wp-content/plugins/carousel-horizontal-posts-content-slider/assets/js/carousel-horizontal-posts-content-slider.js/wp-content/plugins/carousel-horizontal-posts-content-slider/assets/js/main.js
Script Paths
/wp-content/plugins/carousel-horizontal-posts-content-slider/assets/js/owl.carousel.js/wp-content/plugins/carousel-horizontal-posts-content-slider/assets/js/carousel-horizontal-posts-content-slider.js/wp-content/plugins/carousel-horizontal-posts-content-slider/assets/js/main.js
Version Parameters
/wp-content/plugins/carousel-horizontal-posts-content-slider/assets/js/owl.carousel.js?ver=/wp-content/plugins/carousel-horizontal-posts-content-slider/assets/css/owl.carousel.css?ver=/wp-content/plugins/carousel-horizontal-posts-content-slider/assets/css/owl.theme.css?ver=/wp-content/plugins/carousel-horizontal-posts-content-slider/assets/css/custom.css?ver=/wp-content/plugins/carousel-horizontal-posts-content-slider/assets/js/carousel-horizontal-posts-content-slider.js?ver=/wp-content/plugins/carousel-horizontal-posts-content-slider/assets/js/main.js?ver=

HTML / DOM Fingerprints

CSS Classes
wa-chpcs-review-noticewa-chpcs-plugin-iconwa-chpcs-notice-textwa-chpcs-review-actionsrate-wp-carousel
Data Attributes
wa_chpcs_field
JS Globals
wa_chpcs_actionwa_chpcs_field
FAQ

Frequently Asked Questions about Carousel Horizontal Posts Content Slider