Does Accordion have any unpatched vulnerabilities?

No. All known vulnerabilities in Accordion have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Accordion compatible with WordPress 4.9.29?

According to WordPress.org data, Accordion 2.0 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is Accordion updated?

Accordion was last updated on Feb 11, 2018. Frequent updates are generally a positive security signal.

What is Accordion's security score?

Accordion has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Accordion Security & Risk Analysis

wordpress.org/plugins/category-and-post-accordion-panel

Rich wordpress accordion plugin

100 active installs v2.0 PHP + WP 4.6+ Updated Feb 11, 2018

accordion-menuaccordion-widgetaccordions-pluginresponsive-accordionwordpress-accordion

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Accordion Safe to Use in 2026?

Generally Safe

Score 85/100

Accordion has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "category-and-post-accordion-panel" v2.0 plugin exhibits a generally strong security posture with a notable absence of critical vulnerabilities in its known history and static analysis. The plugin demonstrates good practices by not having any unpatched CVEs and the taint analysis reveals no unsanitized paths or critical/high severity flows, indicating robust input handling. Furthermore, the lack of file operations and external HTTP requests limits potential attack vectors. However, there are areas for improvement. The presence of 6 AJAX handlers without explicit authentication checks, while not flagged as unprotected entry points (which implies some form of internal check or default WordPress permissions), still presents a potential surface for privilege escalation if those checks are not robust. Additionally, while the majority of SQL queries use prepared statements, a portion still do not, which could be a risk if those queries handle sensitive data without proper sanitization. The moderate percentage of properly escaped output also suggests a potential for cross-site scripting vulnerabilities, though no specific instances were found in this analysis.

Key Concerns

AJAX handlers without explicit auth checks
SQL queries not using prepared statements
Output not properly escaped

Vulnerabilities

None known

Accordion Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Accordion Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

112

279 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

60% prepared5 total queries

Output Escaping

71% escaped391 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

<ajax_load_more_posts> (templates\ajax_load_more_posts.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Accordion Attack Surface

Entry Points7

Unprotected0

AJAX Handlers 6

authwp_ajax_getTotalPostsinclude\postaccordionpanel.php:36

authwp_ajax_getPostsinclude\postaccordionpanel.php:37

authwp_ajax_getMorePostsinclude\postaccordionpanel.php:38

noprivwp_ajax_getTotalPostsinclude\postaccordionpanel.php:40

noprivwp_ajax_getPostsinclude\postaccordionpanel.php:41

noprivwp_ajax_getMorePostsinclude\postaccordionpanel.php:42

Shortcodes 1

[postaccordionpanel] include\postaccordionpanel.php:44

WordPress Hooks 5

actionplugins_loadedinclude\abstract.php:56

actionwidgets_initinclude\abstract.php:63

actioninitinclude\abstract.php:68

actionadmin_enqueue_scriptsinclude\abstract.php:70

actioninitinclude\postaccordionpanel.php:21

Maintenance & Trust

Accordion Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedFeb 11, 2018

PHP min version

Downloads9K

Community Trust

Rating100/100

Number of ratings2

Active installs100

Alternatives

Accordion Alternatives

Accordion FAQ – Compatible With All Page Builder (Elementor, Gutenberg)

responsive-accordion-and-collapse

100

Accordion And Collapse is the most easiest drag & drop accordion builder for WordPress. You can add multiple accordion and collapse with this.

40K No CVEs

Iks Menu – WordPress Category Accordion Menu & FAQs

iks-menu

100

Super customizable WordPress plugin for displaying custom menus, taxonomy/category terms and FAQs as accordion menu (with images support).

10K No CVEs

WPB Accordion Menu – Collapsible Vertical Sidebar Menu – WooCommerce Category Accordion

wpb-accordion-menu-or-category

100

WPB Accordion Menu is a collapsible vertical sidebar menu for WordPress. It can display WooCommerce product categories and the menu accordion.

10K No CVEs

Accordion and Accordion Slider

accordion-and-accordion-slider

Accordion and Accordion Slider - Responsive and Touch enabled accordion for WordPress Website. Also work with Gutenberg shortcode block.

2K 2 CVEs

Accordion Slider

accordion-slider

Accordion Slider is a responsive accordion plugin that offers Premium features for FREE, like animated layers, post content, full width layout.

2K 3 CVEs

Developer Profile

Accordion Developer Profile

ikhodal

6 plugins · 200 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Accordion

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/category-and-post-accordion-panel/assets/css/admin-postaccordionpanel.css/wp-content/plugins/category-and-post-accordion-panel/assets/js/admin-postaccordionpanel.js/wp-content/plugins/category-and-post-accordion-panel/assets/css/postaccordionpanel.css/wp-content/plugins/category-and-post-accordion-panel/assets/js/postaccordionpanel.js

Script Paths

/wp-content/plugins/category-and-post-accordion-panel/assets/js/admin-postaccordionpanel.js/wp-content/plugins/category-and-post-accordion-panel/assets/js/postaccordionpanel.js

Version Parameters

admin-postaccordionpanel.css?ver=admin-postaccordionpanel.js?ver=postaccordionpanel.css?ver=postaccordionpanel.js?ver=

HTML / DOM Fingerprints

CSS Classes

apcp_accordion_panelapcp_cat_tabapcp_post_tabapcp_post_content

HTML Comments

+1 more

Data Attributes

data-apcp-security-keydata-apcp-category-iddata-apcp-post-displaydata-apcp-template

JS Globals

postaccordionpanel

Shortcode Output

[category_post_accordion_panel]

FAQ