Does CDNJS for WordPress have any unpatched vulnerabilities?

No. All known vulnerabilities in CDNJS for WordPress have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is CDNJS for WordPress compatible with WordPress 4.8.28?

According to WordPress.org data, CDNJS for WordPress 1.3.3 has been tested up to WordPress 4.8.28. Check the plugin's changelog for the latest compatibility information.

How often is CDNJS for WordPress updated?

CDNJS for WordPress was last updated on Apr 25, 2017. Frequent updates are generally a positive security signal.

What is CDNJS for WordPress's security score?

CDNJS for WordPress has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

CDNJS for WordPress Security & Risk Analysis

wordpress.org/plugins/cdnjs

Replace Javascript and CSS libraries on your WordPress site with CloudFlare's FREE CDN

10 active installs v1.3.3 PHP + WP 3.5.0+ Updated Apr 25, 2017

cdncdnjscloudflarecssjs

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is CDNJS for WordPress Safe to Use in 2026?

Generally Safe

Score 85/100

CDNJS for WordPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "cdnjs" v1.3.3 plugin exhibits a generally strong security posture with several positive indicators. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the attack surface. Furthermore, the code's adherence to using prepared statements for all SQL queries and the presence of nonce and capability checks are excellent security practices. The plugin also reports no known vulnerabilities, either historical or current, which is a very encouraging sign.

However, there are areas that warrant attention. The most notable concern is the low percentage of properly escaped output (21%). This indicates a significant risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data could potentially be rendered without proper sanitization. While the static analysis did not detect any specific taint flows or dangerous functions, the low output escaping rate means that an attacker could potentially exploit this weakness to inject malicious scripts.

In conclusion, the "cdnjs" v1.3.3 plugin is strong in its limited attack surface and secure database interactions. The lack of past vulnerabilities is a testament to good development or diligent maintenance. The primary weakness lies in the insufficient output escaping, which introduces a notable risk of XSS. Addressing this would significantly improve the plugin's overall security.

Key Concerns

Low output escaping percentage

Vulnerabilities

None known

CDNJS for WordPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

CDNJS for WordPress Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

8 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

21% escaped38 total outputs

Attack Surface

CDNJS for WordPress Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 9

actionwp_dashboard_setupsrc\icwp-rssfeed-widget.php:30

actionplugins_loadedsrc\worpit-plugins-base.php:41

actioninitsrc\worpit-plugins-base.php:42

actionadmin_initsrc\worpit-plugins-base.php:44

actionadmin_noticessrc\worpit-plugins-base.php:45

actionadmin_menusrc\worpit-plugins-base.php:46

actionplugin_action_linkssrc\worpit-plugins-base.php:47

actioninitworpit-cdnjs-main.php:73

actionadmin_enqueue_scriptsworpit-cdnjs-main.php:147

Maintenance & Trust

CDNJS for WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28

Last updatedApr 25, 2017

PHP min version

Downloads9K

Community Trust

Rating78/100

Number of ratings9

Active installs10

Alternatives

CDNJS for WordPress Alternatives

WP cdnjs

wp-cdnjs

Integrates easily CSS and JavaScript Libraries hosted by CDNjs.com. Browse, select version and sub-assets to fit your needs.

50 No CVEs

WP jQuery Plus

wp-jquery-plus

Loads jQuery from a CDN using the exact version as your current WordPress install

1K No CVEs

Kolossum – cdnJS for WordPress

wpcdnkoloss

Add search and include functionality for the cdnjs.com libraries

0 No CVEs

Simple Custom CSS and JS

custom-css-js

100

Easily add Custom CSS or JS to your website with an awesome editor.

700K 1 CVE

Clear Cache for Me

clear-cache-for-widgets

100

Purges cache on WPEngine, W3TC, WP Super Cache, WP Fastest Cache when widgets, menus, settings update. Forces browsers to reload CSS and JS files.

40K No CVEs

Developer Profile

CDNJS for WordPress Developer Profile

Paul

5 plugins · 141K total installs

trust score

Avg Security Score

90/100

Avg Patch Time

125 days

View full developer profile

Detection Fingerprints

How We Detect CDNJS for WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cdnjs/js/dist/cloudflare-static/min.js/wp-content/plugins/cdnjs/js/dist/jquery-migrate/jquery-migrate.min.js/wp-content/plugins/cdnjs/js/dist/jquery/jquery.min.js/wp-content/plugins/cdnjs/js/dist/modernizr/modernizr.min.js/wp-content/plugins/cdnjs/js/dist/respond.js/wp-content/plugins/cdnjs/css/dist/font-awesome/css/font-awesome.min.css/wp-content/plugins/cdnjs/css/dist/normalize.min.css/wp-content/plugins/cdnjs/css/dist/960gs/960_24_col.css

Script Paths

Version Parameters

cdnjs/js/dist/jquery/jquery.min.js?ver=cdnjs/css/dist/font-awesome/css/font-awesome.min.css?ver=

HTML / DOM Fingerprints

Data Attributes

data-worpit-cdnjs-library-namedata-worpit-cdnjs-library-version

JS Globals

WorpitCdnjs

FAQ