WP-Safety

Classroom Library Security & Risk Analysis

wordpress.org/plugins/classroom-library

Classroom library plugin to catalog books and create a check in/out system for students.

20 active installs v0.1.4 PHP 7.0+ WP 5.0+ Updated Jan 5, 2026
booksclassroomeducationlibrary
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Classroom Library Safe to Use in 2026?

Generally Safe

Score 100/100

Classroom Library has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "classroom-library" v0.1.4 plugin exhibits a generally good security posture concerning direct vulnerabilities. The static analysis shows no dangerous functions, all SQL queries are prepared, and there are no recorded CVEs, indicating a responsible development approach. The presence of nonce checks is a positive sign for securing entry points. However, a significant concern arises from the taint analysis, which identified two flows with unsanitized paths. While these are not classified as critical or high severity, they represent potential avenues for injection if not properly handled by the application context. Additionally, the output escaping rate is only 57%, suggesting a substantial number of outputs that are not properly sanitized, increasing the risk of Cross-Site Scripting (XSS) vulnerabilities. The absence of capability checks on AJAX handlers, coupled with the 2 unprotected AJAX entry points, is a critical oversight, leaving these functionalities exposed to unauthorized access and manipulation. Despite the lack of historical vulnerabilities, the identified taint flows and poor output escaping, along with unprotected AJAX endpoints, warrant careful consideration.

Key Concerns

  • Unsanitized paths in taint analysis flows
  • Low output escaping rate (43% not escaped)
  • AJAX handlers without capability checks
Vulnerabilities
None known

Classroom Library Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Classroom Library Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
34
45 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

57% escaped79 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths
mbcl_publication_bookshelf (inc\bookshelf.php:7)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Classroom Library Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 2

authwp_ajax_create_mbcl_transactioninc\create-transaction.php:6
noprivwp_ajax_create_mbcl_transactioninc\create-transaction.php:7

Shortcodes 1

[bookshelf] inc\bookshelf.php:6
WordPress Hooks 14
actionadmin_enqueue_scriptsclassroom-library.php:25
actionwp_enqueue_scriptsclassroom-library.php:37
actionwp_headinc\create-transaction.php:111
actioninitinc\publication-cpt.php:47
actionadmin_initinc\publication-cpt.php:65
actionsave_postinc\publication-cpt.php:124
filtersingle_templateinc\publication-cpt.php:176
filtermanage_mbcl_publication_posts_columnsinc\publication-cpt.php:193
actionmanage_mbcl_publication_posts_custom_columninc\publication-cpt.php:217
actioninitinc\transaction-cpt.php:47
actionadmin_initinc\transaction-cpt.php:62
actionsave_postinc\transaction-cpt.php:116
filtermanage_mbcl_transaction_posts_columnsinc\transaction-cpt.php:151
actionmanage_mbcl_transaction_posts_custom_columninc\transaction-cpt.php:188
Maintenance & Trust

Classroom Library Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 5, 2026
PHP min version7.0
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs20
Alternatives

Classroom Library Alternatives

Library Bookshelves

Library Bookshelves

library-bookshelves

C
66

Create bookshelves that link to your library catalog. Use shortcodes to display book covers in carousels.

500 1 unpatched
Library Management System

Library Management System

library-management-system

A
93

Library Management System is a WordPress plugin that helps schools and colleges manage libraries, bookcases, sections, categories, and users.

300 4 CVEs
WriteShare Writing Community Platform

WriteShare Writing Community Platform

writeshare

A
85

WriteShare will turn WordPress into a full featured writing community, not just a blogging community. Site members can post books with chapters.

80 No CVEs
BNC BiblioShare

BNC BiblioShare

bnc-biblioshare

A
85

Displays a book's cover image, title, author, and other book data from BiblioShare

20 No CVEs
Bestseller Lists from the New York Times

Bestseller Lists from the New York Times

bestseller-lists-from-new-york-times

A
100

Integrate bestseller lists from the New York Times into your own site with a user-friendly interface.

10 No CVEs
Developer Profile

Classroom Library Developer Profile

mdburnette

6 plugins · 2K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Classroom Library

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/classroom-library/js/barcode-lookup.js/wp-content/plugins/classroom-library/css/styles.css/wp-content/plugins/classroom-library/js/create-transaction.js
Script Paths
js/barcode-lookup.jscss/styles.cssjs/create-transaction.js

HTML / DOM Fingerprints

HTML Comments
<!-- Classroom library directory with bookshelf, book search, barcode lookup, and check in/out. --><!-- Don't access this file directly --><!-- LOAD ADMIN SCRIPTS --><!-- LOAD FRONTEND SCRIPTS -->+6 more
Data Attributes
name="transaction-publication-id"name="transaction-publication-copies"name="transaction-name"name="transaction-publication-barcode"name="transaction_type"name="transaction-date"+3 more
JS Globals
ajax_urlajax_nonce
Shortcode Output
[bookshelf]
FAQ

Frequently Asked Questions about Classroom Library