WP-Safety

Cnhk Slideshow [ENDED] Security & Risk Analysis

wordpress.org/plugins/cnhk-slideshow

Fast setup and easy to use, responsive and touch enabled slideshow plugin for WordPress with WYSIWYG editors and animation builders.

40 active installs v3.1.1 PHP + WP 4.3+ Updated Jun 12, 2016
banner-rotatorimagesresponsive-slidersliderslideshow
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Cnhk Slideshow [ENDED] Safe to Use in 2026?

Generally Safe

Score 85/100

Cnhk Slideshow [ENDED] has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago
Risk Assessment

The "cnhk-slideshow" v3.1.1 plugin exhibits a concerning security posture due to a significant number of unprotected AJAX handlers. While the plugin demonstrates good practices in SQL query handling by exclusively using prepared statements and has no recorded historical vulnerabilities, the presence of 12 AJAX endpoints without authentication checks represents a substantial attack surface. This means any unauthenticated user could potentially interact with these endpoints, leading to unintended actions or information disclosure. Furthermore, the taint analysis reveals two high-severity flows with unsanitized paths, indicating potential vulnerabilities that could be exploited if data from these flows is mishandled. The plugin also uses the `unserialize` function multiple times, which can be dangerous if used with untrusted input, although the static analysis doesn't explicitly flag it as a direct vulnerability in this context. The lack of historical vulnerabilities is positive, but the current code analysis reveals critical areas for improvement.

Key Concerns

  • 12 unprotected AJAX handlers
  • 2 high severity taint flows with unsanitized paths
  • Dangerous function: unserialize used 9 times
  • Only 39% of outputs properly escaped
Vulnerabilities
None known

Cnhk Slideshow [ENDED] Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Cnhk Slideshow [ENDED] Code Analysis

Dangerous Functions
9
Raw SQL Queries
0
1 prepared
Unescaped Output
457
297 escaped
Nonce Checks
6
Capability Checks
1
File Operations
6
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

unserialize$the_post_array = unserialize( $the_post->post_content );admin\class-admin.php:179
unserialize$data = unserialize( $slider->post_content );admin\views\mbx-choose-template.php:45
unserialize$data = unserialize( $_post->post_content );includes\class-ss.php:449
unserialize$data = unserialize( $value );includes\class-ss.php:459
unserialize$_data = unserialize( $data );includes\class-template-abstract.php:258
unserialize$slider = unserialize( $post->post_content );modules\slide-html\includes\class-slide-html.php:120
unserialize$slider = unserialize( $post->post_content );modules\slide-vimeo\includes\class-slide-vimeo.php:122
unserialize$slider = unserialize( $post->post_content );modules\slide-youtube\includes\class-slide-youtube.php:115
unserialize$slider = unserialize( $post->post_content );modules\template-advanced\includes\class-template-advanced.php:348

SQL Query Safety

100% prepared1 total queries

Output Escaping

39% escaped754 total outputs
Data Flows
6 unsanitized

Data Flow Analysis

6 flows6 with unsanitized paths
wp_loaded (admin\class-admin.php:271)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
12 unprotected

Cnhk Slideshow [ENDED] Attack Surface

Entry Points13
Unprotected12

AJAX Handlers 12

authwp_ajax_cnhk_add_slideadmin\class-admin-ajax.php:10
authwp_ajax_cnhk_fx_callincludes\class-fx.php:56
authwp_ajax_cnhk_add_captionmodules\caption\includes\ajax.php:10
authwp_ajax_cnhk_caption_styling_formmodules\caption\includes\ajax.php:11
authwp_ajax_cnhk_caption_timing_formmodules\caption\includes\ajax.php:12
authwp_ajax_cnhk_editor_link_formmodules\editor\editor-ajax.php:15
authwp_ajax_cnhk_editor_icon_formmodules\editor\editor-ajax.php:16
authwp_ajax_cnhk_editor_image_formmodules\editor\editor-ajax.php:17
authwp_ajax_cnhk_thumbmodules\nav-thumb\includes\class-nav-thumb.php:14
noprivwp_ajax_cnhk_thumbmodules\nav-thumb\includes\class-nav-thumb.php:15
authwp_ajax_cnhk_add_layermodules\slide-html\includes\ajax.php:6
authwp_ajax_cnhk_layer_styling_formmodules\slide-html\includes\ajax.php:7

Shortcodes 1

[cnhk_slideshow] public\class-public.php:16
WordPress Hooks 55
actionadmin_enqueue_scriptsadmin\class-admin.php:15
actionadmin_print_scriptsadmin\class-admin.php:16
actionadmin_print_scriptsadmin\class-admin.php:17
actionwp_loadedadmin\class-admin.php:18
actionadmin_menuadmin\class-admin.php:22
actionplugins_loadedcnhk-slideshow.php:35
filtercnhk_fontsincludes\class-db.php:48
actionwp_loadedincludes\class-ss.php:80
actioninitincludes\class-ss.php:83
actionwpmu_new_blogincludes\class-ss.php:86
actionwidgets_initincludes\class-ss.php:89
filtercnhk-postnew-scriptsmodules\caption\includes\class-caption-admin.php:11
filtercnhk-postnew-stylesmodules\caption\includes\class-caption-admin.php:12
actionwp_loadedmodules\caption\includes\class-caption-admin.php:15
filtercnhk-settings-tabsmodules\fonts\class-fonts.php:10
filtercnhk-settings-scriptsmodules\fonts\class-fonts.php:11
actionwp_enqueue_scriptsmodules\fonts\class-fonts.php:12
actioncnhk-postnew-stylesmodules\fonts\class-fonts.php:13
actioncnhk-postnew-print-scriptsmodules\internal\includes\class-internal.php:10
filtercnhk-postnew-scriptsmodules\internal\includes\class-internal.php:11
filtercnhk-postnew-scriptsmodules\nav-arrows\includes\class-nav-arrows.php:18
filtercnhk-postnew-stylesmodules\nav-arrows\includes\class-nav-arrows.php:19
filtercnhk-nav-listmodules\nav-arrows\nav-arrows.php:14
filtercnhk-postnew-scriptsmodules\nav-bullet\includes\class-nav-bullet.php:12
filtercnhk-postnew-stylesmodules\nav-bullet\includes\class-nav-bullet.php:13
filtercnhk-nav-listmodules\nav-bullet\nav-bullet.php:14
filtercnhk-postnew-scriptsmodules\nav-progress\includes\class-nav-progress.php:12
filtercnhk-nav-listmodules\nav-progress\nav-progress.php:14
filtercnhk-postnew-scriptsmodules\nav-thumb\includes\class-nav-thumb.php:12
filtercnhk-postnew-stylesmodules\nav-thumb\includes\class-nav-thumb.php:13
filtercnhk-nav-listmodules\nav-thumb\nav-thumb.php:18
actionadmin_enqueue_scriptsmodules\overlay\overlay.php:9
filtercnhk-slide-listmodules\slide-html\activator.php:11
filtercnhk-postnew-scriptsmodules\slide-html\includes\class-layer-html.php:14
actioncnhk-postnew-scriptsmodules\slide-html\includes\class-slide-html.php:15
filtercnhk-module-listmodules\slide-html\slide-html.php:22
filtercnhk-slide-listmodules\slide-image\slide-image.php:15
filtercnhk-postnew-scriptsmodules\slide-image\slide-image.php:38
filtercnhk-slide-listmodules\slide-vimeo\activator.php:11
actioncnhk-postnew-scriptsmodules\slide-vimeo\includes\class-slide-vimeo.php:15
actionwp_enqueue_scriptsmodules\slide-vimeo\includes\class-slide-vimeo.php:18
filtercnhk-module-listmodules\slide-vimeo\slide-vimeo.php:22
filtercnhk-slide-listmodules\slide-youtube\activator.php:11
actioncnhk-postnew-scriptsmodules\slide-youtube\includes\class-slide-youtube.php:15
actionwp_enqueue_scriptsmodules\slide-youtube\includes\class-slide-youtube.php:18
filtercnhk-module-listmodules\slide-youtube\slide-youtube.php:22
filtercnhk-template-listmodules\template-advanced\activator.php:11
filtercnhk-postnew-scriptsmodules\template-advanced\includes\class-template-advanced.php:60
filtercnhk-module-listmodules\template-advanced\template-advanced.php:22
filtercnhk-postnew-scriptsmodules\template-classic\includes\class-template-classic.php:58
filtercnhk-template-listmodules\template-classic\template-classic.php:14
filtercnhk-postnew-scriptsmodules\template-image\includes\class-template-image.php:54
filtercnhk-template-listmodules\template-image\template-image.php:15
actionwp_enqueue_scriptspublic\class-public.php:14
actioninitpublic\class-public.php:15
Maintenance & Trust

Cnhk Slideshow [ENDED] Maintenance & Trust

Maintenance Signals

WordPress version tested4.5.33
Last updatedJun 12, 2016
PHP min version
Downloads18K

Community Trust

Rating88/100
Number of ratings7
Active installs40
Alternatives

Cnhk Slideshow [ENDED] Alternatives

Cycle Responsive Slider

Cycle Responsive Slider

cycle-responsive-slider

A
92

This plugin creates an image slideshow in your theme, using the jQuery Cycle2 plugin. You can upload/delete images via the administration panel.

50 No CVEs
Serious Slider

Serious Slider

cryout-serious-slider

B
72

Serious Slider is a free highly efficient SEO friendly fully translatable accessibility ready image slider for WordPress. Seriously!

20K 1 unpatched
Slider by 10Web – Responsive Image Slider

Slider by 10Web – Responsive Image Slider

slider-wd

A
86

Slider by 10Web plugin is the perfect slider solution for Wordpress.

20K 10 CVEs
Ovation Elements

Ovation Elements

ovation-elements

A
99

Transform your site with captivating sliders. Perfect for beginners and advanced users. Create and customize with our ultimate slider plugin.

10K 1 CVE
WP Header Images

WP Header Images

wp-header-images

A
100

A great WordPress plugin which helps you to choose a unique image for each menu page.

6K 1 CVE
Developer Profile

Cnhk Slideshow [ENDED] Developer Profile

CNHK SYSTEMS

3 plugins · 80 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Cnhk Slideshow [ENDED]

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/cnhk-slideshow/public/css/frontend.css/wp-content/plugins/cnhk-slideshow/public/css/flexslider.css/wp-content/plugins/cnhk-slideshow/public/js/frontend.js/wp-content/plugins/cnhk-slideshow/public/js/jquery.flexslider-min.js/wp-content/plugins/cnhk-slideshow/admin/css/admin.css/wp-content/plugins/cnhk-slideshow/admin/js/admin.js/wp-content/plugins/cnhk-slideshow/admin/js/cnhk_ss_admin.js/wp-content/plugins/cnhk-slideshow/modules/overlay/css/overlay.css+31 more
Script Paths
/wp-content/plugins/cnhk-slideshow/public/js/frontend.js/wp-content/plugins/cnhk-slideshow/public/js/jquery.flexslider-min.js/wp-content/plugins/cnhk-slideshow/admin/js/admin.js/wp-content/plugins/cnhk-slideshow/admin/js/cnhk_ss_admin.js/wp-content/plugins/cnhk-slideshow/modules/overlay/js/overlay.js/wp-content/plugins/cnhk-slideshow/modules/editor/js/editor.js+28 more
Version Parameters
cnhk-slideshow/public/css/frontend.css?ver=cnhk-slideshow/public/css/flexslider.css?ver=cnhk-slideshow/public/js/frontend.js?ver=cnhk-slideshow/public/js/jquery.flexslider-min.js?ver=cnhk-slideshow/admin/css/admin.css?ver=cnhk-slideshow/admin/js/admin.js?ver=cnhk-slideshow/admin/js/cnhk_ss_admin.js?ver=cnhk-slideshow/modules/overlay/css/overlay.css?ver=cnhk-slideshow/modules/overlay/js/overlay.js?ver=cnhk-slideshow/modules/editor/css/editor.css?ver=cnhk-slideshow/modules/editor/js/editor.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.core.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.widget.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.mouse.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.sortable.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.draggable.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.droppable.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.resizable.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.dialog.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.button.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.shake.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.slide.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.blind.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.drop.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.pulsate.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.scale.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.fade.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.transfer.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.fold.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.clip.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.bounce.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.highlight.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.blind.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.slide.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.core.min.js?ver=cnhk-slideshow/modules/editor/js/jquery.ui.effect.bundle.min.js?ver=cnhk-slideshow/modules/editor/js/tinymce.min.js?ver=cnhk-slideshow/modules/editor/js/tinymce-jquery.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
cnhk-slideshow-wrapcnhk-slideshow-containercnhk-overlay-wrapcnhk-overlay-containercnhk-slideshow-builder-editorcnhk-slideshow-editor
HTML Comments
<!-- Cnhk Slideshow Admin --><!-- Cnhk Slideshow Admin Scripts --><!-- Cnhk Slideshow Admin Styles --><!-- Cnhk Slideshow Admin Settings -->+2 more
Data Attributes
data-cnhk-slideshow
JS Globals
cnhk_admin_params
Shortcode Output
[cnhk_slideshow[cnhk_slideshow id=
FAQ

Frequently Asked Questions about Cnhk Slideshow [ENDED]