Does Colorbox Panels & Info Box have any unpatched vulnerabilities?

No. All known vulnerabilities in Colorbox Panels & Info Box have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Colorbox Panels & Info Box compatible with WordPress 6.7.5?

According to WordPress.org data, Colorbox Panels & Info Box 2.1.6 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is Colorbox Panels & Info Box updated?

Colorbox Panels & Info Box was last updated on Dec 27, 2024. Frequent updates are generally a positive security signal.

What is Colorbox Panels & Info Box's security score?

Colorbox Panels & Info Box has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Colorbox Panels & Info Box Security & Risk Analysis

wordpress.org/plugins/colorbox-panels

Colorbox panels is the most easiest drag & drop icon box and content box builder for WordPress. You can add unlimited panels with unlimited colour …

1K active installs v2.1.6 PHP + WP 5.0+ Updated Dec 27, 2024

boxcontent-boxicon-boxinfo-boxpanels

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Colorbox Panels & Info Box Safe to Use in 2026?

Generally Safe

Score 92/100

Colorbox Panels & Info Box has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "colorbox-panels" v2.1.6 plugin exhibits a generally good security posture with a few notable areas of concern. The extensive use of prepared statements for SQL queries and a high percentage of properly escaped output are positive indicators of secure coding practices. The absence of known CVEs, unpatched vulnerabilities, and any recorded critical or high severity issues in its history further strengthens this assessment. The plugin also avoids common pitfalls like bundled libraries and external HTTP requests.

However, the presence of one unprotected AJAX handler represents a significant risk. This entry point could potentially be exploited by an unauthenticated attacker to trigger unintended actions or access sensitive data if the handler performs critical operations. The use of the `unserialize` function, while not directly flagged as a vulnerability in this analysis, is a known risk if the serialized data originates from an untrusted source, as it can lead to code execution. The lack of taint analysis data makes it impossible to fully assess the impact of these potential risks.

In conclusion, while the plugin has strengths in its database and output handling, the unprotected AJAX endpoint is a critical weakness that requires immediate attention. The potential risks associated with `unserialize` also warrant careful consideration. Addressing the unprotected entry point would significantly improve the plugin's overall security.

Key Concerns

Unprotected AJAX handler found
Use of dangerous function: unserialize

Vulnerabilities

None known

Colorbox Panels & Info Box Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Colorbox Panels & Info Box Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

197 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$colorbox_data = unserialize(get_post_meta( $post->ID, 'wpsm_colorbox_data', true));ink\admin\add-colorbox.php:17

unserialize$Colorbox_Settings = unserialize(get_post_meta( $PostId, 'Colorbox_Settings', true));ink\admin\menu.php:152

unserialize$Colorbox_Settings = unserialize(get_post_meta( $PostId, 'Colorbox_Settings', true));ink\admin\settings.php:4

unserialize$Colorbox_Settings = unserialize(get_post_meta( $post_id, 'Colorbox_Settings', true));template\content.php:11

unserialize$colorbox_data = unserialize(get_post_meta( $post_id, 'wpsm_colorbox_data', true));template\content.php:45

Output Escaping

94% escaped209 total outputs

Attack Surface

1 unprotected

Colorbox Panels & Info Box Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 1

authwp_ajax_wpsm_colorbox_p_dismiss_reviewink\install\installation.php:291

Shortcodes 1

[WPSM_COLORBOX] template\shortcode.php:3

WordPress Hooks 16

actionadmin_menucolobox-panels.php:22

actionadmin_enqueue_scriptsink\admin\menu.php:13

actioninitink\admin\menu.php:15

actionadd_meta_boxesink\admin\menu.php:16

actionadmin_initink\admin\menu.php:17

actionsave_postink\admin\menu.php:18

actionsave_postink\admin\menu.php:19

filtermanage_edit-colorbox_panels_columnsink\admin\menu.php:73

actionmanage_colorbox_panels_posts_custom_columnink\admin\menu.php:74

actionplugins_loadedink\install\installation.php:2

actionwp_enqueue_scriptsink\install\installation.php:16

filterwidget_textink\install\installation.php:17

actionmedia_buttonsink\install\installation.php:19

actionadmin_footerink\install\installation.php:20

actionin_admin_headerink\install\installation.php:217

actionadmin_noticesink\install\installation.php:219

Maintenance & Trust

Colorbox Panels & Info Box Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedDec 27, 2024

PHP min version

Downloads79K

Community Trust

Rating92/100

Number of ratings44

Active installs1K

Alternatives

Colorbox Panels & Info Box Alternatives

Service Box – Icon Box Showcase

service-box

Service Box plugin is display your service showcase on any WordPress post & page with unlimited color scheme using drag & drop Api

3K No CVEs

Infobox

infobox

Deliver your content beautifully to grab attention with an animated Infobox block.

1K No CVEs

Service Box

service-boxs

The Service Box WordPress plugin allows you to easily create visually stunning content boxes with icons and engaging hover effects, making it perfect …

400 1 CVE

Space Boxes

space-boxes

Generate unlimited boxes with multiple layouts and optional lightbox, solely from a Wordpress media gallery.

30 No CVEs

Service Showcase

service-showcase

100

Service Showcase plugin is display the service box on wordpress website pages and posts. It come with 6 different layouts and create unlimited service …

900 No CVEs

Developer Profile

Colorbox Panels & Info Box Developer Profile

wpshopmart

8 plugins · 86K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

986 days

View full developer profile

Detection Fingerprints

How We Detect Colorbox Panels & Info Box

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/colorbox-panels/assets/css/bootstrap.css/wp-content/plugins/colorbox-panels/assets/css/help.css/wp-content/plugins/colorbox-panels/assets/js/color-picker.js/wp-content/plugins/colorbox-panels/assets/css/panel-style.css/wp-content/plugins/colorbox-panels/assets/css/font-awesome/css/font-awesome.min.css/wp-content/plugins/colorbox-panels/assets/css/fontawesome-iconpicker.css/wp-content/plugins/colorbox-panels/assets/css/ac_jquery-ui.css/wp-content/plugins/colorbox-panels/assets/modal/remodal.css+14 more

Script Paths

/wp-content/plugins/colorbox-panels/assets/js/color-picker.js/wp-content/plugins/colorbox-panels/assets/js/bootstrap.js/wp-content/plugins/colorbox-panels/assets/tooltip/jquery.darktooltip.js/wp-content/plugins/colorbox-panels/assets/js/fontawesome-iconpicker.js/wp-content/plugins/colorbox-panels/assets/js/call-icon-picker.js/wp-content/plugins/colorbox-panels/assets/codex/codemirror.js+3 more

HTML / DOM Fingerprints

CSS Classes

wpsm_colorboxwpsm_cb_help_pagewpsm_cb_colortext

HTML Comments

+16 more

Data Attributes

data-iddata-type

JS Globals

wpshopmart_colorbox_directory_url

Shortcode Output

[WPSM_COLORBOX id=

FAQ