Does Cool Author Box have any unpatched vulnerabilities?

No. All known vulnerabilities in Cool Author Box have been patched as of the latest data update. Always keep the plugin updated to the latest version.

How often is Cool Author Box updated?

Cool Author Box was last updated on May 15, 2010. Frequent updates are generally a positive security signal.

What is Cool Author Box's security score?

Cool Author Box has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Cool Author Box Security & Risk Analysis

wordpress.org/plugins/cool-author-box

Adds a stylish author box with author name, bio, Gravatar and links after the content in posts and/or pages.

10 active installs v0.0.1 PHP + WP 2.7+ Updated May 15, 2010

authorauthor-websitecontentpage-authorpost-author

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Cool Author Box Safe to Use in 2026?

Generally Safe

Score 85/100

Cool Author Box has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 15yr ago

Risk Assessment

The plugin 'cool-author-box' v0.0.1 exhibits a generally weak security posture, despite the absence of documented vulnerabilities and the lack of identified critical code signals. The static analysis reveals a concerning lack of output escaping, with 100% of identified output not being properly sanitized. This presents a significant risk of cross-site scripting (XSS) vulnerabilities, as malicious code could be injected through user-supplied data that is later displayed to other users. Furthermore, the complete absence of nonce checks and capability checks across all identified entry points (though there are none) suggests a potential lack of security awareness in development. While the plugin has no reported CVEs, this is likely due to its early version and limited exposure. The combination of unescaped output and missing fundamental security checks indicates that the plugin, while appearing clean on the surface, has substantial latent risks that could be easily exploited if any entry points were to be introduced or if the sanitization practices were to be overlooked in future development.

Key Concerns

Unescaped output found
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Cool Author Box Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Cool Author Box Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped2 total outputs

Attack Surface

Cool Author Box Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actionthe_contentcool-author-box.php:167

actionadmin_menucool-author-box.php:168

actionwp_headcool-author-box.php:169

Maintenance & Trust

Cool Author Box Maintenance & Trust

Maintenance Signals

WordPress version tested

Last updatedMay 15, 2010

PHP min version

Downloads15K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Cool Author Box Alternatives

Guest Author

guest-author

Add a guest author to any post without needing to register the guest author as a user on your site.

5K 2 CVEs

Change Author

change-author

This plugin lets you assign non-authors as post author.

1K No CVEs

Mooberry Book Manager

mooberry-book-manager

Sell books via Amazon and other retailers directly from your author website with this easy-to-use system. Creates book pages, widgets, and book grids.

1K 1 CVE

Sociality

sociality

Social features for the theme authors.

1K No CVEs

Default Post Author

default-post-author

100

The easiest way to set a default post author in your WordPress site.

900 No CVEs

Developer Profile

Cool Author Box Developer Profile

Morten Rand-Hendriksen

2 plugins · 20 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Cool Author Box

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

profileprofileTextprofileStatsprofileNameprofileJob

Shortcode Output

<div class="profile">
			<div class="profileText">


			</div>
			<div class="profileStats">


				<div class="profileName">


				</div>
				<div class="profileJob">
					View all posts by

FAQ