Does CoolClock – a Javascript Analog Clock have any unpatched vulnerabilities?

No. All known vulnerabilities in CoolClock – a Javascript Analog Clock have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is CoolClock – a Javascript Analog Clock compatible with WordPress 6.3.8?

According to WordPress.org data, CoolClock – a Javascript Analog Clock 4.3.7 has been tested up to WordPress 6.3.8. Check the plugin's changelog for the latest compatibility information.

Is CoolClock – a Javascript Analog Clock compatible with PHP 5.6+?

CoolClock – a Javascript Analog Clock requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is CoolClock – a Javascript Analog Clock updated?

CoolClock – a Javascript Analog Clock was last updated on Oct 4, 2023. Frequent updates are generally a positive security signal.

What is CoolClock – a Javascript Analog Clock's security score?

CoolClock – a Javascript Analog Clock has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

CoolClock – a Javascript Analog Clock Security & Risk Analysis

wordpress.org/plugins/coolclock

Show an analog clock on your WordPress site sidebar or in post and page content.

2K active installs v4.3.7 PHP 5.6+ WP 4.8.1+ Updated Oct 4, 2023

analog-clockclockcoolclockjavascriptwidget

A · Safe

CVEs total1

Unpatched0

Last CVEAug 30, 2021

Plugin page Download

Safety Verdict

Is CoolClock – a Javascript Analog Clock Safe to Use in 2026?

Generally Safe

Score 85/100

CoolClock – a Javascript Analog Clock has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Aug 30, 2021Updated 2yr ago

Risk Assessment

The "coolclock" plugin v4.3.7 exhibits a mixed security posture. While the static analysis reveals a small attack surface with no identified unprotected entry points and no dangerous functions or file operations, there are notable concerns regarding output escaping and a lack of comprehensive security checks. Specifically, 38% of output is not properly escaped, creating a potential for Cross-Site Scripting (XSS) vulnerabilities, which is corroborated by its vulnerability history. The absence of nonce checks and capability checks, particularly in the context of the shortcode, could allow for unintended execution if not properly handled by the WordPress core or other plugins.

Key Concerns

Significant portion of output not properly escaped
Missing nonce checks
Missing capability checks
Medium severity CVE in history

Vulnerabilities

CoolClock – a Javascript Analog Clock Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2021-24670medium · 5.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CoolClock <= 4.3.4 - Authenticated Stored Cross-Site Scripting

Aug 30, 2021 Patched in 4.3.5 (876d)

Code Analysis

Analyzed Mar 16, 2026

CoolClock – a Javascript Analog Clock Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

8 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

62% escaped13 total outputs

Attack Surface

CoolClock – a Javascript Analog Clock Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[coolclock] includes\class-coolclock.php:112

WordPress Hooks 7

actionplugins_loadedincludes\class-coolclock.php:93

actionwidgets_initincludes\class-coolclock.php:96

actionwp_footerincludes\class-coolclock.php:100

filterplugin_row_metaincludes\class-coolclock.php:102

filtercoolclock_shortcodeincludes\class-coolclock.php:105

filtercoolclock_widgetincludes\class-coolclock.php:106

filterno_texturize_shortcodesincludes\class-coolclock.php:115

Maintenance & Trust

CoolClock – a Javascript Analog Clock Maintenance & Trust

Maintenance Signals

WordPress version tested6.3.8

Last updatedOct 4, 2023

PHP min version5.6

Downloads87K

Community Trust

Rating98/100

Number of ratings15

Active installs2K

Alternatives

CoolClock – a Javascript Analog Clock Alternatives

Analog Clock Widget

analog-clock-widget

Analog Clock Widget plugin allows you to create an unlimited number of different analog clocks. The plugin based on SVG Raphael - JavaScript Library.

100 No CVEs

What Time Is It?

what-time-is-it

A lightweight plugin to display clock widgets on your website.

100 No CVEs

JS Categories List Widget

jquery-categories-list

100

A simple Gutenberg block and JS widget (can be called from posts) for displaying categories in a list with some effects.

1K No CVEs

Local Time Clock

local-time-clock

Display a clock on your sidebar set automatically to your location's timezone. Select from a choice of clocks, colors and sizes.

1K No CVEs

Digital Clock

digital-clock

The Digital Clock plugin adds a customizable sidebar clock that auto-adjusts to your timezone. Easy to use, it features dark and light themes.

300 No CVEs

Developer Profile

CoolClock – a Javascript Analog Clock Developer Profile

Rolf Allard van Hagen

8 plugins · 111K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

293 days

View full developer profile

Detection Fingerprints

How We Detect CoolClock – a Javascript Analog Clock

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/coolclock/css/coolclock.css/wp-content/plugins/coolclock/js/coolclock.js/wp-content/plugins/coolclock/js/excanvas.min.js

Script Paths

/wp-content/plugins/coolclock/js/coolclock.js

Version Parameters

coolclock.js?ver=coolclock.css?ver=excanvas.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

CoolClockcoolclock-subtext

HTML Comments

<!--[if lte IE 8]>

Data Attributes

class="CoolClock:

JS Globals

CoolClock

Shortcode Output

<canvas class="CoolClock:<div class="coolclock-subtext">

FAQ