Does Cresta Posts Box have any unpatched vulnerabilities?

No. All known vulnerabilities in Cresta Posts Box have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Cresta Posts Box compatible with WordPress 6.8.5?

According to WordPress.org data, Cresta Posts Box 1.3.6 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is Cresta Posts Box updated?

Cresta Posts Box was last updated on Apr 14, 2025. Frequent updates are generally a positive security signal.

What is Cresta Posts Box's security score?

Cresta Posts Box has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Cresta Posts Box Security & Risk Analysis

wordpress.org/plugins/cresta-posts-box

Show the next or previous post in a box that appears when the user scrolls to the bottom of a current post.

1K active installs v1.3.6 PHP + WP 3.9+ Updated Apr 14, 2025

next-postpostpostspreviousprevious-post

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Cresta Posts Box Safe to Use in 2026?

Generally Safe

Score 100/100

Cresta Posts Box has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

The security posture of the 'cresta-posts-box' plugin v1.3.6 appears to be strong, based on the provided static analysis. The plugin demonstrates good security practices by utilizing prepared statements for all SQL queries, ensuring proper output escaping for the vast majority of its outputs, and implementing nonce and capability checks. The absence of dangerous functions, file operations, and external HTTP requests further contributes to its secure design. Furthermore, the lack of any reported vulnerabilities in its history suggests a consistent track record of security awareness and maintenance.

The static analysis indicates a remarkably small attack surface, with no identified AJAX handlers, REST API routes, shortcodes, or cron events. The taint analysis shows no identified flows with unsanitized paths, which is a significant positive indicator. There are no immediate security concerns flagged by the code signals or taint analysis that would warrant significant deductions from a security standpoint.

In conclusion, the 'cresta-posts-box' plugin v1.3.6 exhibits a robust security profile with strong adherence to secure coding principles and a clean vulnerability history. While no plugin is entirely without potential risk, the current analysis presents no evidence of critical or high-severity issues. Its strengths lie in its limited attack surface, secure handling of data and output, and a clear absence of historical vulnerabilities.

Vulnerabilities

None known

Cresta Posts Box Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Cresta Posts Box Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

75 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

90% escaped83 total outputs

Attack Surface

Cresta Posts Box Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 12

actionadmin_menucresta-posts-box.php:20

actionadmin_initcresta-posts-box.php:21

actionwp_enqueue_scriptscresta-posts-box.php:22

actionadmin_enqueue_scriptscresta-posts-box.php:23

filterplugin_row_metacresta-posts-box.php:56

actionplugins_loadedcresta-posts-box.php:62

actionwp_headcresta-posts-box.php:170

actionwp_footercresta-posts-box.php:282

actionwp_headcresta-posts-box.php:296

filterthe_contentcresta-posts-box.php:309

actionadd_meta_boxescresta-posts-metabox.php:28

actionsave_postcresta-posts-metabox.php:73

Maintenance & Trust

Cresta Posts Box Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 14, 2025

PHP min version

Downloads37K

Community Trust

Rating86/100

Number of ratings7

Active installs1K

Alternatives

Cresta Posts Box Alternatives

Post Next

posts

Adds interactive sticky next post popup/optin.

30 No CVEs

Previous Next Posts

previous-next-posts-shortcode

100

Add a shortcode that outputs HTML markup with the next and previous posts for the current blog post the user is viewing.

10 No CVEs

WP Post Navigation

wp-post-navigation

Show Next and Previous Post Links at Posts.

2K No CVEs

Swifty Bar, sticky bar by WPGens

swifty-bar

Adds sticky bar at the bottom of post that shows category,post title, author, time needed to read article, share buttons and previous/next post links

400 1 CVE

Keep Pagination in Same Taxonomy

keep-pagination-in-same-taxonomy

100

Makes any previous/next post links use the same taxonomy as the current post.

100 No CVEs

Developer Profile

Cresta Posts Box Developer Profile

CrestaProject

25 plugins · 22K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

36 days

View full developer profile

Detection Fingerprints

How We Detect Cresta Posts Box

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cresta-posts-box/css/cresta-posts-box-style.min.css/wp-content/plugins/cresta-posts-box/js/jquery.cresta-posts-box.min.js/wp-content/plugins/cresta-posts-box/css/cresta-posts-box-admin-css.css/wp-content/plugins/cresta-posts-box/js/jquery.cresta-posts-box-admin-js.js

Script Paths

js/jquery.cresta-posts-box.min.jsjs/jquery.cresta-posts-box-admin-js.js

Version Parameters

cresta-posts-box/css/cresta-posts-box-style.min.css?ver=cresta-posts-box/js/jquery.cresta-posts-box.min.js?ver=cresta-posts-box/css/cresta-posts-box-admin-css.css?ver=cresta-posts-box/js/jquery.cresta-posts-box-admin-js.js?ver=

HTML / DOM Fingerprints

CSS Classes

crestaBoxImagecrestaPostsBoxcrestaPostsBox.show

Data Attributes

id='cresta-posts-box-inline-css'

FAQ