Does Crisp Grid have any unpatched vulnerabilities?

No. All known vulnerabilities in Crisp Grid have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Crisp Grid compatible with WordPress 4.8.28?

According to WordPress.org data, Crisp Grid 1.0 has been tested up to WordPress 4.8.28. Check the plugin's changelog for the latest compatibility information.

How often is Crisp Grid updated?

Crisp Grid was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Crisp Grid's security score?

Crisp Grid has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Crisp Grid Security & Risk Analysis

wordpress.org/plugins/crisp-grid

Free WordPress post grid plugin where you can display the latest posts in your website using a shortcode with custom options and also responsive on al …

10 active installs v1.0 PHP + WP 4.3+ Updated Unknown

custom-post-gridgridgrid-displaypost-gridpost-type-grid

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Crisp Grid Safe to Use in 2026?

Generally Safe

Score 100/100

Crisp Grid has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "crisp-grid" v1.0 plugin exhibits a generally positive security posture based on the provided static analysis. It has a very limited attack surface, with only one shortcode and no AJAX handlers or REST API routes identified. The absence of dangerous functions, file operations, and external HTTP requests further strengthens its security. Crucially, all SQL queries are prepared, and nonce and capability checks are present. The vulnerability history is also clean, with no known CVEs, which suggests a well-maintained codebase or a lack of prior rigorous security auditing.

However, a significant concern arises from the output escaping. With 39 total outputs and only 41% properly escaped, there is a substantial risk of cross-site scripting (XSS) vulnerabilities. This indicates that user-supplied data or dynamic content might be rendered directly into the HTML without sufficient sanitization, potentially allowing attackers to inject malicious scripts. While the taint analysis shows no current issues, this is based on zero flows analyzed, making it unreliable for assessing XSS risks in the presence of unsanitized output.

In conclusion, the plugin has strong foundational security practices, particularly regarding its limited attack surface and database interactions. The primary weakness lies in the inadequate output escaping, which presents a clear and present danger for XSS attacks. The lack of historical vulnerabilities is a positive sign, but it does not negate the risks identified in the current code analysis. The plugin should be considered moderately risky until the output escaping issues are addressed.

Key Concerns

Insufficient output escaping (59% unsanitized)

Vulnerabilities

None known

Crisp Grid Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Crisp Grid Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

16 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

41% escaped39 total outputs

Attack Surface

Crisp Grid Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[crispgrid] inc\crispgrid-shortcode.php:151

WordPress Hooks 9

actionwp_enqueue_scriptscrispgrid.php:55

actionadmin_enqueue_scriptscrispgrid.php:58

actionadmin_enqueue_scriptscrispgrid.php:59

actioninitcrispgrid.php:62

actioninitcrispgrid.php:63

actionplugins_loadedcrispgrid.php:70

actioninitcrispgrid.php:73

actionadd_meta_boxesinc\crispgrid-metabox.php:8

actionsave_postinc\crispgrid-metabox.php:192

Maintenance & Trust

Crisp Grid Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28

Last updatedUnknown

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Crisp Grid Alternatives

Post Sliders & Post Grids

post-slider-carousel

100

Post Slider & Grid is beautiful responsive post thumbnail image slider and also support post grid display.It support post exclusion/inclusion, Cat …

1K 1 CVE

JetGridBuilder — Grid Builder for Elementor and Gutenberg

jetgridbuilder

JetGridBuilder plugin for Elementor and Gutenberg free addon for creating wow-grids on your website. Forget about the limits of premade layouts.

5K 1 CVE

Post and Product Grid for Elementor – Blog & WooCommerce Layout Addon

dynamic-post-grid-elementor-addon

Build advanced post and product layouts for Elementor with dynamic grids, lists, and sliders. Perfect for blogs, news sites, magazines, portfolios, an …

30 1 CVE

List Custom Post with featured image

list-custom-post-with-featured-image

Simple plugin. Show feature image, title with pagination on anywhere using shortcode.

10 No CVEs

Awesome Posts

awesome-posts

100

Transform Your Posts with Style - Your Ultimate WordPress Plugin for Showcasing Posts in a Grid Layout!

0 No CVEs

Developer Profile

Crisp Grid Developer Profile

Patrick

2 plugins · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Crisp Grid

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ