Does Dropbox CDN have any unpatched vulnerabilities?

No. All known vulnerabilities in Dropbox CDN have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Dropbox CDN compatible with WordPress 3.0.5?

According to WordPress.org data, Dropbox CDN 1.1 has been tested up to WordPress 3.0.5. Check the plugin's changelog for the latest compatibility information.

How often is Dropbox CDN updated?

Dropbox CDN was last updated on Dec 4, 2010. Frequent updates are generally a positive security signal.

What is Dropbox CDN's security score?

Dropbox CDN has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Dropbox CDN Security & Risk Analysis

wordpress.org/plugins/dropbox-cdn

Use your Dropbox 'Public' folder as a free Content Delivery Network (or CDN). Please read the full description.

10 active installs v1.1 PHP + WP 2.7.1+ Updated Dec 4, 2010

cdncontent-delivery-networkdropbox

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Dropbox CDN Safe to Use in 2026?

Generally Safe

Score 85/100

Dropbox CDN has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 15yr ago

Risk Assessment

The 'dropbox-cdn' plugin v1.1 exhibits a generally strong security posture based on the provided static analysis. There are no identified attack surface entry points that lack authentication or permission checks, no dangerous functions used, and all SQL queries utilize prepared statements, indicating good development practices in these areas. Furthermore, the absence of any recorded vulnerabilities, including CVEs, suggests a history of stable and secure operation.

However, a significant concern arises from the output escaping. The analysis shows one total output with 0% properly escaped, which is a critical oversight. Unescaped output can lead to Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into web pages. While there are no other immediate red flags like taint flows or unauthenticated entry points, this single instance of unescaped output presents a tangible risk that needs immediate attention.

In conclusion, while the plugin benefits from a clean vulnerability history and robust handling of SQL and attack surface, the lack of output escaping is a notable weakness. Addressing this specific issue should be the priority to improve its overall security. The absence of other common vulnerabilities is a positive sign, but the XSS risk should not be underestimated.

Key Concerns

Unescaped output found

Vulnerabilities

None known

Dropbox CDN Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Dropbox CDN Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped1 total outputs

Attack Surface

Dropbox CDN Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 7

actionadmin_menudropbox-cdn.php:15

actionadmin_initdropbox-cdn.php:16

filtertemplate_directorydropbox-cdn.php:21

filtertemplate_directory_uridropbox-cdn.php:22

filterstylesheet_directorydropbox-cdn.php:23

filterstylesheet_directory_uridropbox-cdn.php:24

filterstylesheet_urldropbox-cdn.php:25

Maintenance & Trust

Dropbox CDN Maintenance & Trust

Maintenance Signals

WordPress version tested3.0.5

Last updatedDec 4, 2010

PHP min version

Downloads11K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Dropbox CDN Alternatives

bunny.net – WordPress CDN Plugin

bunnycdn

Enable Bunny CDN to speed up your WordPress website and enjoy greatly improved loading times around the world.

10K 2 CVEs

CDN Enabler

cdn-enabler

100

A content delivery network (CDN) integration plugin for WordPress that rewrites URLs, like for CSS, JavaScript, and images, to be served by a CDN.

10K No CVEs

Shift8 CDN

shift8-cdn

100

This is a plugin that integrates a 100% free CDN service operated by Shift8, for your Wordpress site. What this means is that you can simply install t …

900 No CVEs

Gcore CDN

g-core-labs-cdn

Gcore Plugin

100 No CVEs

RocketCDN – WordPress CDN Plugin

rocketcdn

100

RocketCDN plugin is the easiest WordPress CDN plugin. It automatically rewrites all URLs to be served by our content delivery network (CDN).

100 No CVEs

Developer Profile

Dropbox CDN Developer Profile

Chris Klosowski

9 plugins · 860 total installs

trust score

Avg Security Score

87/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Dropbox CDN

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/dropbox-cdn/images/copyurl.png/wp-content/plugins/dropbox-cdn/images/dropdown.png

HTML / DOM Fingerprints

Data Attributes

name="dbcdn_url"name="dbcdn_enabled"name="action"name="page_options"

FAQ