WP-Safety

Easy Accordion – Responsive Accordion FAQ Builder and Product FAQ Security & Risk Analysis

wordpress.org/plugins/easy-accordion-free

Easily create Accordions, FAQs, and Product FAQ for WooCommerce. Customizable drag & drop WordPress FAQ builder plugin.

80K active installs v3.0.8 PHP 7.0+ WP 5.0+ Updated Apr 14, 2026
accordionfaqnested-accordionproduct-faqvertical-accordion
99
A · Safe
CVEs total3
Unpatched0
Last CVEMar 8, 2024
Plugin page Download
Safety Verdict

Is Easy Accordion – Responsive Accordion FAQ Builder and Product FAQ Safe to Use in 2026?

Generally Safe

Score 99/100

Easy Accordion – Responsive Accordion FAQ Builder and Product FAQ has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

3 known CVEsLast CVE: Mar 8, 2024Updated 1mo ago
Risk Assessment

The "easy-accordion-free" plugin v3.0.7 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and having a high percentage of properly escaped outputs. The absence of file operations and external HTTP requests is also a positive indicator. However, the presence of two 'unserialize' function calls is a significant concern, as improper handling of unserialized data can lead to remote code execution vulnerabilities. While taint analysis found no unsanitized paths, the potential for unserialize vulnerabilities remains a critical area of focus.

The vulnerability history reveals a pattern of three previously disclosed medium-severity vulnerabilities, all related to Cross-site Scripting (XSS). The most recent vulnerability was reported in March 2024, indicating that the plugin has had security issues in the past, albeit none currently unpatched. The significant attack surface, with 9 entry points, and specifically the 3 unprotected AJAX handlers, presents a direct avenue for attackers. This, combined with the 'unserialize' functions, creates a concerning risk profile for this plugin version.

Key Concerns

  • Unprotected AJAX handlers
  • Presence of unserialize function
  • Past medium severity vulnerabilities
Vulnerabilities
3 published

Easy Accordion – Responsive Accordion FAQ Builder and Product FAQ Security Vulnerabilities

CVEs by Year

1 CVE in 2021
2021
1 CVE in 2022
2022
1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
3

3 total CVEs

CVE-2024-1363medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Easy Accordion – Best Accordion FAQ Plugin for WordPress <= 2.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Mar 8, 2024 Patched in 2.3.5 (6d)
CVE-2022-4487medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Easy Accordion <= 2.1.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Dec 23, 2022 Patched in 2.2.0 (396d)
CVE-2021-24576medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Easy Accordion <= 2.0.21 - Authenticated Stored Cross-Site Scripting

Sep 10, 2021 Patched in 2.0.22 (865d)
Version History

Easy Accordion – Responsive Accordion FAQ Builder and Product FAQ Release Timeline

v3.0.8Current
v3.0.7
v3.0.6
v3.0.5
v3.0.4
v3.0.3
v3.0.2
v3.0.1
v3.0.0
v2.3.12
v2.3.11
v2.3.10
v2.3.9
v2.3.8
v2.3.7
v2.3.6
v2.3.5
v2.3.41 CVE
CVE-2024-1363
v2.3.31 CVE
CVE-2024-1363
v2.3.21 CVE
CVE-2024-1363
Code Analysis
Analyzed Mar 16, 2026

Easy Accordion – Responsive Accordion FAQ Builder and Product FAQ Code Analysis

Dangerous Functions
2
Raw SQL Queries
0
2 prepared
Unescaped Output
121
571 escaped
Nonce Checks
12
Capability Checks
8
File Operations
0
External Requests
1
Bundled Libraries
0

Dangerous Functions Found

unserialize$plugins = unserialize( $response['body'] );admin\help-page\help-page.php:256
unserialize$data = unserialize( $data, array( 'allowed_classes' => false ) );includes\class-easy-accordion-import-export.php:236

SQL Query Safety

100% prepared2 total queries

Output Escaping

83% escaped692 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

6 flows
eapro_import_ajax (admin\views\models\functions\actions.php:23)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Easy Accordion – Responsive Accordion FAQ Builder and Product FAQ Attack Surface

Entry Points9
Unprotected3

AJAX Handlers 8

authwp_ajax_sp_eap_preview_meta_boxadmin\preview\class-easy-accordion-free-preview.php:36
authwp_ajax_eapro-importadmin\views\models\functions\actions.php:46
authwp_ajax_eapro-resetadmin\views\models\functions\actions.php:72
authwp_ajax_eapro-chosenadmin\views\models\functions\actions.php:109
authwp_ajax_shapedplugin_dismiss_offer_banneradmin\views\notices\offer-banner.php:36
authwp_ajax_eap_export_accordionsplugin-main.php:165
authwp_ajax_eap_import_accordionsplugin-main.php:166
authwp_ajax_sp-eafree-never-show-review-noticeplugin-main.php:216

Shortcodes 1

[sp_easyaccordion] public\eap-frontend.php:78
WordPress Hooks 46
actionelementor/preview/enqueue_stylesadmin\class-easy-accordion-free-element-shortcode-addons.php:59
actionelementor/preview/enqueue_scriptsadmin\class-easy-accordion-free-element-shortcode-addons.php:60
actionelementor/editor/before_enqueue_scriptsadmin\class-easy-accordion-free-element-shortcode-addons.php:61
actionelementor/initadmin\class-easy-accordion-free-element-shortcode-addons.php:130
actionelementor/widgets/registeradmin\class-easy-accordion-free-element-shortcode-addons.php:147
actioninitadmin\GutenbergBlock\class-easy-accordion-free-gutenberg-block-init.php:35
actionenqueue_block_editor_assetsadmin\GutenbergBlock\class-easy-accordion-free-gutenberg-block-init.php:36
actionadmin_menuadmin\help-page\help-page.php:63
actionadmin_menuadmin\help-page\help-page.php:64
actionadmin_menuadmin\help-page\help-page.php:65
actionadmin_print_scriptsadmin\help-page\help-page.php:71
actioneapro_enqueueadmin\help-page\help-page.php:72
actionwp_headadmin\views\models\classes\abstract.class.php:50
actionadd_meta_boxesadmin\views\models\classes\metabox.class.php:108
actionsave_postadmin\views\models\classes\metabox.class.php:109
actionedit_attachmentadmin\views\models\classes\metabox.class.php:110
actionadmin_menuadmin\views\models\classes\options.class.php:169
actionadmin_bar_menuadmin\views\models\classes\options.class.php:170
actionnetwork_admin_menuadmin\views\models\classes\options.class.php:174
actionafter_setup_themeadmin\views\models\classes\setup.class.php:94
actioninitadmin\views\models\classes\setup.class.php:95
actionswitch_themeadmin\views\models\classes\setup.class.php:96
actionadmin_enqueue_scriptsadmin\views\models\classes\setup.class.php:97
actionadmin_headadmin\views\models\classes\setup.class.php:98
actionprint_default_editor_scriptsadmin\views\models\fields\wp_editor\wp_editor.php:98
actionadmin_noticesadmin\views\notices\offer-banner.php:35
actionplugins_loadedincludes\class-easy-accordion-free-updates.php:45
filterwp_revisions_to_keepincludes\updates\update-2.1.14.php:25
actionadmin_enqueue_scriptsplugin-main.php:153
filterpost_updated_messagesplugin-main.php:154
filtermanage_sp_easy_accordion_posts_columnsplugin-main.php:155
actionmanage_sp_easy_accordion_posts_custom_columnplugin-main.php:157
filteradmin_footer_textplugin-main.php:158
filterupdate_footerplugin-main.php:159
filterplugin_row_metaplugin-main.php:160
actionactivated_pluginplugin-main.php:161
filterplugin_action_linksplugin-main.php:162
filterbody_classplugin-main.php:177
actioninitplugin-main.php:212
actioninitplugin-main.php:213
actionadmin_menuplugin-main.php:214
actionadmin_noticesplugin-main.php:215
filterwoocommerce_product_tabsplugin-main.php:232
actionsave_postpublic\eap-frontend.php:79
actionwp_loadedpublic\scripts.php:47
actionwp_enqueue_scriptspublic\scripts.php:48
Maintenance & Trust

Easy Accordion – Responsive Accordion FAQ Builder and Product FAQ Maintenance & Trust

Maintenance Signals

WordPress version tested7.0
Last updatedApr 14, 2026
PHP min version7.0
Downloads1.3M

Community Trust

Rating98/100
Number of ratings352
Active installs80K
Alternatives

Easy Accordion – Responsive Accordion FAQ Builder and Product FAQ Alternatives

Display FAQ – Responsive Accordion and Product FAQ For WooCommerce

Display FAQ – Responsive Accordion and Product FAQ For WooCommerce

wp-display-faq

A
100

Create and display responsive Accordions, FAQs in a webpage. Also create Product FAQ for WooCommerce and display them in a single product page.

20 No CVEs
Accordion Plugin by Themes Awesome

Accordion Plugin by Themes Awesome

accordion-awesome

A
92

Accordion plugin that helps you create FAQs, feature lists, articles, and more. You can create a stunning accordion look, quickly and easily.

0 No CVEs
ProdFAQ – Product FAQs for WooCommerce

ProdFAQ – Product FAQs for WooCommerce

prodfaq

A
100

Add product-specific FAQ accordion to WooCommerce single product pages.

0 No CVEs
Accordion FAQ – Compatible With All Page Builder (Elementor, Gutenberg)

Accordion FAQ – Compatible With All Page Builder (Elementor, Gutenberg)

responsive-accordion-and-collapse

A
100

Accordion And Collapse is the most easiest drag & drop accordion builder for WordPress. You can add multiple accordion and collapse with this.

40K No CVEs
Accordions

Accordions

accordions

A
94

Create sleek accordions, tabs, FAQs, and image accordions with a React builder featuring advanced styling, animations, OpenAI support, and customizati &hellip;

20K 8 CVEs
Developer Profile

Easy Accordion – Responsive Accordion FAQ Builder and Product FAQ Developer Profile

ShapedPlugin LLC

18 plugins · 315K total installs

78
trust score
Avg Security Score
98/100
Avg Patch Time
361 days
View full developer profile
Detection Fingerprints

How We Detect Easy Accordion – Responsive Accordion FAQ Builder and Product FAQ

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/easy-accordion-free/assets/css/sp-ea-fontello-icons.css/wp-content/plugins/easy-accordion-free/assets/css/sp-ea-style.css/wp-content/plugins/easy-accordion-free/assets/js/sp-ea-accordion.js/wp-content/plugins/easy-accordion-free/assets/css/sp-ea-style-admin.css
Script Paths
/wp-content/plugins/easy-accordion-free/assets/js/sp-ea-accordion.js
Version Parameters
easy-accordion-free/assets/css/sp-ea-style.css?ver=easy-accordion-free/assets/js/sp-ea-accordion.js?ver=

HTML / DOM Fingerprints

CSS Classes
sp-ea-accordion-containersp-ea-accordion-content
Data Attributes
data-sp-ea-id
JS Globals
easy_accordion_free_ajax_object
Shortcode Output
[sp_easyaccordion id=
FAQ

Frequently Asked Questions about Easy Accordion – Responsive Accordion FAQ Builder and Product FAQ