WP-Safety

Eazy Flickity Slider Security & Risk Analysis

wordpress.org/plugins/eazy-flickity-slider

Eazy Flickity Slider is an easy to use responsive slider that uses Flickity.js by Metafizzy to animate the slider.

100 active installs v1.2.1 PHP + WP 4.5+ Updated Jan 2, 2018
flickityflickity-sliderhorizontal-sliderimage-slider-pluginthumbnails-slider
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Eazy Flickity Slider Safe to Use in 2026?

Generally Safe

Score 85/100

Eazy Flickity Slider has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago
Risk Assessment

The eazy-flickity-slider plugin v1.2.1 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices by not making external HTTP requests, not performing file operations, and all its SQL queries are prepared, indicating an awareness of common web vulnerabilities. The vulnerability history is clean, with no recorded CVEs, which is a strong indicator of a well-maintained and secure codebase over time. Furthermore, the static analysis shows no known dangerous functions being used and no critical or high severity taint flows, which are excellent signs.

However, several significant concerns arise from the static analysis. The most notable is the complete lack of output escaping for the four identified output points. This means that any data displayed by the plugin, if it originates from user input or external sources, could be vulnerable to cross-site scripting (XSS) attacks. Additionally, there are no nonce checks or capability checks implemented, which are fundamental security mechanisms in WordPress for validating user actions and permissions. While the attack surface is currently small and all entry points lack direct unprotected access, these missing checks on the sole shortcode entry point are concerning as they leave it vulnerable to unauthorized execution if a malicious actor can control the shortcode's attributes.

In conclusion, while the plugin has a strong foundation in its SQL handling and avoidance of external interactions, the absence of output escaping and essential WordPress security checks represents a tangible risk. The clean vulnerability history is a significant strength, but it does not negate the immediate security weaknesses identified in the current version's code.

Key Concerns

  • Unescaped output for all outputs
  • Missing nonce checks
  • Missing capability checks
Vulnerabilities
None known

Eazy Flickity Slider Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Eazy Flickity Slider Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

TinyMCE

Output Escaping

0% escaped4 total outputs
Attack Surface

Eazy Flickity Slider Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[eazy-flickity-slider] resources\eazy_flickity_slider_shortcode.php:5
WordPress Hooks 21
actionwp_enqueue_scriptseazy_flickity_slider.php:32
actionadmin_enqueue_scriptsresources\eazy_flickity_slider_admin.php:6
actioncurrent_screenresources\eazy_flickity_slider_admin.php:15
filtergettextresources\eazy_flickity_slider_admin.php:22
actiondo_meta_boxesresources\eazy_flickity_slider_admin.php:34
actionrestrict_manage_postsresources\eazy_flickity_slider_admin.php:45
filterimage_downsizeresources\eazy_flickity_slider_admin.php:71
filterimage_downsizeresources\eazy_flickity_slider_admin.php:74
actionadmin_headresources\eazy_flickity_slider_admin.php:80
filtermanage_posts_columnsresources\eazy_flickity_slider_admin.php:83
actionmanage_posts_custom_columnresources\eazy_flickity_slider_admin.php:84
filtermanage_pages_columnsresources\eazy_flickity_slider_admin.php:85
actionmanage_pages_custom_columnresources\eazy_flickity_slider_admin.php:86
actionmedia_buttonsresources\eazy_flickity_slider_admin.php:108
actionadmin_footerresources\eazy_flickity_slider_admin.php:109
actionadmin_enqueue_scriptsresources\eazy_flickity_slider_admin.php:118
actionadmin_enqueue_scriptsresources\eazy_flickity_slider_admin_tinymce.php:4
actioninitresources\eazy_flickity_slider_functions.php:5
actioninitresources\eazy_flickity_slider_functions.php:7
actioninitresources\eazy_flickity_slider_functions.php:9
actionwp_enqueue_scriptsresources\eazy_flickity_slider_shortcode.php:90
Maintenance & Trust

Eazy Flickity Slider Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29
Last updatedJan 2, 2018
PHP min version
Downloads6K

Community Trust

Rating100/100
Number of ratings1
Active installs100
Alternatives

Eazy Flickity Slider Alternatives

Advanced WooCommerce Product Gallery Slider

Advanced WooCommerce Product Gallery Slider

advanced-woocommerce-product-gallery-slider

A
92

Instantly transform the gallery on your WooCommerce Product page into a fully Responsive Stunning Carousel Slider.

4K No CVEs
Post Ticker Ultimate

Post Ticker Ultimate

ticker-ultimate

A
100

Add and display horizontal or vertical post ticker on website that work with WordPress posts with the help of shortcode or Gutenberg block.

1K No CVEs
Video Gallery

Video Gallery

video-slider-with-thumbnails

A
100

This is a beautiful responsive video gallery plugin for WordPress blogs and sites. Admin can manage any number of videos, images into a gallery.

600 1 CVE
Several Images Slider Widget

Several Images Slider Widget

several-images-slider-widget

A
100

This plugin will add Several Images Slider Widget. In this Widget you can set single or multiple images slider with link to all slides.

200 No CVEs
Cinza Slider

Cinza Slider

cinza-slider

A
100

A minimal slider plugin built with Flickity.

100 No CVEs
Developer Profile

Eazy Flickity Slider Developer Profile

Rob Scott

8 plugins · 2K total installs

71
trust score
Avg Security Score
88/100
Avg Patch Time
99 days
View full developer profile
Detection Fingerprints

How We Detect Eazy Flickity Slider

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/eazy-flickity-slider/resources/css/style.css/wp-content/plugins/eazy-flickity-slider/resources/js/flickity.pkgd.min.js/wp-content/plugins/eazy-flickity-slider/resources/js/flickity.shortcode.js/wp-content/plugins/eazy-flickity-slider/resources/js/flickity.homepage.js/wp-content/plugins/eazy-flickity-slider/css/admin-style.css/wp-content/plugins/eazy-flickity-slider/js/flickity.tinymce.js

HTML / DOM Fingerprints

CSS Classes
eazy-flickity-shortcode-buttoneazy-flickity-shortcode-info
JS Globals
EZ_FLICKITY_ELEMENTS_URL
FAQ

Frequently Asked Questions about Eazy Flickity Slider