WP-Safety

Fancy Top Bar Countdown Security & Risk Analysis

wordpress.org/plugins/fancy-top-bar-countdown

Fancy Top Bar Countdown is a Wordpress Plugin for displaying rundown timer.

10 active installs v1.0 PHP + WP 4.0+ Updated Apr 13, 2016
clockcoming-sooncountdowncounterevent
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Fancy Top Bar Countdown Safe to Use in 2026?

Generally Safe

Score 85/100

Fancy Top Bar Countdown has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago
Risk Assessment

The plugin "fancy-top-bar-countdown" v1.0 presents a mixed security posture. On the positive side, it has a very small attack surface with only one shortcode, and all identified entry points appear to have capability checks. There are no known vulnerabilities or CVEs associated with this plugin, indicating a relatively clean history. Furthermore, all SQL queries utilize prepared statements, and there are no file operations or external HTTP requests, which are common vectors for exploitation.

However, a significant concern arises from the presence of the `unserialize()` function, which is notoriously dangerous if used with untrusted input. While the static analysis did not identify any specific taint flows related to this function, its mere presence represents a potential vulnerability if the serialized data originates from an untrusted source. The output escaping, while at 71%, suggests that approximately 29% of outputs are not properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is reflected directly in the output without sanitization.

Overall, the plugin demonstrates good practices in areas like SQL query handling and limiting external interactions. The lack of known vulnerabilities is encouraging. Nevertheless, the potential risk posed by `unserialize()` and the unescaped outputs warrant careful consideration and potential mitigation.

Key Concerns

  • Unescaped output detected
  • Dangerous function unserialize() found
Vulnerabilities
None known

Fancy Top Bar Countdown Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Fancy Top Bar Countdown Release Timeline

No version history available.
Code Analysis
Analyzed Apr 16, 2026

Fancy Top Bar Countdown Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
75
186 escaped
Nonce Checks
3
Capability Checks
3
File Operations
0
External Requests
0
Bundled Libraries
1

Dangerous Functions Found

unserialize$datetime = unserialize( $args['value'] );includes/framework/includes/CMB2_Types.php:586

Bundled Libraries

Select23.5.1

Output Escaping

71% escaped261 total outputs
Attack Surface

Fancy Top Bar Countdown Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[countdown-99plugin] includes/shortcode-nn-count-down.php:8
WordPress Hooks 34
actionadmin_menuincludes/admin-menus.php:10
actionadmin_initincludes/admin-menus.php:32
actionwp_enqueue_scriptsincludes/class-nn-count-down.php:37
actionadmin_enqueue_scriptsincludes/class-nn-count-down.php:38
actionadmin_initincludes/class-nn-settings-options.php:55
actionadmin_menuincludes/class-nn-settings-options.php:56
actioncmb2_admin_initincludes/class-nn-settings-options.php:57
filterget_post_metadataincludes/framework/includes/CMB2_Ajax.php:116
filterupdate_post_metadataincludes/framework/includes/CMB2_Ajax.php:119
filtercmb2_show_onincludes/framework/includes/CMB2_hookup.php:68
actionadd_meta_boxesincludes/framework/includes/CMB2_hookup.php:81
actionadd_attachmentincludes/framework/includes/CMB2_hookup.php:82
actionedit_attachmentincludes/framework/includes/CMB2_hookup.php:83
actionsave_postincludes/framework/includes/CMB2_hookup.php:84
actionadd_meta_boxes_commentincludes/framework/includes/CMB2_hookup.php:89
actionedit_commentincludes/framework/includes/CMB2_hookup.php:90
actionshow_user_profileincludes/framework/includes/CMB2_hookup.php:115
actionedit_user_profileincludes/framework/includes/CMB2_hookup.php:116
actionuser_new_formincludes/framework/includes/CMB2_hookup.php:117
actionpersonal_options_updateincludes/framework/includes/CMB2_hookup.php:119
actionedit_user_profile_updateincludes/framework/includes/CMB2_hookup.php:120
actionuser_registerincludes/framework/includes/CMB2_hookup.php:121
actioninitincludes/framework/init.php:119
filtercmb2_render_nn_selectincludes/framework/select2/cmb-field-select2.php:29
filtercmb2_render_nn_multiselectincludes/framework/select2/cmb-field-select2.php:58
filtercmb2_types_esc_nn_multiselectincludes/framework/select2/cmb-field-select2.php:66
filtercmb2_sanitize_nn_multiselectincludes/framework/select2/cmb-field-select2.php:78
filterpage_templateincludes/functions.php:93
actionwp_headincludes/hooks.php:6
actionwidgets_initincludes/hooks.php:25
actionvc_before_initincludes/hooks.php:38
actionplugins_loadedincludes/hooks.php:41
actionwp_enqueue_scriptsincludes/scripts.php:3
actionplugins_loadedinit.php:50
Maintenance & Trust

Fancy Top Bar Countdown Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39
Last updatedApr 13, 2016
PHP min version
Downloads5K

Community Trust

Rating100/100
Number of ratings3
Active installs10
Alternatives

Fancy Top Bar Countdown Alternatives

Countdown Timer Ultimate

Countdown Timer Ultimate

countdown-timer-ultimate

A
100

A quick, easy way to add and display responsive Countdown timer on your website. Also work with Gutenberg shortcode block.

20K No CVEs
Easy Timer

Easy Timer

easy-timer

A
98

Allows you to easily display a count down/up timer, the time or the current date on your website, and to schedule an automatic content modification.

1K 1 CVE
GW Count Down

GW Count Down

gw-count-down

A
100

Display a live countdown timer anywhere on your site using a simple shortcode.

100 No CVEs
CTC Countdown Timer Cookies

CTC Countdown Timer Cookies

ctc-countdown-timer-cookies

A
85

Create a persistent responsive countdown timer to any date/time.

10 No CVEs
Devgirl Countdown Clock

Devgirl Countdown Clock

devgirl-countdown-clock

A
85

A simple countdown timer/clock you can place in a page, post or widget using a shortcode. Elementor-friendly.

10 No CVEs
Developer Profile

Fancy Top Bar Countdown Developer Profile

99plugins

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Fancy Top Bar Countdown

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/fancy-top-bar-countdown/assets/css/nprogress.css/wp-content/plugins/fancy-top-bar-countdown/assets/css/fancy-top-bar-countdown.css/wp-content/plugins/fancy-top-bar-countdown/assets/js/nprogress.js/wp-content/plugins/fancy-top-bar-countdown/assets/js/fancy-top-bar-countdown.js
Script Paths
/wp-content/plugins/fancy-top-bar-countdown/assets/js/nprogress.js/wp-content/plugins/fancy-top-bar-countdown/assets/js/fancy-top-bar-countdown.js
Version Parameters
fancy-top-bar-countdown/assets/css/nprogress.css?ver=fancy-top-bar-countdown/assets/css/fancy-top-bar-countdown.css?ver=fancy-top-bar-countdown/assets/js/nprogress.js?ver=fancy-top-bar-countdown/assets/js/fancy-top-bar-countdown.js?ver=

HTML / DOM Fingerprints

CSS Classes
fancy-top-bar-countdownfancy-top-bar-countdown-container
Data Attributes
data-countdown-id
JS Globals
fancy_top_bar_countdown_obj
Shortcode Output
[fancy_top_bar_countdown
FAQ

Frequently Asked Questions about Fancy Top Bar Countdown