FluentBoards – Project Management, Task Management, Goal Tracking, Kanban Board, and, Team Collaboration Security & Risk Analysis

wordpress.org/plugins/fluent-boards

The Simplest Project & Task Management Plugin Specifically Crafted for Agencies, Freelancers & Founders.

6K active installs v1.91.2 PHP 7.3+ WP 5.0+ Updated Jan 26, 2026

kanbanprojectproject-managementtask-managementtask-manager

A · Safe

CVEs total2

Unpatched0

Last CVEJan 22, 2026

Plugin page Download

Safety Verdict

Is FluentBoards – Project Management, Task Management, Goal Tracking, Kanban Board, and, Team Collaboration Safe to Use in 2026?

Generally Safe

Score 93/100

FluentBoards – Project Management, Task Management, Goal Tracking, Kanban Board, and, Team Collaboration has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Jan 22, 2026Updated 2mo ago

Risk Assessment

The 'fluent-boards' v1.91.2 plugin exhibits a mixed security posture. While it demonstrates good practices in SQL query sanitization (98% prepared) and output escaping (96%), significant concerns arise from its attack surface and vulnerability history. The presence of an unprotected AJAX handler represents a direct entry point for potential malicious activity without proper authentication, a critical oversight. Furthermore, the plugin's history includes two known CVEs, one of which was critical and related to missing authorization, a pattern that aligns with the unprotected AJAX handler identified in the static analysis. The fact that both CVEs are now patched is positive, but the previous critical vulnerability and the ongoing lack of nonce checks on AJAX requests suggest a recurring pattern of overlooking authorization and input validation on sensitive entry points. The taint analysis, while showing no critical or high severity flows, did reveal unsanitized paths, which could be exacerbated by the unprotected AJAX endpoint.

Key Concerns

Unprotected AJAX handler
Missing nonce checks
Previously patched critical CVE (Missing Authorization)
Flows with unsanitized paths detected

Vulnerabilities

FluentBoards – Project Management, Task Management, Goal Tracking, Kanban Board, and, Team Collaboration Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

1 CVE in 2026

2026

Patched Has unpatched

Severity Breakdown

Critical

Medium

2 total CVEs

CVE-2026-24561medium · 4.3Missing Authorization

FluentBoards <= 1.91.1 - Missing Authorization

Jan 22, 2026 Patched in 1.91.2 (7d)

CVE-2025-39551critical · 9.8Deserialization of Untrusted Data

FluentBoards <= 1.47 - Unauthenticated PHP Object Injection

Apr 17, 2025 Patched in 1.48 (6d)

Code Analysis

Analyzed Mar 16, 2026

FluentBoards – Project Management, Task Management, Goal Tracking, Kanban Board, and, Team Collaboration Code Analysis

Dangerous Functions

Raw SQL Queries

47 prepared

Unescaped Output

306 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

98% prepared48 total queries

Output Escaping

96% escaped320 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

4 flows4 with unsanitized paths

view_uploaded_comment_image (app\Hooks\Handlers\ExternalPages.php:15)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

FluentBoards – Project Management, Task Management, Goal Tracking, Kanban Board, and, Team Collaboration Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_fluentform_fluent_board_configapp\Services\Intergrations\FluentFormIntegration\Bootstrap.php:44

WordPress Hooks 24

actioninitapp\Hooks\actions.php:128

actioninitapp\Hooks\actions.php:146

actioninitapp\Hooks\actions.php:155

actioninitapp\Hooks\actions.php:159

actioninitapp\Hooks\actions.php:172

actionadmin_menuapp\Hooks\Handlers\AdminMenuHandler.php:22

filterfluent_crm/core_menu_itemsapp\Hooks\Handlers\AdminMenuHandler.php:24

actionadmin_enqueue_scriptsapp\Hooks\Handlers\AdminMenuHandler.php:35

filterfluent_crm/sidebar_core_menu_itemsapp\Hooks\Handlers\AdminMenuHandler.php:44

actionwp_print_scriptsapp\Hooks\Handlers\AdminMenuHandler.php:253

filteruser_can_richeditapp\Hooks\Handlers\AdminMenuHandler.php:296

filteradmin_footer_textapp\Hooks\Handlers\AdminMenuHandler.php:522

filterupdate_footerapp\Hooks\Handlers\AdminMenuHandler.php:530

filterfluentcrm_ajax_options_boardsapp\Services\Intergrations\FluentCRM\DeepIntegration.php:16

filterfluentcrm_ajax_options_task_templatesapp\Services\Intergrations\FluentCRM\DeepIntegration.php:17

filterfluent_crm_asset_listed_slugsapp\Services\Intergrations\FluentCRM\Init.php:23

actionfluent_crm/global_appjs_loadedapp\Services\Intergrations\FluentCRM\Init.php:33

filterwp_handle_upload_prefilterapp\Services\Libs\FileSystem.php:137

filterupload_dirapp\Services\Libs\FileSystem.php:138

filterwp_handle_uploadapp\Services\Libs\FileSystem.php:140

actionplugins_loadedboot\app.php:25

actionfluentcrm_loadedboot\app.php:29

actionfluentform/loadedboot\app.php:33

actionwp_initialize_siteboot\app.php:38

Maintenance & Trust

FluentBoards – Project Management, Task Management, Goal Tracking, Kanban Board, and, Team Collaboration Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 26, 2026

PHP min version7.3

Downloads85K

Community Trust

Rating100/100

Number of ratings23

Active installs6K

Alternatives

FluentBoards – Project Management, Task Management, Goal Tracking, Kanban Board, and, Team Collaboration Alternatives

Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker

wedevs-project-manager

Ease Project Management and Task Management using a powerful project manager with Kanban board, Gantt chart, milestone tracking & project reporting.

7K 1 unpatched

Taskbuilder – Project Management & Task Management Tool With Kanban Board

taskbuilder

Taskbuilder is a project management and task management plugin for WordPress with Kanban-style boards to organize and track work.

800 11 CVEs

LazyTasks – Project & Task Management with Collaboration, Kanban and Gantt Chart

lazytasks-project-task-management

Comprehensive Task Management, FREE! Minimalist design with powerful features to boost your productivity.

70 2 unpatched

GemBoards – Project Management, Task Management, Sprint Planning, Team Collaboration, and Kanban board Plugin

gemboards

100

GemBoards is a project and task management plugin that helps teams manage projects, Kanban boards, and sprint workflows from one place.

0 No CVEs

QuickTasker

quicktasker

100

Task management plugin designed to help you organize your projects, streamline workflows, and get tasks done efficiently.

0 No CVEs

Developer Profile

FluentBoards – Project Management, Task Management, Goal Tracking, Kanban Board, and, Team Collaboration Developer Profile

Mahmudul Hasan Arif

7 plugins · 40K total installs

trust score

Avg Security Score

87/100

Avg Patch Time

19 days

View full developer profile

Detection Fingerprints

How We Detect FluentBoards – Project Management, Task Management, Goal Tracking, Kanban Board, and, Team Collaboration

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/fluent-boards/dist/css/fluent-boards.css/wp-content/plugins/fluent-boards/dist/js/fluent-boards.js/wp-content/plugins/fluent-boards/dist/js/app.js/wp-content/plugins/fluent-boards/dist/js/chunk-vendors.js

Script Paths

/wp-content/plugins/fluent-boards/dist/js/fluent-boards.js/wp-content/plugins/fluent-boards/dist/js/app.js/wp-content/plugins/fluent-boards/dist/js/chunk-vendors.js

Version Parameters

fluent-boards/dist/css/fluent-boards.css?ver=fluent-boards/dist/js/fluent-boards.js?ver=fluent-boards/dist/js/app.js?ver=fluent-boards/dist/js/chunk-vendors.js?ver=

HTML / DOM Fingerprints

CSS Classes

fluent-board-appfluent-board-settings-appfb-editor-modalfb-board-containerfb-board-columnfb-column-cardfb-card-details-wrapperfb-card-title

HTML Comments

Data Attributes

v-cloakdata-app-root

JS Globals

FluentBoardsAppfluentBoardsSettings

REST Endpoints

/wp-json/fluent-boards/v1/settings

FAQ