WP-Safety

Fluidity Document Library Security & Risk Analysis

wordpress.org/plugins/fluidity-document-library

A modern document library plugin for WordPress featuring a sleek design and a fast, responsive user experience.

0 active installs v1.0.5 PHP + WP 6.0+ Updated Mar 6, 2026
document-libraryfile-managerglassmorphismvuejs
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Fluidity Document Library Safe to Use in 2026?

Generally Safe

Score 100/100

Fluidity Document Library has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 28d ago
Risk Assessment

The fluidity-document-library plugin version 1.0.5 exhibits a mixed security posture. On the positive side, the code adheres to several good security practices, including the exclusive use of prepared statements for all SQL queries and a high percentage of properly escaped output. There are no recorded vulnerabilities (CVEs) in its history, and no dangerous functions, file operations, or external HTTP requests were detected, suggesting a generally well-written codebase in these areas. Furthermore, nonce checks and capability checks are present for a portion of the entry points.

However, a significant concern arises from the substantial attack surface exposed without adequate authentication. Out of six identified entry points, five are AJAX handlers that lack proper authorization checks. This means that any unauthenticated user could potentially interact with these AJAX endpoints, opening the door to various vulnerabilities if the handlers themselves are not sufficiently secured against malicious input. The absence of any taint analysis results is also noteworthy; while it could indicate a lack of complex data flows that could be exploited, it might also suggest that taint analysis was not performed comprehensively or that the plugin's functionality is simple enough that such flows are absent.

In conclusion, while the plugin demonstrates strengths in its handling of SQL and output escaping, and its lack of historical vulnerabilities is a positive sign, the high number of unprotected AJAX endpoints is a critical weakness. This significantly elevates the risk of exploitation, particularly if these endpoints process user-supplied data without proper validation and sanitization.

Key Concerns

  • Unprotected AJAX handlers
  • Large attack surface without auth
  • Missing nonce checks on AJAX
  • Missing capability checks on AJAX
Vulnerabilities
None known

Fluidity Document Library Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Fluidity Document Library Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
41 escaped
Nonce Checks
6
Capability Checks
4
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

98% escaped42 total outputs
Attack Surface
5 unprotected

Fluidity Document Library Attack Surface

Entry Points6
Unprotected5

AJAX Handlers 5

authwp_ajax_fluidity_dl_handle_bulk_uploadincludes\class-fluidity-dl.php:149
authwp_ajax_fluidity_dl_extract_pdf_metadataincludes\class-fluidity-dl.php:150
authwp_ajax_fluidity_dl_admin_document_actionincludes\class-fluidity-dl.php:152
authwp_ajax_fluidity_dl_fetch_papersincludes\class-fluidity-dl.php:173
noprivwp_ajax_fluidity_dl_fetch_papersincludes\class-fluidity-dl.php:174

Shortcodes 1

[fluidity_dl_library] public\class-fluidity-dl-public.php:100
WordPress Hooks 13
actionadmin_enqueue_scriptsincludes\class-fluidity-dl.php:137
actionadmin_enqueue_scriptsincludes\class-fluidity-dl.php:138
actionadmin_menuincludes\class-fluidity-dl.php:141
actionadd_meta_boxesincludes\class-fluidity-dl.php:144
actionsave_postincludes\class-fluidity-dl.php:145
actionadmin_initincludes\class-fluidity-dl.php:146
actionwp_enqueue_scriptsincludes\class-fluidity-dl.php:166
actionwp_enqueue_scriptsincludes\class-fluidity-dl.php:167
actioninitincludes\class-fluidity-dl.php:170
actioninitincludes\class-fluidity-dl.php:183
actioninitincludes\class-fluidity-dl.php:184
actioninitincludes\class-fluidity-dl.php:185
filterposts_clausespublic\class-fluidity-dl-public.php:232
Maintenance & Trust

Fluidity Document Library Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 6, 2026
PHP min version
Downloads130

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Fluidity Document Library Alternatives

Document Library Lite

Document Library Lite

document-library-lite

A
96

Create a WordPress document library to manage, search and download files.

4K 3 CVEs
Filr – Secure document library

Filr – Secure document library

filr-protection

C
62

Easily Create a Secure Document Library with Filr

800 1 unpatched
File Manager

File Manager

wp-file-manager

A
87

file manager provides you ability to edit, delete, upload, download, copy and paste files and folders.

1.0M 12 CVEs
FileBird – WordPress Media Library Folders & File Manager

FileBird – WordPress Media Library Folders & File Manager

filebird

A
89

Organize thousands of WordPress media files in folders / categories with ease.

200K 10 CVEs
FileOrganizer – WordPress File Manager

FileOrganizer – WordPress File Manager

fileorganizer

A
95

FileOrganizer is an intuitive file manager to easily edit, delete, upload, download, and manage all your WordPress files and folders right from the da …

200K 5 CVEs
Developer Profile

Fluidity Document Library Developer Profile

sightfactory

8 plugins · 190 total installs

93
trust score
Avg Security Score
98/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Fluidity Document Library

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/fluidity-document-library/admin/css/fluidity-dl-admin.css/wp-content/plugins/fluidity-document-library/assets/css/glass-style.css/wp-content/plugins/fluidity-document-library/admin/js/fluidity-dl-admin.js
Script Paths
/wp-content/plugins/fluidity-document-library/assets/js/lib/vue.global.prod.js/wp-content/plugins/fluidity-document-library/assets/js/lib/vue.global.js
Version Parameters
fluidity-dl-admin.css?ver=glass-style.css?ver=fluidity-dl-admin.js?ver=vue.global.prod.js?ver=vue.global.js?ver=

HTML / DOM Fingerprints

CSS Classes
wp-block-fluidity-document-library-document-list
HTML Comments
<!-- Add Document Manager as the first submenu item (optional but good for clarity) --><!-- Folders Submenu --><!-- Tags Submenu --><!-- Use nonce for verification -->
Data Attributes
data-fluidity-dl-doc-iddata-fluidity-dl-file-urldata-fluidity-dl-download-url
JS Globals
fluidity_dl_admin_vars
Shortcode Output
[fluidity_document_list][fluidity_document_viewer]
FAQ

Frequently Asked Questions about Fluidity Document Library