GM HTML Carousel Security & Risk Analysis
wordpress.org/plugins/gm-html-carouselA simple and flexible HTML / text carousel with easy to use shortcodes.
Is GM HTML Carousel Safe to Use in 2026?
Generally Safe
Score 85/100GM HTML Carousel has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "gm-html-carousel" v1.0 plugin presents a generally positive security posture based on the provided static analysis. The absence of known CVEs and a clean vulnerability history are strong indicators of good security practices over time. The code analysis reveals a minimal attack surface, with only one shortcode identified as an entry point, and crucially, no AJAX handlers or REST API routes exposed without proper authentication and permission checks. The plugin also demonstrates good practices in its handling of SQL queries, exclusively using prepared statements, and avoiding file operations and external HTTP requests. However, a notable area of concern is the output escaping. With only 50% of identified outputs properly escaped, there is a potential risk of Cross-Site Scripting (XSS) vulnerabilities, especially if user-supplied data is involved in the unescaped outputs. The absence of nonce checks, while not directly indicative of a vulnerability given the limited attack surface and lack of critical taint flows, is a missed opportunity to further harden the plugin against CSRF attacks.
Key Concerns
- Half of outputs are not properly escaped
- No nonce checks implemented
GM HTML Carousel Security Vulnerabilities
GM HTML Carousel Release Timeline
GM HTML Carousel Code Analysis
Output Escaping
GM HTML Carousel Attack Surface
Shortcodes 1
WordPress Hooks 4
Maintenance & Trust
GM HTML Carousel Maintenance & Trust
Maintenance Signals
Community Trust
GM HTML Carousel Alternatives
Yoo Slider – Image Slider & Video Slider
yoo-slider
Craft a slider effortlessly with our WordPress plugin! Design image slider, video slider, carousel or even coverflow slider in seconds.
Testimonial Slider, Grid & Carousel
testimonial-awesome
Create and display Testimonial slider, testimonial grid & testimonial carousel under. Easy to create. Easy to customize.
Easy Testimonials Carousel
easy-testimonials-carousel
Easy Testimonials Carousel
Fancy Testimonials
fancy-testimonials
Plugin for displaying testimonials via a shortcode for use on posts and pages.
Reviews Carousel
reviews-carousel
Reviews Carousel is a free and powerful plugin that lets you create and showcase customer reviews in a dynamic carousel format.
GM HTML Carousel Developer Profile
3 plugins · 0 total installs
How We Detect GM HTML Carousel
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/gm-html-carousel/css/gm-carousel.css/wp-content/plugins/gm-html-carousel/js/gm-carousel.js/wp-content/plugins/gm-html-carousel/js/tocca/Tocca.min.jshttps://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css/wp-content/plugins/gm-html-carousel/js/gm-carousel.js/wp-content/plugins/gm-html-carousel/js/tocca/Tocca.min.jsgm-carousel-css?ver=gm-carousel-js?ver=gm-tocca-js?ver=HTML / DOM Fingerprints
gm-carousel-jsgm-carousel-cssgm-font-awesomegm-tocca-jsgm_js[gm_carousel][gm_carousel_item]