WP-Safety

Grid Social Boxes Security & Risk Analysis

wordpress.org/plugins/grid-social-boxes

Additional boxes for Grid Plugin

10 active installs v1.6.2 PHP + WP 4.0+ Updated Nov 5, 2020
admineditorgridlandingpagepage
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Grid Social Boxes Safe to Use in 2026?

Generally Safe

Score 85/100

Grid Social Boxes has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The "grid-social-boxes" plugin v1.6.2 demonstrates several positive security practices, including the absence of known CVEs and a commitment to using prepared statements for SQL queries. The static analysis also indicates a low attack surface, with no identified AJAX handlers, REST API routes, shortcodes, or cron events that are directly exposed without authentication or permission checks. However, there are significant areas for concern. The plugin exhibits a very low rate of output escaping (12%), suggesting a high likelihood of cross-site scripting (XSS) vulnerabilities. Furthermore, the presence of unsanitized paths in taint analysis, even if not classified as critical or high severity, points to potential file inclusion or manipulation risks. The plugin also performs file operations and external HTTP requests, which, without proper validation or sanitization, could be leveraged for malicious purposes. The lack of nonce checks on any entry points and a limited number of capability checks (3) also indicate potential weaknesses in authorization and session management.

Key Concerns

  • Low output escaping rate
  • Unsanitized paths in taint analysis
  • File operations without clear context
  • External HTTP requests without clear context
  • Lack of nonce checks
  • Limited capability checks
Vulnerabilities
None known

Grid Social Boxes Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Grid Social Boxes Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
76
10 escaped
Nonce Checks
0
Capability Checks
3
File Operations
1
External Requests
1
Bundled Libraries
1

Bundled Libraries

Guzzle

Output Escaping

12% escaped86 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
renderPage (classes\Type\Youtube.php:107)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Grid Social Boxes Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 14
actionadmin_menuclasses\Settings.php:75
actionadmin_initclasses\Type\Facebook.php:39
actionadmin_noticesclasses\Type\Facebook.php:40
actioninitclasses\Type\Instagram.php:36
filterquery_varsclasses\Type\Instagram.php:37
actionparse_requestclasses\Type\Instagram.php:38
filterquery_varsclasses\Type\Twitter.php:32
actionparse_requestclasses\Type\Twitter.php:33
actioninitclasses\Type\Twitter.php:34
actioninitclasses\Type\Youtube.php:42
filterquery_varsclasses\Type\Youtube.php:43
actionparse_requestclasses\Type\Youtube.php:44
actiongrid_load_classesgrid-social-boxes.php:68
filtergrid_templates_pathsgrid-social-boxes.php:69
Maintenance & Trust

Grid Social Boxes Maintenance & Trust

Maintenance Signals

WordPress version tested5.5.18
Last updatedNov 5, 2020
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Grid Social Boxes Alternatives

Grid

Grid

grid

A
99

Grid is a containerist landingpage editor.

70 1 CVE
Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

post-and-page-builder

A
95

Post and Page Builder is a standalone plugin which adds functionality to the existing TinyMCE Editor.

60K 10 CVEs
WP Table Tag Gen

WP Table Tag Gen

wp-table-tag-gen

A
85

This plugin generates table tags with simple operations.

200 No CVEs
Admin Posts Navigation

Admin Posts Navigation

admin-posts-navigation

A
100

Navigate between posts and pages without returning to the post list. Works with Classic Editor, Gutenberg, and all Custom Post Types.

80 No CVEs
Admin Setting

Admin Setting

admin-setting

A
85

With Admin Setting you can easily customize the WordPress admin menu and toolbar and customize the admin and login interfaces Admin Setting provides a …

10 No CVEs
Developer Profile

Grid Social Boxes Developer Profile

EdwardBock

22 plugins · 2K total installs

72
trust score
Avg Security Score
90/100
Avg Patch Time
107 days
View full developer profile
Detection Fingerprints

How We Detect Grid Social Boxes

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/grid-social-boxes/public-functions.php/wp-content/plugins/grid-social-boxes/grid/grid_fb_like_box_box.php/wp-content/plugins/grid-social-boxes/grid/grid_facebook_feed_box.php/wp-content/plugins/grid-social-boxes/grid/grid_social_timeline_box.php/wp-content/plugins/grid-social-boxes/grid/grid_youtube_feed_box.php/wp-content/plugins/grid-social-boxes/grid/grid_youtube_box.php/wp-content/plugins/grid-social-boxes/grid/grid_instagram_box.php/wp-content/plugins/grid-social-boxes/grid/grid_wp_twitterboxes.php+2 more

HTML / DOM Fingerprints

CSS Classes
grid-social-boxes-facebookgrid-social-boxes-twittergrid-social-boxes-youtubegrid-social-boxes-instagram
JS Globals
grid_social_boxes_facebook_js_args
FAQ

Frequently Asked Questions about Grid Social Boxes