WP-Safety

Hide/Show Post/Page Content Security & Risk Analysis

wordpress.org/plugins/hideshow-postpage-content

Hides or shows a selected part of public posts/pages content (text, images, etc.) depending on whether the user is logged or not.

100 active installs v1.5.4 PHP 8.0+ WP 5.9+ Updated Dec 30, 2024
hide-contenthide-imagehide-textshow-contentshow-text
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Hide/Show Post/Page Content Safe to Use in 2026?

Generally Safe

Score 92/100

Hide/Show Post/Page Content has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "hideshow-postpage-content" plugin v1.5.4 demonstrates a generally positive security posture based on the static analysis. The complete absence of any known CVEs, both past and present, is a strong indicator of good security practices by the developers. Furthermore, the code analysis reveals no critical or high-severity taint flows, suggesting a low risk of arbitrary code execution or data breaches originating from untrusted input.

However, a few areas warrant attention. While the majority of SQL queries utilize prepared statements, there's a small percentage that do not, posing a potential risk for SQL injection if these queries handle user-supplied data. Additionally, the output escaping is only properly implemented in 42% of cases. This lower-than-ideal rate increases the risk of Cross-Site Scripting (XSS) vulnerabilities, especially if unsanitized data is displayed to users.

Overall, the plugin appears to be relatively secure due to the lack of historical vulnerabilities and the absence of critical code execution risks. The primary concerns lie in the potential for SQL injection and XSS due to the identified less-than-ideal practices in SQL query preparation and output escaping. Addressing these specific areas would further enhance the plugin's security.

Key Concerns

  • SQL queries not using prepared statements
  • Low percentage of properly escaped output
Vulnerabilities
None known

Hide/Show Post/Page Content Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Hide/Show Post/Page Content Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
15 prepared
Unescaped Output
39
28 escaped
Nonce Checks
3
Capability Checks
1
File Operations
6
External Requests
1
Bundled Libraries
0

SQL Query Safety

94% prepared16 total queries

Output Escaping

42% escaped67 total outputs
Attack Surface

Hide/Show Post/Page Content Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 26
actionwp_dashboard_setupsos\wp\dashboardwidget.php:20
actioncurrent_screensos\wp\data\form.php:46
actionthe_postsos\wp\data\form.php:48
actionplugins_loadedsos\wp\data\wpdatabase.php:84
actionsave_postsos\wp\metabox.php:67
actionadmin_noticessos\wp\metabox.php:76
actioninitsos\wp\plugin.php:336
actionplugins_loadedsos\wp\plugin.php:389
actionplugin_loadedsos\wp\plugin.php:397
actionplugins_loadedsos\wp\plugin.php:400
actionenqueue_block_editor_assetssos\wp\plugin.php:408
actionelementor/widgets/widgets_registeredsos\wp\plugin.php:487
filterquery_varssos\wp\plugin.php:533
actionrest_api_initsos\wp\plugin.php:546
actionadmin_initsos\wp\plugin.php:554
actionadd_meta_boxessos\wp\plugin.php:557
actionedit_form_after_titlesos\wp\plugin.php:563
filterplugin_row_metasos\wp\plugin.php:587
actionadmin_menusos\wp\plugin.php:600
actionadmin_menusos\wp\plugin.php:603
actionthe_postssos\wp\plugin.php:609
actionplugins_loadedsos\wp\plugin.php:615
actionwp_enqueue_scriptssos\wp\tasset.php:44
actionadmin_enqueue_scriptssos\wp\tasset.php:56
actionadmin_enqueue_scriptssos\wp\tasset.php:77
actionplugins_loadedsos\wp\ttranslation.php:69
Maintenance & Trust

Hide/Show Post/Page Content Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedDec 30, 2024
PHP min version8.0
Downloads6K

Community Trust

Rating92/100
Number of ratings5
Active installs100
Alternatives

Hide/Show Post/Page Content Alternatives

Show-Hide / Collapse-Expand

Show-Hide / Collapse-Expand

show-hidecollapse-expand

B
84

Save space on your pages, posts, sidebars. Hide the content before user clicks to see it. Collapse long lists, create FAQs & more.

10K 2 CVEs
Anonymous Restricted Content

Anonymous Restricted Content

anonymous-restricted-content

A
91

Simple but yet effective plugin to hide selected posts and pages from anonymous users.

1K 2 CVEs
Responsive Block Control – Hide blocks based on display width

Responsive Block Control – Hide blocks based on display width

responsive-block-control

A
99

Responsive Block Control adds responsive toggles to a "Visibility" panel of the block editor, to show or hide blocks according to screen width.

1K 1 CVE
Restrict for Elementor

Restrict for Elementor

restrict-for-elementor

A
99

Show or hide Elementor sections, columns and widgets with ease using many different criteria

1K 1 CVE
Visibility Control for LearnDash

Visibility Control for LearnDash

visibility-control-for-learndash

A
100

Visibility Control for LearnDash helps you hide messages and content for specific criterion anywhere on your WordPress page.

1K No CVEs
Developer Profile

Hide/Show Post/Page Content Developer Profile

sosidee

5 plugins · 6K total installs

90
trust score
Avg Security Score
94/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Hide/Show Post/Page Content

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

REST Endpoints
/wp-json/rapi/v1/wp_rest
Shortcode Output
[soshsc
FAQ

Frequently Asked Questions about Hide/Show Post/Page Content