Does Hybrid Slideshow have any unpatched vulnerabilities?

No. All known vulnerabilities in Hybrid Slideshow have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Hybrid Slideshow compatible with WordPress 6.0.11?

According to WordPress.org data, Hybrid Slideshow 2.2.3 has been tested up to WordPress 6.0.11. Check the plugin's changelog for the latest compatibility information.

How often is Hybrid Slideshow updated?

Hybrid Slideshow was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Hybrid Slideshow's security score?

Hybrid Slideshow has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Hybrid Slideshow Security & Risk Analysis

wordpress.org/plugins/hybrid-slideshow

Hybrid Slideshow is a jQuery powered image slideshow with drag and drop image ordering. The slideshow can be inserted using a shortcode, widget, or ph …

80 active installs v2.2.3 PHP + WP 2.8+ Updated Unknown

carouselimagesrotatorslideshow

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Hybrid Slideshow Safe to Use in 2026?

Generally Safe

Score 100/100

Hybrid Slideshow has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The hybrid-slideshow plugin version 2.2.3 exhibits a mixed security posture. While it demonstrates good practices like using prepared statements for all SQL queries and has no recorded vulnerabilities, there are significant areas of concern. The plugin has a relatively small attack surface, but two of its four AJAX handlers lack proper authentication checks. This is a critical weakness that could allow unauthenticated users to trigger potentially harmful actions. Additionally, only 41% of output escaping is properly implemented, suggesting a risk of Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not consistently sanitized before being displayed. The absence of any recorded vulnerabilities in its history is positive, implying the developers may be diligent, but the presence of unauthenticated AJAX endpoints and insufficient output escaping represent immediate and tangible risks that outweigh this historical good fortune. The lack of taint analysis data makes it difficult to assess the full extent of data handling risks, but the existing code signals point to actionable vulnerabilities.

Key Concerns

Unauthenticated AJAX handlers detected
Insufficient output escaping (41% proper)
No capability checks on entry points

Vulnerabilities

None known

Hybrid Slideshow Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Hybrid Slideshow Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

15 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

41% escaped37 total outputs

Attack Surface

2 unprotected

Hybrid Slideshow Attack Surface

Entry Points5

Unprotected2

AJAX Handlers 4

authwp_ajax_hybrid_special_actionhybrid-slideshow.php:55

authwp_ajax_hybrid_delete_actionhybrid-slideshow.php:56

authwp_ajax_hybrid_url_actionhybrid-slideshow.php:57

authwp_ajax_hybrid_add_imagehybrid-slideshow.php:58

Shortcodes 1

[hybrid_slideshow] hybrid-slideshow.php:59

WordPress Hooks 10

actionplugins_loadedhybrid-slideshow.php:51

actionadmin_menuhybrid-slideshow.php:52

actionwp_enqueue_scriptshybrid-slideshow.php:53

actionadmin_enqueue_scriptshybrid-slideshow.php:54

actionwidgets_inithybrid-slideshow.php:60

actionwp_headhybrid-slideshow.php:61

actiondelete_attachmenthybrid-slideshow.php:62

filterpre_update_option_hybrid-slideshow-option-widthhybrid-slideshow.php:63

filterpre_update_option_hybrid-slideshow-option-heighthybrid-slideshow.php:64

actionadmin_inithybrid-slideshow.php:182

Maintenance & Trust

Hybrid Slideshow Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11

Last updatedUnknown

PHP min version

Downloads22K

Community Trust

Rating0/100

Number of ratings0

Active installs80

Alternatives

Hybrid Slideshow Alternatives

Jssor Slider by jssor.com

jssor-slider

Responsive Touch Slideshow/Slider/Gallery/Carousel/Banner

300 No CVEs

WP Bootstrap Carousel

wp-bootstrap-carousel

A simple, straightforward implementation of the Twitter Bootstrap Carousel in WordPress.

100 No CVEs

Cnhk Slideshow [ENDED]

cnhk-slideshow

Fast setup and easy to use, responsive and touch enabled slideshow plugin for WordPress with WYSIWYG editors and animation builders.

40 No CVEs

Acquaint Slick Slider

acquaint-slick-slider

This plugin has multiple slick images and carousel using shortcode.Its has so many customizable features.

10 No CVEs

Smart Slider 3

smart-slider-3

Responsive slider plugin to create sliders in visual editor easily. Build beautiful image slider, layer slider, video slider, post slider, and more.

800K 8 CVEs

Developer Profile

Hybrid Slideshow Developer Profile

muypescado

1 plugin · 80 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Hybrid Slideshow

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/hybrid-slideshow/js/media-uploader.js/wp-content/plugins/hybrid-slideshow/js/custom.js

HTML / DOM Fingerprints

CSS Classes

hybrid-slideshow-wraphybrid-slideshow-imagehybrid-slideshow-captionhs-controlshs-prevhs-nexths-indicator

Data Attributes

data-iddata-attachment_iddata-urldata-widthdata-heightdata-delay+8 more

JS Globals

hybridSlideshowSettings

REST Endpoints

/wp-json/hybrid-slideshow/v1/settings

Shortcode Output

<div class="hybrid-slideshow-wrap" data-id=""><div class="hybrid-slideshow-image"><img src="

FAQ