Does Info Cards – Add Text and Media in Card Layouts have any unpatched vulnerabilities?

No. All known vulnerabilities in Info Cards – Add Text and Media in Card Layouts have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Info Cards – Add Text and Media in Card Layouts compatible with WordPress 6.9.4?

According to WordPress.org data, Info Cards – Add Text and Media in Card Layouts 2.0.8 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Info Cards – Add Text and Media in Card Layouts compatible with PHP 7.1+?

Info Cards – Add Text and Media in Card Layouts requires PHP 7.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Info Cards – Add Text and Media in Card Layouts updated?

Info Cards – Add Text and Media in Card Layouts was last updated on Mar 15, 2026. Frequent updates are generally a positive security signal.

What is Info Cards – Add Text and Media in Card Layouts's security score?

Info Cards – Add Text and Media in Card Layouts has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Info Cards – Add Text and Media in Card Layouts Security & Risk Analysis

wordpress.org/plugins/info-cards

Simple and easy way to create and display information cards anywhere.

2K active installs v2.0.8 PHP 7.1+ WP 5.8+ Updated Mar 15, 2026

blockcardsgutenberginfosection

A · Safe

CVEs total2

Unpatched0

Last CVEAug 26, 2025

Plugin page Download

Safety Verdict

Is Info Cards – Add Text and Media in Card Layouts Safe to Use in 2026?

Generally Safe

Score 98/100

Info Cards – Add Text and Media in Card Layouts has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Aug 26, 2025Updated 19d ago

Risk Assessment

The "info-cards" plugin v2.0.8 exhibits a generally good security posture, with a robust implementation of security best practices. The static analysis reveals a small attack surface with all identified entry points (AJAX handlers, REST API routes, shortcodes) appearing to have proper authentication and permission checks. The code also demonstrates strong adherence to secure coding principles, with 100% of SQL queries using prepared statements, and an exceptionally high percentage (98%) of output properly escaped, significantly mitigating cross-site scripting risks. Nonce and capability checks are also present, further enhancing security. However, a notable concern is the presence of known vulnerabilities in its history, specifically two medium-severity CVEs related to Missing Authorization and Cross-Site Scripting. While currently unpatched CVEs are zero, the historical pattern indicates past weaknesses in these critical areas. The plugin also bundles the Freemius library, which, depending on its version and known vulnerabilities, could introduce additional risk if not actively managed. The single external HTTP request warrants attention to ensure it is secure and does not introduce vulnerabilities.

Key Concerns

Past medium severity vulnerabilities (Auth & XSS)
Bundled library (Freemius)
External HTTP request present

Vulnerabilities

Info Cards – Add Text and Media in Card Layouts Security Vulnerabilities

CVEs by Year

2 CVEs in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2025-54711medium · 4.3Missing Authorization

Info Cards <= 1.0.11 - Missing Authorization

Aug 26, 2025 Patched in 2.0.0 (79d)

CVE-2025-26945medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Info Cards – Gutenberg block for creating Beautiful Cards <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

Feb 23, 2025 Patched in 1.0.6 (9d)

Code Analysis

Analyzed Mar 16, 2026

Info Cards – Add Text and Media in Card Layouts Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

48 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius

Output Escaping

98% escaped49 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

fs_init (freemius-lite\inc\Base\FSActivate.php:68)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Info Cards – Add Text and Media in Card Layouts Attack Surface

Entry Points4

Unprotected0

AJAX Handlers 3

authwp_ajax_fs_initfreemius-lite\inc\Base\FSActivate.php:42

authwp_ajax_bpicbPremiumCheckerinfo-cards.php:105

noprivwp_ajax_bpicbPremiumCheckerinfo-cards.php:106

Shortcodes 1

[icb] inc\IcbShortcode.php:10

WordPress Hooks 23

actionadmin_headfreemius-lite\inc\Base\FSActivate.php:29

actionadmin_enqueue_scriptsfreemius-lite\inc\Base\FSActivate.php:30

actionadmin_menufreemius-lite\inc\Base\FSActivate.php:33

actionadmin_footerfreemius-lite\inc\Base\FSActivate.php:38

actionadmin_footerfreemius-lite\inc\Base\FSActivate.php:39

actionadmin_noticesfreemius-lite\inc\Base\FSActivate.php:44

actioninitfreemius-lite\inc\Base\FS_Lite.php:29

actionadmin_menuinc\IcbAdminMeno.php:8

actionadmin_enqueue_scriptsinc\IcbAdminMeno.php:9

actionadmin_enqueue_scriptsinc\IcbShortcode.php:8

actioninitinc\IcbShortcode.php:9

filtermanage_icb_posts_columnsinc\IcbShortcode.php:12

actionmanage_icb_posts_custom_columninc\IcbShortcode.php:13

filteruse_block_editor_for_postinc\IcbShortcode.php:15

actionadmin_menuinc\ProadminMenu.php:8

actionadmin_enqueue_scriptsinc\ProadminMenu.php:9

actionadmin_menuinc\upgradePage.php:8

actioninitinfo-cards.php:102

actionenqueue_block_assetsinfo-cards.php:103

actionadmin_initinfo-cards.php:107

actionrest_api_initinfo-cards.php:108

filterdefault_titleinfo-cards.php:109

filterdefault_contentinfo-cards.php:115

Maintenance & Trust

Info Cards – Add Text and Media in Card Layouts Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 15, 2026

PHP min version7.1

Downloads28K

Community Trust

Rating100/100

Number of ratings2

Active installs2K

Alternatives

Info Cards – Add Text and Media in Card Layouts Alternatives

Print Page Block – Print Full Page or Specific Section

print-page

100

Print the entire page or part of any web page with just a single click

1K 1 CVE

Section Collection – Add Ready-made Sections to Design Modern Websites

section-collection

100

Section Collection helps you create websites quickly with prebuilt design sections and responsive layouts for Gutenberg.

400 No CVEs

Gecko Blocks

gecko-blocks

Provides multiple basic block types to be used in custom themes.

30 No CVEs

Gecko Section

gecko-section

A full width wrapper block.

10 No CVEs

Info Blocks

info-blocks

A gutenberg block for creating alerts, information or update text

10 No CVEs

Developer Profile

Info Cards – Add Text and Media in Card Layouts Developer Profile

colorlibplugins

120 plugins · 738K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

140 days

View full developer profile

Detection Fingerprints

How We Detect Info Cards – Add Text and Media in Card Layouts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/info-cards/build/index.js/wp-content/plugins/info-cards/build/index.asset.php

Version Parameters

info-cards/build/index.js?ver=info-cards/build/index.asset.php?ver=

HTML / DOM Fingerprints

HTML Comments

 DO NOT REMOVE THIS IF, IT IS ESSENTIAL FOR THE
 * function_exists` CALL ABOVE TO PROPERLY WORK.

Data Attributes

data-wp-element

JS Globals

ic_fsBPICB_Info_Cards

REST Endpoints

/wp-json/bplugins/v1/admin_menu

FAQ