jqDock Post Thumbs Security & Risk Analysis

wordpress.org/plugins/jqdock-post-thumbs

This plugin allows you to create a Mac-like Dock menu with post thumbnail links or an image gallery in any post or page, using a simple shortcode.

10 active installs v2.0 PHP + WP 3.2.1+ Updated Nov 14, 2011
imagejqdockjquerymacthumbnail
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is jqDock Post Thumbs Safe to Use in 2026?

Generally Safe

Score 85/100

jqDock Post Thumbs has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 14yr ago
Risk Assessment

The jqdock-post-thumbs v2.0 plugin exhibits a generally good security posture based on the provided static analysis, with no detected dangerous functions, SQL injection vulnerabilities, file operations, or external HTTP requests. The code adheres to best practices by exclusively using prepared statements for SQL queries. However, a significant concern arises from the complete lack of output escaping for all detected output points. This means that any data displayed by the plugin could potentially be manipulated by an attacker, leading to cross-site scripting (XSS) vulnerabilities if user-supplied data is not properly sanitized before rendering. The vulnerability history shows no recorded CVEs, which is a positive indicator of past security diligence. Despite the absence of past vulnerabilities, the current lack of output escaping presents a clear and present risk that requires immediate attention.

Key Concerns

  • All outputs lack proper escaping
Vulnerabilities
None known

jqDock Post Thumbs Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

jqDock Post Thumbs Release Timeline

No version history available.
Code Analysis
Analyzed Mar 17, 2026

jqDock Post Thumbs Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

0% escaped4 total outputs
Attack Surface

jqDock Post Thumbs Attack Surface

Entry Points2
Unprotected0

Shortcodes 2

[jqdpostthumbs] jqdpostthumbs.php:132
[jqdgallery] jqdpostthumbs.php:202
WordPress Hooks 2
actionwp_enqueue_scriptsjqdpostthumbs.php:37
actionwp_print_stylesjqdpostthumbs.php:44
Maintenance & Trust

jqDock Post Thumbs Maintenance & Trust

Maintenance Signals

WordPress version tested3.2.1
Last updatedNov 14, 2011
PHP min version
Downloads5K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Developer Profile

jqDock Post Thumbs Developer Profile

Shaun Scovil

4 plugins · 130 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect jqDock Post Thumbs

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/jqdock-post-thumbs/css/jqdpostthumbs.css/wp-content/plugins/jqdock-post-thumbs/scripts/jquery.jqDock.min.js/wp-content/plugins/jqdock-post-thumbs/scripts/jqDock.custom.js/wp-content/plugins/jqdock-post-thumbs/scripts/jqDock.options.js
Script Paths
/wp-content/plugins/jqdock-post-thumbs/scripts/jquery.jqDock.min.js/wp-content/plugins/jqdock-post-thumbs/scripts/jqDock.custom.js/wp-content/plugins/jqdock-post-thumbs/scripts/jqDock.options.js
Version Parameters
jqdock-post-thumbs/css/jqdpostthumbs.css?ver=jqdock-post-thumbs/scripts/jquery.jqDock.min.js?ver=jqdock-post-thumbs/scripts/jqDock.custom.js?ver=jqdock-post-thumbs/scripts/jqDock.options.js?ver=

HTML / DOM Fingerprints

CSS Classes
jqd_containerjqd_menu
Shortcode Output
<div class="jqd_container"><div class="jqd_menu"><a href=<img src=</div></div>
FAQ

Frequently Asked Questions about jqDock Post Thumbs