Does JS-SWITCH have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is JS-SWITCH compatible with WordPress 3.9.40?

According to WordPress.org data, JS-SWITCH 1.1 has been tested up to WordPress 3.9.40. Check the plugin's changelog for the latest compatibility information.

How often is JS-SWITCH updated?

JS-SWITCH was last updated on May 29, 2014. Frequent updates are generally a positive security signal.

What is JS-SWITCH's security score?

JS-SWITCH has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

JS-SWITCH Security & Risk Analysis

wordpress.org/plugins/js-switch

Js-Scrollbox that scroll images of gray-scale and showing original image on hover.

10 active installs v1.1 PHP + WP 3.4+ Updated May 29, 2014

horizontalhover-effectiveresponsivescrollboxslider

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is JS-SWITCH Safe to Use in 2026?

Generally Safe

Score 85/100

JS-SWITCH has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The "js-switch" plugin v1.1 presents a generally good security posture based on the provided static analysis. The absence of direct SQL queries, external HTTP requests, and file operations is a significant strength. Furthermore, the plugin demonstrates good practice by implementing nonce and capability checks for its single identified entry point (shortcode).

However, a critical concern arises from the output escaping analysis. With 2 total outputs and 0% properly escaped, this indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any data displayed through the plugin's shortcode that originates from user input or external sources could be maliciously crafted to execute arbitrary JavaScript in the user's browser.

The plugin's vulnerability history is clean, with no recorded CVEs. This, combined with the secure handling of SQL and the presence of authentication checks on its entry points, suggests a history of secure development. Nevertheless, the lack of proper output escaping remains a significant blind spot and a primary area of concern despite the absence of past vulnerabilities.

Key Concerns

Outputs are not properly escaped (XSS risk)
Bundled outdated jQuery library (potential for known vulns)

Vulnerabilities

None known

JS-SWITCH Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

JS-SWITCH Release Timeline

v1.1Current

v1.0

Code Analysis

Analyzed Mar 17, 2026

JS-SWITCH Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

jQuery1.11.1

Output Escaping

0% escaped2 total outputs

Attack Surface

JS-SWITCH Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[JS-SWITCH] js-switch.php:49

WordPress Hooks 8

actionwp_enqueue_scriptsjs-switch.php:29

actionwp_enqueue_scriptsjs-switch.php:41

actioninitjs-switch.php:88

filtermanage_edit-slidesjs_slider_columnsjs-switch.php:123

actionmanage_slidesjs_slider_posts_custom_columnjs-switch.php:124

actionadd_meta_boxesjs-switch.php:143

actionsave_postjs-switch.php:233

actionwp_enqueue_scriptsjs-switch.php:265

Maintenance & Trust

JS-SWITCH Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40

Last updatedMay 29, 2014

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

JS-SWITCH Alternatives

Accordion and Accordion Slider

accordion-and-accordion-slider

Accordion and Accordion Slider - Responsive and Touch enabled accordion for WordPress Website. Also work with Gutenberg shortcode block.

2K 2 CVEs

Horizontal Scroll Slider

horizontal-scroll-slider

A quick, easy way to add an Responsive header Horizontal Scroll Slider OR Responsive Horizontal Scroll Slider inside wordpress page OR Template.

10 No CVEs

Image Gallery Horizontal

image-gallery-horizontal

A quick, easy way to add an Responsive header Image Gallery Horizontal OR Responsive Image Gallery Horizontal inside wordpress page OR Template.

10 No CVEs

Ditty – Responsive News Tickers, Sliders, and Lists

ditty-news-ticker

Ditty offers a range of content display options, including its signature news ticker and customizable layouts.

30K 14 CVEs

Ultimate Responsive Image Slider

ultimate-responsive-image-slider

100

Create stunning responsive sliders in minutes. Drag-and-drop builder, unlimited sliders, mobile-friendly & SEO optimized!

30K 1 CVE

Developer Profile

JS-SWITCH Developer Profile

Abhayjain

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect JS-SWITCH

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/js-switch/js/jquery.scrollbox.js/wp-content/plugins/js-switch/css/demo.css

Script Paths

/wp-content/plugins/js-switch/js/jquery.scrollbox.js

Version Parameters

js-switch/js/jquery.scrollbox.js?ver=js-switch/css/demo.css?ver=

HTML / DOM Fingerprints

CSS Classes

switchscroll-imgslidesclientscolor-imgbtn

Data Attributes

id="demo5"id="demo5-forward"id="demo5-backward"

Shortcode Output

[JS-SWITCH id=<div class="switch"><div id="demo5" class="scroll-img"><ul class="slides clients">

FAQ