Does PDF lightbox viewer by csomorelwood have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is PDF lightbox viewer by csomorelwood compatible with WordPress 6.2.9?

According to WordPress.org data, PDF lightbox viewer by csomorelwood 1.0 has been tested up to WordPress 6.2.9. Check the plugin's changelog for the latest compatibility information.

Is PDF lightbox viewer by csomorelwood compatible with PHP 7.0+?

PDF lightbox viewer by csomorelwood requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is PDF lightbox viewer by csomorelwood updated?

PDF lightbox viewer by csomorelwood was last updated on Apr 25, 2023. Frequent updates are generally a positive security signal.

What is PDF lightbox viewer by csomorelwood's security score?

PDF lightbox viewer by csomorelwood has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

PDF lightbox viewer by csomorelwood Security & Risk Analysis

wordpress.org/plugins/lightbox-pdf-viewer-by-csomor

With this plugin you will be able to view PDF files in lighbox popup, and play mp3 files via shortcodes.

20 active installs v1.0 PHP 7.0+ WP 3.0+ Updated Apr 25, 2023

lightboxlightbox-pdfpdfpdf-viewer

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is PDF lightbox viewer by csomorelwood Safe to Use in 2026?

Generally Safe

Score 85/100

PDF lightbox viewer by csomorelwood has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The "lightbox-pdf-viewer-by-csomor" v1.0 plugin demonstrates a generally good security posture in its static analysis. The absence of dangerous functions, file operations, external HTTP requests, and SQL queries without prepared statements are strong indicators of secure coding practices. The high percentage of properly escaped output further mitigates risks associated with cross-site scripting (XSS).

However, there are notable areas for concern. The complete lack of nonce checks and capability checks is a significant weakness, especially given the presence of a shortcode as an entry point. While there are no AJAX handlers or REST API routes currently, if functionality were to be added without proper authentication and authorization mechanisms, it could expose the plugin to vulnerabilities. The vulnerability history being entirely clear is positive, but it doesn't negate the inherent risks identified in the code analysis.

In conclusion, while the plugin avoids several common pitfalls, the lack of essential security checks like nonces and capability checks on its existing entry point (the shortcode) presents a notable risk. Developers should prioritize implementing these checks to harden the plugin's security, especially if its functionality is expanded in the future.

Key Concerns

No nonce checks found
No capability checks found
Unescaped output detected (14%)

Vulnerabilities

None known

PDF lightbox viewer by csomorelwood Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

PDF lightbox viewer by csomorelwood Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

PDF lightbox viewer by csomorelwood Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

19 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

86% escaped22 total outputs

Attack Surface

PDF lightbox viewer by csomorelwood Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[lbpdfviewr] pdf_viewer_by_csomorelwood.php:196

WordPress Hooks 9

actioninitpdf_viewer_by_csomorelwood.php:16

actioninitpdf_viewer_by_csomorelwood.php:31

actionadmin_initpdf_viewer_by_csomorelwood.php:36

actionadmin_menupdf_viewer_by_csomorelwood.php:41

actioninitpdf_viewer_by_csomorelwood.php:45

actionadmin_initpdf_viewer_by_csomorelwood.php:66

actionsave_postpdf_viewer_by_csomorelwood.php:67

actionadmin_initpdf_viewer_by_csomorelwood.php:127

actionsave_postpdf_viewer_by_csomorelwood.php:128

Maintenance & Trust

PDF lightbox viewer by csomorelwood Maintenance & Trust

Maintenance Signals

WordPress version tested6.2.9

Last updatedApr 25, 2023

PHP min version7.0

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs20

Alternatives

PDF lightbox viewer by csomorelwood Alternatives

Wonder PDF Embed

wonderplugin-pdf-embed

100

Embed PDF to your WordPress website by using Mozilla's PDF.js

9K 1 CVE

PDF Embedder

pdf-embedder

100

Seamlessly embed PDFs into your content, with customizations and intelligent responsive resizing, and no third-party services or iframes.

300K 1 CVE

Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer

3d-flipbook-dflip-lite

Dear Flipbook creates PDF Flipbook, 3D Flipbook, PDF viewer, PDF embed for WordPress sites. Create impressive and realistic 3D flipbooks with PDFs.

200K 8 CVEs

3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery

interactive-3d-flipbook-powered-physics-engine

3D FlipBook is PDF Viewer, allowing to browse images, PDFs or HTMLs as flipbook. Flipbook attracts user attention and makes more impression on him.

80K 9 CVEs

Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files

embed-any-document

Embed PDF, DOC, PPT and XLS documents easily on your WordPress website with the help of Google Docs Viewer or Microsoft Office Online.

50K 4 CVEs

Developer Profile

PDF lightbox viewer by csomorelwood Developer Profile

csomorelwood

5 plugins · 120 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect PDF lightbox viewer by csomorelwood

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/lightbox-pdf-viewer-by-csomor/assets/css/style.css/wp-content/plugins/lightbox-pdf-viewer-by-csomor/assets/js/pdf.min.js/wp-content/plugins/lightbox-pdf-viewer-by-csomor/assets/js/lightbox_pdf_viewer.js

Script Paths

/wp-content/plugins/lightbox-pdf-viewer-by-csomor/assets/js/pdf.min.js/wp-content/plugins/lightbox-pdf-viewer-by-csomor/assets/js/lightbox_pdf_viewer.js

Version Parameters

lightbox-pdf-viewer-by-csomor/assets/css/style.css?ver=lightbox-pdf-viewer-by-csomor/assets/js/pdf.min.js?ver=lightbox-pdf-viewer-by-csomor/assets/js/lightbox_pdf_viewer.js?ver=

HTML / DOM Fingerprints

CSS Classes

lightbox_pdf-cardrounded-boxpdf-shadowopen-lbpdf

HTML Comments

PDF attachment to custom post typeMP3 attachment to custom post typeSet up Options page

Data Attributes

selected_lightbox_pdfselected_lightbox_mp3selected-audio

JS Globals

plugin_urlopenLightBoxPDFView

REST Endpoints

/wp-json/wp/v2/lightbox_pdf_post_type_generated_by_the_god_himself

Shortcode Output

[lbpdfviewr id=type=buttontype=thumbnailaudio=true

FAQ