Does Lightbox with PhotoSwipe have any unpatched vulnerabilities?

No. All known vulnerabilities in Lightbox with PhotoSwipe have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Lightbox with PhotoSwipe compatible with WordPress 6.9.4?

According to WordPress.org data, Lightbox with PhotoSwipe 5.8.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Lightbox with PhotoSwipe updated?

Lightbox with PhotoSwipe was last updated on Feb 26, 2026. Frequent updates are generally a positive security signal.

What is Lightbox with PhotoSwipe's security score?

Lightbox with PhotoSwipe has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Lightbox with PhotoSwipe Security & Risk Analysis

wordpress.org/plugins/lightbox-photoswipe

Integration of PhotoSwipe (http://photoswipe.com) for WordPress.

20K active installs v5.8.3 PHP + WP 5.3+ Updated Feb 26, 2026

attachmentsgalleryimageslightboxphotoswipe

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Lightbox with PhotoSwipe Safe to Use in 2026?

Generally Safe

Score 100/100

Lightbox with PhotoSwipe has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "lightbox-photoswipe" plugin v5.8.3 exhibits a generally good security posture based on the provided static analysis. The absence of any known CVEs and a lack of critical or high-severity taint flows are positive indicators. The plugin also demonstrates responsible coding practices by utilizing prepared statements for a significant portion of its SQL queries and performing a respectable number of file operations with a single nonce check present. However, there are notable areas for improvement. The most significant concern is the low percentage of properly escaped output (16%), which suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities. While the attack surface is small, the lack of explicit capability checks for the single shortcode entry point could also present a potential risk if the shortcode performs sensitive operations.

Key Concerns

Low output escaping percentage (16%)
No capability checks for shortcode

Vulnerabilities

None known

Lightbox with PhotoSwipe Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Lightbox with PhotoSwipe Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

140

26 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

80% prepared5 total queries

Output Escaping

16% escaped166 total outputs

Attack Surface

Lightbox with PhotoSwipe Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[gallery] src\LightboxPhotoSwipe\LightboxPhotoSwipe.php:70

WordPress Hooks 11

filterscript_loader_tagsrc\LightboxPhotoSwipe\LightboxPhotoSwipe.php:63

actionwp_enqueue_scriptssrc\LightboxPhotoSwipe\LightboxPhotoSwipe.php:64

actionwp_footersrc\LightboxPhotoSwipe\LightboxPhotoSwipe.php:65

actionwp_headsrc\LightboxPhotoSwipe\LightboxPhotoSwipe.php:66

filterthe_contentsrc\LightboxPhotoSwipe\LightboxPhotoSwipe.php:67

filterrender_blocksrc\LightboxPhotoSwipe\LightboxPhotoSwipe.php:71

actioninitsrc\LightboxPhotoSwipe\LightboxPhotoSwipe.php:74

actionadmin_menusrc\LightboxPhotoSwipe\LightboxPhotoSwipe.php:75

actionadmin_initsrc\LightboxPhotoSwipe\LightboxPhotoSwipe.php:76

actionadd_meta_boxessrc\LightboxPhotoSwipe\LightboxPhotoSwipe.php:80

actionsave_postsrc\LightboxPhotoSwipe\LightboxPhotoSwipe.php:81

Maintenance & Trust

Lightbox with PhotoSwipe Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 26, 2026

PHP min version

Downloads938K

Community Trust

Rating98/100

Number of ratings113

Active installs20K

Alternatives

Lightbox with PhotoSwipe Alternatives

PhotoSwipe

photo-swipe

A very light implementation of PhotoSwipe javascript plugin for WordPress

1K No CVEs

Lightbox & Modal Popup WordPress Plugin – FooBox

foobox-image-lightbox

A responsive image lightbox for WordPress galleries, WordPress attachments & FooGallery

100K 5 CVEs

Responsive Lightbox & Gallery

responsive-lightbox

The most popular lightbox plugin and responsive gallery builder for WordPress.

100K 13 CVEs

Cleaner Gallery

cleaner-gallery

A cleaner WordPress [gallery] that integrates with multiple Lightbox-type scripts.

2K No CVEs

Import external attachments

import-external-attachments

Makes local copies of all the linked images and pdfs in a post, adding them as gallery attachments.

2K 2 unpatched

Developer Profile

Lightbox with PhotoSwipe Developer Profile

Arno Welzel

5 plugins · 29K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

364 days

View full developer profile

Detection Fingerprints

How We Detect Lightbox with PhotoSwipe

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/lightbox-photoswipe/assets/ps5/frontend.js/wp-content/plugins/lightbox-photoswipe/assets/ps5/lib/photoswipe-local.css/wp-content/plugins/lightbox-photoswipe/assets/ps5/dynamic-caption/photoswipe-dynamic-caption-plugin.css/wp-content/plugins/lightbox-photoswipe/assets/ps5/frontend.min.js/wp-content/plugins/lightbox-photoswipe/assets/ps5/styles/main.css/wp-content/plugins/lightbox-photoswipe/src/lib/photoswipe.js/wp-content/plugins/lightbox-photoswipe/src/lib/photoswipe-ui-default.js/wp-content/plugins/lightbox-photoswipe/src/js/frontend.js+1 more

Script Paths

/wp-content/plugins/lightbox-photoswipe/assets/ps5/frontend.js/wp-content/plugins/lightbox-photoswipe/assets/ps5/frontend.min.js/wp-content/plugins/lightbox-photoswipe/src/lib/photoswipe.js/wp-content/plugins/lightbox-photoswipe/src/lib/photoswipe-ui-default.js/wp-content/plugins/lightbox-photoswipe/src/js/frontend.js/wp-content/plugins/lightbox-photoswipe/assets/ps4/scripts.js

Version Parameters

lightbox-photoswipe/assets/ps5/frontend.js?ver=lightbox-photoswipe/assets/ps5/lib/photoswipe-local.css?ver=lightbox-photoswipe/assets/ps5/dynamic-caption/photoswipe-dynamic-caption-plugin.css?ver=lightbox-photoswipe/assets/ps5/frontend.min.js?ver=lightbox-photoswipe/assets/ps5/styles/main.css?ver=lightbox-photoswipe/src/lib/photoswipe.js?ver=lightbox-photoswipe/src/lib/photoswipe-ui-default.js?ver=lightbox-photoswipe/src/js/frontend.js?ver=lightbox-photoswipe/assets/ps4/scripts.js?ver=

HTML / DOM Fingerprints

CSS Classes

pswp--svgpswp__ui--hiddenpswp__containerpswp__itempswp__imgpswp__zoom-wrappswp__bgpswp__caption+22 more

HTML Comments

Plugin Name: Lightbox with PhotoSwipePlugin URI: https://wordpress.org/plugins/lightbox-photoswipe/Description: Lightbox with PhotoSwipeAuthor: Arno Welzel+32 more

Data Attributes

data-pswp-uiddata-pswp-widthdata-pswp-heightdata-pswp-img-srcdata-pswp-captiondata-pswp-description

JS Globals

PhotoSwipePhotoSwipeUI_Defaultlbwps_options

REST Endpoints

/wp-json/lightbox-photoswipe/v1/options/wp-json/lightbox-photoswipe/v1/get_image_details

Shortcode Output

[gallery<figure class="wp-block-gallery

FAQ