WP-Safety

Lightbox Pop – Responsive Lightbox Security & Risk Analysis

wordpress.org/plugins/lightbox-pop

Create a simple, non-annoying, responsive lightbox popup in your blog.

200 active installs v2.3.3 PHP 5.0+ WP 2.8+ Updated Jun 7, 2018
lightboxlightbox-poppopupresponsive-lightboxresponsive-popup
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Lightbox Pop – Responsive Lightbox Safe to Use in 2026?

Generally Safe

Score 85/100

Lightbox Pop – Responsive Lightbox has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago
Risk Assessment

The "lightbox-pop" v2.3.3 plugin exhibits a mixed security posture. While the plugin has no recorded vulnerability history, indicating a potentially well-maintained or less targeted codebase, the static analysis reveals several areas of concern. A significant weakness lies in its attack surface, with two of its five entry points (AJAX handlers) lacking proper authentication checks. This could allow unauthorized users to trigger plugin functionalities. Furthermore, the complete absence of prepared statements for its SQL queries is a critical vulnerability, potentially exposing the plugin to SQL injection attacks. The low percentage of properly escaped output (17%) also suggests a high risk of cross-site scripting (XSS) vulnerabilities, as user-supplied data is likely being rendered directly into the page without sufficient sanitization.

Key Concerns

  • Unprotected AJAX handlers
  • SQL queries without prepared statements
  • Low percentage of properly escaped output
Vulnerabilities
None known

Lightbox Pop – Responsive Lightbox Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Lightbox Pop – Responsive Lightbox Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
0 prepared
Unescaped Output
191
40 escaped
Nonce Checks
5
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

TinyMCE

SQL Query Safety

0% prepared2 total queries

Output Escaping

17% escaped231 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
<header> (admin\header.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Lightbox Pop – Responsive Lightbox Attack Surface

Entry Points5
Unprotected2

AJAX Handlers 3

authwp_ajax_xyz_lbx_ajax_backlinkadmin\ajax-backlink.php:3
authwp_ajax_xyz_lbx_actioncreate-lightbox.php:34
noprivwp_ajax_xyz_lbx_actioncreate-lightbox.php:35

Shortcodes 2

[xyz_lbx_default_code] shortcode-handler.php:10
[xyz_lbx_default_code] shortcode-handler.php:15
WordPress Hooks 13
actionadmin_noticesadmin\admin-notices.php:67
actionadmin_menuadmin\menu.php:5
actionadmin_enqueue_scriptsadmin\menu.php:74
filtertiny_mce_before_initadmin\tinymce_filters.php:13
filterformat_for_editoradmin\tinymce_filters.php:28
actionafter_wp_tiny_mceadmin\tinymce_filters.php:53
actionget_footercreate-lightbox.php:6
actionget_footercreate-lightbox.php:10
actionwpcreate-lightbox.php:17
actionwp_footerlightbox-pop.php:58
filterquery_varslightbox-pop.php:72
actionparse_requestlightbox-pop.php:83
filterplugin_row_metaxyz-functions.php:18
Maintenance & Trust

Lightbox Pop – Responsive Lightbox Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29
Last updatedJun 7, 2018
PHP min version5.0
Downloads206K

Community Trust

Rating48/100
Number of ratings23
Active installs200
Alternatives

Lightbox Pop – Responsive Lightbox Alternatives

WP Lightbox 2

WP Lightbox 2

wp-lightbox-2

A
96

WP Lightbox 2 adds stunning lightbox effects to images and galleries on your WordPress site.

30K 3 CVEs
WP Magnific Lightbox

WP Magnific Lightbox

wp-magnific-lightbox

A
85

WP Magnific will allow users to add responsive popup Images, Videos and Maps easily from the backend. Users can generate the shortcodes from Wordpress &hellip;

10 No CVEs
Lightbox & Modal Popup WordPress Plugin – FooBox

Lightbox & Modal Popup WordPress Plugin – FooBox

foobox-image-lightbox

A
94

A responsive image lightbox for WordPress galleries, WordPress attachments & FooGallery

100K 5 CVEs
Video PopUp

Video PopUp

video-popup

A
100

The ultimate Video Popup plugin for WordPress. Create unlimited and responsive popups for YouTube, Vimeo, MP4 & WebM videos on click or On-Page Load.

20K 1 CVE
ARI Fancy Lightbox – Popup for WordPress

ARI Fancy Lightbox – Popup for WordPress

ari-fancy-lightbox

A
97

Lightbox for WordPress with social and viral features. Show photos, gallery, PDF, videos, WooCommerce images, inline content, Google Maps links.

10K 3 CVEs
Developer Profile

Lightbox Pop – Responsive Lightbox Developer Profile

f1logic

15 plugins · 142K total installs

73
trust score
Avg Security Score
92/100
Avg Patch Time
352 days
View full developer profile
Detection Fingerprints

How We Detect Lightbox Pop – Responsive Lightbox

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/lightbox-pop/css/style.css/wp-content/plugins/lightbox-pop/js/notice.js/wp-content/plugins/lightbox-pop/lbx_request.js
Script Paths
wp-content/plugins/lightbox-pop/js/notice.jswp-content/plugins/lightbox-pop/lbx_request.js
Version Parameters
lightbox-pop/css/style.css?ver=lightbox-pop/js/notice.js?ver=lbx_request.js?ver=

HTML / DOM Fingerprints

CSS Classes
xyz_lbx_container
Data Attributes
xyz_lbx_ajax_object
JS Globals
xyz_lbx_ajax_object
REST Endpoints
/wp-json/wp/v2/users/
FAQ

Frequently Asked Questions about Lightbox Pop – Responsive Lightbox