Does Social Like Box and Page by WpDevArt have any unpatched vulnerabilities?

No. All known vulnerabilities in Social Like Box and Page by WpDevArt have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Social Like Box and Page by WpDevArt compatible with WordPress 6.9.4?

According to WordPress.org data, Social Like Box and Page by WpDevArt 0.8.45 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Social Like Box and Page by WpDevArt updated?

Social Like Box and Page by WpDevArt was last updated on Dec 8, 2025. Frequent updates are generally a positive security signal.

What is Social Like Box and Page by WpDevArt's security score?

Social Like Box and Page by WpDevArt has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Social Like Box and Page by WpDevArt Security & Risk Analysis

wordpress.org/plugins/like-box

WordPress Facebook Like box plugin will help you to display like box on your website, just add our plugin widget to your sidebar and use it.

6K active installs v0.8.45 PHP + WP 2.9+ Updated Dec 8, 2025

facebookfacebook-like-boxfacebook-like-box-widgetfacebook-pagelike-box

A · Safe

CVEs total2

Unpatched0

Last CVEJan 23, 2023

Plugin page Download

Safety Verdict

Is Social Like Box and Page by WpDevArt Safe to Use in 2026?

Generally Safe

Score 99/100

Social Like Box and Page by WpDevArt has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Jan 23, 2023Updated 3mo ago

Risk Assessment

The "like-box" plugin version 0.8.45 exhibits a mixed security posture. While it demonstrates good practices such as using prepared statements for all SQL queries and performing nonce checks on its entry points, several significant concerns are present. The presence of 5 AJAX handlers, with 4 of them lacking authentication checks, represents a substantial attack surface that could be exploited by unauthenticated users. Furthermore, only 62% of output escaping is properly implemented, indicating a potential for cross-site scripting (XSS) vulnerabilities, a pattern supported by its vulnerability history which shows past XSS issues.

The plugin has a history of 2 known medium-severity vulnerabilities, both of which are currently patched. However, the recurring nature of XSS vulnerabilities in its past suggests a potential weakness in how user-supplied data is handled. Despite the absence of critical or high-severity taint flows in the current static analysis and the use of prepared statements for SQL, the unprotected AJAX handlers and the incomplete output escaping are immediate risks that require attention. Overall, while some security best practices are followed, the unprotected entry points and output sanitization issues present a notable risk.

Key Concerns

Unprotected AJAX handlers
Insufficient output escaping
Past medium severity CVEs

Vulnerabilities

Social Like Box and Page by WpDevArt Security Vulnerabilities

CVEs by Year

2 CVEs in 2023

2023

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2023-0177medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Social Like Box and Page by WpDevArt <= 0.8.40 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Jan 23, 2023 Patched in 0.8.41 (365d)

CVE-2023-23972medium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Social Like Box and Page by WpDevArt <= 0.8.39 - Authenticated (Admin+) Stored Cross Site Scripting

Jan 20, 2023 Patched in 0.8.40 (368d)

Code Analysis

Analyzed Mar 16, 2026

Social Like Box and Page by WpDevArt Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

81 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

62% escaped130 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

save_in_databese (includes\admin_menu.php:319)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Social Like Box and Page by WpDevArt Attack Surface

Entry Points6

Unprotected4

AJAX Handlers 5

authwp_ajax_like_box_window_managerincludes\admin_menu.php:38

authwp_ajax_like_box_page_saveincludes\admin_menu.php:40

authwp_ajax_like_box_send_mailincludes\admin_menu.php:41

authwp_ajax_likeboxfrontendincludes\front_end.php:28

noprivwp_ajax_likeboxfrontendincludes\front_end.php:29

Shortcodes 1

[wpdevart_like_box] includes\front_end.php:35

WordPress Hooks 9

actionmedia_buttonsincludes\admin_menu.php:37

actionwp_footerincludes\front_end.php:31

actionwp_footerincludes\front_end.php:32

filterwp_headincludes\front_end.php:33

actioninitincludes\gutenberg\gutenberg.php:12

actionwidgets_initincludes\widget.php:179

actionadmin_menulike-box.php:52

actioninitlike-box.php:93

actionadmin_headlike-box.php:94

Maintenance & Trust

Social Like Box and Page by WpDevArt Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 8, 2025

PHP min version

Downloads1.2M

Community Trust

Rating84/100

Number of ratings88

Active installs6K

Alternatives

Social Like Box and Page by WpDevArt Alternatives

Creative Like Box

creative-facebook-like-box

This is a simple Facebook Like Box Plugin. By this plugin you can add a widget for your Facebook page.

10 No CVEs

Mongoose Page Plugin

facebook-page-feed-graph-api

100

The most popular way to display the Facebook Page Plugin on your WordPress website. Easy implementation using a shortcode or widget.

10K 1 CVE

Fan Page Widget by ThemeNcode

facebook-fan-page-widget

An widget that will display Facebook Fan page like box. Uses latest API of Facebook (v 16.0)

1K 1 CVE

Responsive Like Box, Like Box Widget

responsive-facebook-like-box

Responsible Facebook Like Box plugin helps you create a simple widgets, shortcode and gutenberg block for facebook like box in WordPress.

1K No CVEs

Easy Social Like Box – Popup – Sidebar Widget

cardoza-facebook-like-box

WP Facebook Like Box Plugin enables you to display the facebook page likes in sidebar widget or popup. Display like button for the posts.

7K 2 CVEs

Developer Profile

Social Like Box and Page by WpDevArt Developer Profile

smplug-in

2 plugins · 6K total installs

trust score

Avg Security Score

92/100

Avg Patch Time

367 days

View full developer profile

Detection Fingerprints

How We Detect Social Like Box and Page by WpDevArt

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/like-box/includes/style/style.css/wp-content/plugins/like-box/includes/style/effects.css/wp-content/plugins/like-box/includes/style/admin-style.css/wp-content/plugins/like-box/includes/javascript/admin-like-box.js/wp-content/plugins/like-box/includes/javascript/front_end_js.js/wp-content/plugins/like-box/includes/gutenberg/block.js/wp-content/plugins/like-box/includes/gutenberg/style.css

Script Paths

/wp-content/plugins/like-box/includes/javascript/admin-like-box.js/wp-content/plugins/like-box/includes/javascript/front_end_js.js/wp-content/plugins/like-box/includes/gutenberg/block.js

HTML / DOM Fingerprints

CSS Classes

desription_classpro_featureinput_placholder_small

Data Attributes

data-likebox

JS Globals

wpda_like_box

REST Endpoints

/wp-json/like_box_window_manager/v1

Shortcode Output

[likebox]

FAQ