Does Magic Author Box have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Magic Author Box compatible with WordPress 6.9.4?

According to WordPress.org data, Magic Author Box 1.0.8 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Magic Author Box updated?

Magic Author Box was last updated on Jan 6, 2026. Frequent updates are generally a positive security signal.

What is Magic Author Box's security score?

Magic Author Box has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Magic Author Box Security & Risk Analysis

wordpress.org/plugins/magic-author-box

Display responsive customized author box with social icons on posts. Fully customizable templates for each author with separate UI design.

0 active installs v1.0.8 PHP + WP 3.5+ Updated Jan 6, 2026

author-bioauthor-boxauthor-profileauthor-social-iconsresponsive-author-box

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Magic Author Box Safe to Use in 2026?

Generally Safe

Score 100/100

Magic Author Box has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The magic-author-box plugin v1.0.8 demonstrates a generally strong security posture based on the static analysis provided. The plugin exhibits good practices by utilizing prepared statements for all SQL queries, implementing nonce checks for interactions, and performing capability checks to restrict access. The high percentage of properly escaped output further mitigates the risk of cross-site scripting (XSS) vulnerabilities. The absence of dangerous functions, file operations, and external HTTP requests also reduces the attack surface and potential for exploitation.

While the static analysis reveals no critical or high-severity issues in taint analysis, and the plugin has no recorded vulnerability history, there are minor areas for improvement. The single shortcode represents an entry point that, while not explicitly flagged as unprotected, could be a potential vector if not handled with care. The 91% output escaping, while good, means that 9% of outputs are not properly escaped, leaving a small but present risk of XSS.

Overall, the plugin appears to be developed with security in mind. The lack of past vulnerabilities is a positive indicator, suggesting a consistent focus on security. The strengths lie in its robust SQL handling, nonce usage, and capability checks. The main weakness is the small percentage of unescaped output, which, while not critical, is a known potential entry point for attackers. Continued vigilance in ensuring all output is properly escaped would further enhance its security.

Key Concerns

Unescaped output detected

Vulnerabilities

None known

Magic Author Box Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Magic Author Box Release Timeline

No version history available.

Code Analysis

Analyzed Mar 17, 2026

Magic Author Box Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

195 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

91% escaped215 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

mabox_template_metabox_callback (admin\class-author-box-meta-box.php:458)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Magic Author Box Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[mabox-author-box] includes\class-author-box.php:248

WordPress Hooks 29

actionadmin_initadmin\class-author-box-admin.php:62

actionadmin_initadmin\class-author-box-admin.php:65

filteradmin_footer_textadmin\class-author-box-admin.php:68

actionadd_meta_boxesadmin\class-author-box-meta-box.php:375

actionsave_postadmin\class-author-box-meta-box.php:376

actionshow_user_profileadmin\class-author-box-user-profile.php:15

actionedit_user_profileadmin\class-author-box-user-profile.php:16

actionshow_user_profileadmin\class-author-box-user-profile.php:19

actionedit_user_profileadmin\class-author-box-user-profile.php:20

actionshow_user_profileadmin\class-author-box-user-profile.php:23

actionedit_user_profileadmin\class-author-box-user-profile.php:24

actionpersonal_options_updateadmin\class-author-box-user-profile.php:26

actionedit_user_profile_updateadmin\class-author-box-user-profile.php:27

filterpre_user_descriptionadmin\class-author-box-user-profile.php:31

actionadmin_noticesincludes\author-box-functions.php:75

actioninitincludes\author-box-post-types.php:48

actionmabox_admin_previewincludes\class-author-box-previewer.php:51

actionadmin_enqueue_scriptsincludes\class-author-box-previewer.php:54

filterget_avatarincludes\class-author-box.php:97

actionplugins_loadedincludes\class-author-box.php:206

actionadmin_menuincludes\class-author-box.php:222

actionadmin_enqueue_scriptsincludes\class-author-box.php:223

actionadmin_enqueue_scriptsincludes\class-author-box.php:224

filterplugin_action_linksincludes\class-author-box.php:226

actionwp_enqueue_scriptsincludes\class-author-box.php:244

actionwp_enqueue_scriptsincludes\class-author-box.php:245

filtermabox_check_if_showincludes\class-author-box.php:250

filterthe_contentincludes\class-author-box.php:254

actionwp_footerincludes\class-author-box.php:258

Maintenance & Trust

Magic Author Box Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 6, 2026

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Magic Author Box Alternatives

Simple Author Box

simple-author-box

Add a responsive author box or guest author box with social icons to any post. Great author box for any site!

80K 2 CVEs

Cool Author Box – For Widget and Post Content

hm-cool-author-box-widget

Cool Author Box displays an responsive author box with social media links to your widget and post content area.

500 2 CVEs

Smart Author Box Widget

smart-author-box-widget

Smart Author Box Widget displays author bio box with an image, description, and social links—perfect for multi-author blogs and personal sites.

70 No CVEs

WP Author Profile Box Lite

wp-author-profile-box-lite

WP Author Profile Box Lite is an easy way to highlight author of your WordPress posts.

20 No CVEs

Meta Author Box

meta-author-box

Add a responsive custom author box. Great author box for any site!

0 No CVEs

Developer Profile

Magic Author Box Developer Profile

WeblineIndia

14 plugins · 5K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

54 days

View full developer profile

Detection Fingerprints

How We Detect Magic Author Box

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/magic-author-box/admin/css/mabox-admin-style.css/wp-content/plugins/magic-author-box/admin/js/mabox-admin-script.js/wp-content/plugins/magic-author-box/public/css/magic-author-box.css/wp-content/plugins/magic-author-box/public/js/magic-author-box.js

Script Paths

/wp-content/plugins/magic-author-box/admin/js/mabox-admin-script.js/wp-content/plugins/magic-author-box/public/js/magic-author-box.js

Version Parameters

/wp-content/plugins/magic-author-box/admin/css/mabox-admin-style.css?ver=/wp-content/plugins/magic-author-box/admin/js/mabox-admin-script.js?ver=/wp-content/plugins/magic-author-box/public/css/magic-author-box.css?ver=/wp-content/plugins/magic-author-box/public/js/magic-author-box.js?ver=

HTML / DOM Fingerprints

CSS Classes

wrap-ma-boxinner-ma-boxleft-box-ma-boxright-box-ma-box

Data Attributes

data-settings-option

JS Globals

mabox_object

FAQ