Does Mathematica Toolbox have any unpatched vulnerabilities?

No. All known vulnerabilities in Mathematica Toolbox have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Mathematica Toolbox compatible with WordPress 4.9.29?

According to WordPress.org data, Mathematica Toolbox 1.0.4 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is Mathematica Toolbox updated?

Mathematica Toolbox was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Mathematica Toolbox's security score?

Mathematica Toolbox has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Mathematica Toolbox Security & Risk Analysis

wordpress.org/plugins/mathematica-toolbox

Improves your website with highlighted Mathematica code, embedded CDFs, and Wolfram Cloud content.

50 active installs v1.0.4 PHP + WP 3.0.1+ Updated Unknown

cdfcomputable-document-formatmathematicastack-exchangewolfram-language

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Mathematica Toolbox Safe to Use in 2026?

Generally Safe

Score 100/100

Mathematica Toolbox has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The mathematica-toolbox v1.0.4 plugin exhibits a mixed security posture. On the positive side, there are no known vulnerabilities (CVEs) recorded, indicating a potentially stable and well-maintained codebase historically. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests is also encouraging.

However, several significant concerns arise from the static analysis. The most critical is the complete lack of output escaping across all 14 detected output points. This exposes the plugin to potential Cross-Site Scripting (XSS) vulnerabilities, where malicious scripts could be injected and executed in the user's browser. Furthermore, the absence of nonce checks and capability checks on the entry points (shortcodes) is a serious oversight. While there are no unprotected AJAX handlers or REST API routes, the shortcodes, which are a considerable part of the attack surface, lack these fundamental security mechanisms. This could lead to unauthorized actions being performed if the shortcodes are susceptible to manipulation.

Given the lack of historical vulnerabilities, it's possible these issues have not been exploited. However, the presence of critical security flaws like unescaped output and missing authorization checks on shortcodes represents a significant risk. The plugin's strengths lie in its clean SQL handling and absence of known CVEs, but these are overshadowed by the immediate and present risks of XSS and potential unauthorized actions.

Key Concerns

No output escaping
No nonce checks on entry points
No capability checks on entry points

Vulnerabilities

None known

Mathematica Toolbox Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Mathematica Toolbox Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped14 total outputs

Attack Surface

Mathematica Toolbox Attack Surface

Entry Points11

Unprotected0

Shortcodes 11

[wlcode] public\Mathematica-WP-Toolbox-public.php:68

[wldoc] public\Mathematica-WP-Toolbox-public.php:99

[WolframCDF] public\Mathematica-WP-Toolbox-public.php:121

[mma_se_user] public\Mathematica-WP-Toolbox-public.php:171

[mma_se_user_answers] public\Mathematica-WP-Toolbox-public.php:209

[mma_se_user_questions] public\Mathematica-WP-Toolbox-public.php:253

[mma_se_questions] public\Mathematica-WP-Toolbox-public.php:297

[mma_se_answers] public\Mathematica-WP-Toolbox-public.php:344

[mma_se_profile_box] public\Mathematica-WP-Toolbox-public.php:394

[WolframCloudAPI] public\Mathematica-WP-Toolbox-public.php:431

[wlinline] public\Mathematica-WP-Toolbox-public.php:480

WordPress Hooks 12

filterthe_contentincludes\Mathematica-WP-Toolbox-loader.php:119

filterthe_contentincludes\Mathematica-WP-Toolbox-loader.php:120

filterupload_mimesincludes\Mathematica-WP-Toolbox.php:146

filterxmlrpc_methodsincludes\Mathematica-WP-Toolbox.php:147

actionadd_meta_boxesincludes\Mathematica-WP-Toolbox.php:149

actionadmin_enqueue_scriptsincludes\Mathematica-WP-Toolbox.php:151

actionadmin_enqueue_scriptsincludes\Mathematica-WP-Toolbox.php:152

actionwp_enqueue_scriptsincludes\Mathematica-WP-Toolbox.php:167

actionwp_enqueue_scriptsincludes\Mathematica-WP-Toolbox.php:168

actioninitincludes\Mathematica-WP-Toolbox.php:170

filterwlcode_render_preincludes\Mathematica-WP-Toolbox.php:171

filterthe_contentincludes\Mathematica-WP-Toolbox.php:172

Maintenance & Trust

Mathematica Toolbox Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedUnknown

PHP min version

Downloads3K

Community Trust

Rating70/100

Number of ratings2

Active installs50

Alternatives

Mathematica Toolbox Alternatives

Wolfram Notebook Embedder

wolfram-notebook-embedder

Publish dynamic blog posts and web pages featuring Wolfram expressions or entire notebooks.

10 No CVEs

Wolfram Alpha

wolframalpha

Adds a Wolfram Alpha search form widget

10 No CVEs

Developer Profile

Mathematica Toolbox Developer Profile

C. E.

1 plugin · 50 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Mathematica Toolbox

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mathematica-toolbox/admin/js/Mathematica-WP-Toolbox-admin.js/wp-content/plugins/mathematica-toolbox/admin/css/Mathematica-WP-Toolbox-admin.css

Script Paths

/wp-content/plugins/mathematica-toolbox/admin/js/Mathematica-WP-Toolbox-admin.js

Version Parameters

mathematica-toolbox/admin/js/Mathematica-WP-Toolbox-admin.js?ver=mathematica-toolbox/admin/css/Mathematica-WP-Toolbox-admin.css?ver=

HTML / DOM Fingerprints

CSS Classes

mathematica-wp-toolbox-shortcodemathematica-wp-toolbox-icon

Data Attributes

id="mathematica-wp-toolbox-shortcode-cdf"id="mathematica-wp-toolbox-shortcode-api"id="mathematica-wp-toolbox-shortcode-wlembedded"id="mathematica-wp-toolbox-shortcode-wlfield"id="mathematica-wp-toolbox-shortcode-wlinline"id="mathematica-wp-toolbox-shortcode-wldoc"+3 more

Shortcode Output

<a id="mathematica-wp-toolbox-shortcode-cdf" class="button add_media mathematica-wp-toolbox-shortcode" title="WolframCDF shortcode">

<a id="mathematica-wp-toolbox-shortcode-api" class="button add_media mathematica-wp-toolbox-shortcode" title="WolframCloudAPI shortcode">

<a id="mathematica-wp-toolbox-shortcode-wlembedded" class="button add_media mathematica-wp-toolbox-shortcode" title="Highlight embedded code shortcode">

<a id="mathematica-wp-toolbox-shortcode-wlfield" class="button add_media mathematica-wp-toolbox-shortcode" title="Highlight custom field code shortcode">

FAQ