Does Niso Carousel have any unpatched vulnerabilities?

No. All known vulnerabilities in Niso Carousel have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Niso Carousel compatible with WordPress 5.4.19?

According to WordPress.org data, Niso Carousel 1.1.3 has been tested up to WordPress 5.4.19. Check the plugin's changelog for the latest compatibility information.

How often is Niso Carousel updated?

Niso Carousel was last updated on Apr 12, 2020. Frequent updates are generally a positive security signal.

What is Niso Carousel's security score?

Niso Carousel has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Niso Carousel Security & Risk Analysis

wordpress.org/plugins/niso-carousel

Niso carousel is nice image and video carousel wordpress plugin. You can use this plugin any wordpress site for create carousel.

50 active installs v1.1.3 PHP + WP 4.5+ Updated Apr 12, 2020

animationcaptionimage-carouselmultipul-carouselvideo-carousel

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Niso Carousel Safe to Use in 2026?

Generally Safe

Score 85/100

Niso Carousel has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The niso-carousel plugin v1.1.3 presents a generally good security posture based on the static analysis. The plugin demonstrates strong adherence to secure coding practices by utilizing prepared statements for all SQL queries and implementing nonce and capability checks on its entry points. The absence of any identified dangerous functions, file operations, or external HTTP requests further strengthens its security profile. The total lack of any recorded vulnerabilities in its history is a significant positive indicator, suggesting a mature and well-maintained codebase.

However, a notable concern arises from the output escaping. With 75% of outputs properly escaped, there is still a 25% portion that is not, leaving room for potential cross-site scripting (XSS) vulnerabilities if sensitive data is displayed without adequate sanitization. While taint analysis revealed no flows, this doesn't completely eliminate XSS risk, especially if user-supplied data is not handled carefully within the unescaped outputs. The presence of an outdated bundled library, Select2 v3.0.3, is another area for potential concern, as older versions of libraries can contain known vulnerabilities that are not reflected in the plugin's CVE history but could still be exploited.

Key Concerns

25% of outputs not properly escaped
Bundled outdated library (Select2 v3.0.3)

Vulnerabilities

None known

Niso Carousel Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Niso Carousel Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

157 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

TinyMCESelect23.0.3

Output Escaping

75% escaped210 total outputs

Attack Surface

Niso Carousel Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 2

authwp_ajax_cmb2_oembed_handleradmin\src\cmb2\includes\CMB2_Ajax.php:40

noprivwp_ajax_cmb2_oembed_handleradmin\src\cmb2\includes\CMB2_Ajax.php:41

Shortcodes 1

[ncarousel] includes\niso-carousel-shortcode.php:183

WordPress Hooks 47

filtermce_external_pluginsadmin\niso-button-tinymce.php:20

filtermce_buttonsadmin\niso-button-tinymce.php:21

actionadmin_headadmin\niso-button-tinymce.php:24

actionadmin_initadmin\niso-carousel-admin-role.php:33

filtermanage_niso-carousel_posts_columnsadmin\niso-carousel-column-set.php:62

actionmanage_niso-carousel_posts_custom_columnadmin\niso-carousel-column-set.php:71

actioncmb2_initadmin\niso-carousel-meta-tab.php:19

actionadmin_noticesadmin\niso-carousel-meta-tab.php:961

actioninitadmin\niso-carousel-post.php:61

filterenter_title_hereadmin\niso-carousel-post.php:81

filterpost_updated_messagesadmin\niso-carousel-update-massage.php:47

filtercmb2_render_pw_selectadmin\src\cmb-field-select2\cmb-field-select2.php:28

filtercmb2_render_pw_multiselectadmin\src\cmb-field-select2\cmb-field-select2.php:29

filtercmb2_sanitize_pw_multiselectadmin\src\cmb-field-select2\cmb-field-select2.php:30

filtercmb2_types_esc_pw_multiselectadmin\src\cmb-field-select2\cmb-field-select2.php:31

filtercmb2_repeat_table_row_typesadmin\src\cmb-field-select2\cmb-field-select2.php:32

actionplugins_loadedadmin\src\cmb2\cmb2-conditionals.php:8

actionadmin_initadmin\src\cmb2\cmb2-conditionals.php:18

actionadmin_footeradmin\src\cmb2\cmb2-conditionals.php:19

actioncmb2_save_options-page_fieldsadmin\src\cmb2\includes\CMB2_Ajax.php:43

filterget_post_metadataadmin\src\cmb2\includes\CMB2_Ajax.php:134

filterupdate_post_metadataadmin\src\cmb2\includes\CMB2_Ajax.php:137

filtercmb2_show_onadmin\src\cmb2\includes\CMB2_hookup.php:81

actionadd_meta_boxesadmin\src\cmb2\includes\CMB2_hookup.php:91

actionadd_attachmentadmin\src\cmb2\includes\CMB2_hookup.php:92

actionedit_attachmentadmin\src\cmb2\includes\CMB2_hookup.php:93

actionsave_postadmin\src\cmb2\includes\CMB2_hookup.php:94

actionadd_meta_boxes_commentadmin\src\cmb2\includes\CMB2_hookup.php:100

actionedit_commentadmin\src\cmb2\includes\CMB2_hookup.php:101

actionshow_user_profileadmin\src\cmb2\includes\CMB2_hookup.php:109

actionedit_user_profileadmin\src\cmb2\includes\CMB2_hookup.php:110

actionuser_new_formadmin\src\cmb2\includes\CMB2_hookup.php:111

actionpersonal_options_updateadmin\src\cmb2\includes\CMB2_hookup.php:113

actionedit_user_profile_updateadmin\src\cmb2\includes\CMB2_hookup.php:114

actionuser_registeradmin\src\cmb2\includes\CMB2_hookup.php:115

actioncreated_termadmin\src\cmb2\includes\CMB2_hookup.php:148

actionedited_termsadmin\src\cmb2\includes\CMB2_hookup.php:149

actiondelete_termadmin\src\cmb2\includes\CMB2_hookup.php:151

actioninitadmin\src\cmb2\init.php:119

filtercmb2_render_own_slideradmin\src\cmb2-slider\slider-field.php:15

actioncmb2_before_post_form_metabox_tabsadmin\src\cmb2tab\tab.php:9

actionadmin_enqueue_scriptsadmin\src\cmb2tab\tab.php:36

actionwp_footerincludes\niso-carousel-options.php:214

actionwp_headincludes\niso-carousel-options.php:287

actionwp_enqueue_scriptsniso-carousel.php:68

actionadmin_enqueue_scriptsniso-carousel.php:92

actionplugins_loadedniso-carousel.php:143

Maintenance & Trust

Niso Carousel Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19

Last updatedApr 12, 2020

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs50

Alternatives

Niso Carousel Alternatives

Niso Carousel Slider

niso-carousel-slider

100

Niso carousel slider is a nice post, image and video carousel and slider wordpress plugin.

300 No CVEs

Image Hover Effects for Visual Composer

image-hover-effect-for-visual-composer

Requires at least: 3.5 Tested up to: 4.9 Stable tag: 1.0 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.

10 No CVEs

Home animation slider

home-animation-slider

100

Home animation slider is nice image and text animation slider wordpress plugin. You can use this plugin any wordpress site for create slider.

0 No CVEs

Shader Carousel

shader-carousel

100

A responsive 3D Shader/3D carousel carousel for images and video. Built with Three.js & WebGL. Lightweight, fast, and customizable.

0 No CVEs

Page scroll to id

page-scroll-to-id

Create links that scroll the page smoothly to any id within the document.

100K 2 CVEs

Developer Profile

Niso Carousel Developer Profile

Noor Alam

102 plugins · 29K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

233 days

View full developer profile

Detection Fingerprints

How We Detect Niso Carousel

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/niso-carousel/admin/src/cmb-field-select2/js/select2.min.js/wp-content/plugins/niso-carousel/admin/src/cmb-field-select2/js/script.js/wp-content/plugins/niso-carousel/admin/src/cmb-field-select2/css/select2.min.css/wp-content/plugins/niso-carousel/admin/src/cmb-field-select2/css/style.css

Script Paths

/wp-content/plugins/niso-carousel/admin/src/cmb-field-select2/js/select2.min.js/wp-content/plugins/niso-carousel/admin/src/cmb-field-select2/js/script.js

Version Parameters

niso-carousel/admin/src/cmb-field-select2/js/script.js?ver=niso-carousel/admin/src/cmb-field-select2/css/style.css?ver=

HTML / DOM Fingerprints

CSS Classes

pw_select2pw_selectpw_multiselect

Data Attributes

data-placeholder

JS Globals

PW_CMB2_Field_Select2

FAQ