WP-Safety

Oswald Lite Extension Security & Risk Analysis

wordpress.org/plugins/oswald-lite-extension

This powerful plugin lets you extend the functionality of the Oswald WordPress Theme.

50 active installs v1.0.4.3 PHP 5.6+ WP 4.6+ Updated Apr 9, 2019
blogmodernportfolioresponsivewoocommerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Oswald Lite Extension Safe to Use in 2026?

Generally Safe

Score 85/100

Oswald Lite Extension has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago
Risk Assessment

The "oswald-lite-extension" v1.0.4.3 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices regarding SQL queries by exclusively using prepared statements and shows excellent output escaping, with 98% of outputs properly handled. It also has a clean vulnerability history with no known CVEs, suggesting a history of secure development or a lack of discovered vulnerabilities.

However, significant concerns arise from its attack surface. The plugin exposes two AJAX handlers, both of which lack authentication checks. This is a critical security flaw as it allows any unauthenticated user to potentially trigger arbitrary actions within the plugin, leading to various exploits such as privilege escalation or denial-of-service attacks. The absence of nonce checks on these AJAX handlers exacerbates this risk.

While the taint analysis shows no identified unsanitized paths, the unprotected AJAX endpoints are a major vulnerability that could be exploited before any taint analysis would even be relevant in a real-world attack scenario. The plugin's strengths in SQL and output handling are overshadowed by the fundamental insecurity of its entry points. A balanced conclusion is that while the plugin avoids common SQL injection and XSS pitfalls in its code, its unprotected AJAX endpoints represent a severe and immediate security risk.

Key Concerns

  • Unprotected AJAX handlers
  • Missing nonce checks on AJAX handlers
Vulnerabilities
None known

Oswald Lite Extension Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Oswald Lite Extension Release Timeline

No version history available.
Code Analysis
Analyzed Mar 16, 2026

Oswald Lite Extension Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
7
278 escaped
Nonce Checks
0
Capability Checks
2
File Operations
0
External Requests
1
Bundled Libraries
1

Bundled Libraries

TinyMCE

Output Escaping

98% escaped285 total outputs
Attack Surface
2 unprotected

Oswald Lite Extension Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_add_like_attachmentincludes\theme-adding-functions.php:152
noprivwp_ajax_add_like_attachmentincludes\theme-adding-functions.php:153
WordPress Hooks 36
filterimage_resize_dimensionsincludes\aq_resizer.php:64
actioncustomize_registerincludes\customizer\class-oswald-customizer.php:46
filterrwmb_meta_boxesincludes\metabox_config.php:8
filterrwmb_meta_boxesincludes\metabox_config.php:100
filterrwmb_meta_boxesincludes\metabox_config.php:152
filterrwmb_meta_boxesincludes\metabox_config.php:299
filterrwmb_meta_boxesincludes\metabox_config.php:350
filterrwmb_meta_boxesincludes\metabox_config.php:456
filterrwmb_meta_boxesincludes\metabox_config.php:1053
filterrwmb_meta_boxesincludes\metabox_config.php:1088
filterrwmb_meta_boxesincludes\metabox_config.php:1380
filterrwmb_meta_boxesincludes\metabox_config.php:2160
filterrwmb_meta_boxesincludes\metabox_config.php:2236
filterrwmb_meta_boxesincludes\metabox_config.php:2261
filtermce_external_pluginsincludes\theme-adding-functions.php:221
filtermce_buttons_3includes\theme-adding-functions.php:222
filtermce_buttons_2includes\theme-adding-functions.php:223
actioninitincludes\theme-adding-functions.php:226
filtertiny_mce_before_initincludes\theme-adding-functions.php:274
actioncurrent_screenincludes\theme-adding-functions.php:282
actionadmin_enqueue_scriptsincludes\theme-adding-functions.php:291
actionafter_setup_themeincludes\theme-adding-functions.php:294
actionwoocommerce_single_product_summaryincludes\theme-adding-functions.php:427
actionoswald_extend_front_pageincludes\theme-adding-functions.php:595
actionoswald_extend_frontpage_contentincludes\theme-adding-functions.php:601
actionoswald_extend_frontpage_contentincludes\theme-adding-functions.php:608
actionoswald_extend_frontpage_contentincludes\theme-adding-functions.php:615
actionoswald_extend_frontpage_contentincludes\theme-adding-functions.php:622
actionoswald_extend_frontpage_contentincludes\theme-adding-functions.php:629
actionoswald_extend_frontpage_contentincludes\theme-adding-functions.php:636
actionoswald_extend_frontpage_contentincludes\theme-adding-functions.php:643
actionoswald_extend_frontpage_contentincludes\theme-adding-functions.php:650
actionoswald_extend_frontpage_contentincludes\theme-adding-functions.php:657
actionplugins_loadedoswald-lite-extension.php:38
filterpre_set_site_transient_update_pluginsoswald-lite-extension.php:39
actionadmin_noticesoswald-lite-extension.php:61
Maintenance & Trust

Oswald Lite Extension Maintenance & Trust

Maintenance Signals

WordPress version tested5.1.22
Last updatedApr 9, 2019
PHP min version5.6
Downloads6K

Community Trust

Rating0/100
Number of ratings0
Active installs50
Alternatives

Oswald Lite Extension Alternatives

Sliding Cart for WooCommerce by FunnelKit – Skip Cart & Reach WooCommerce Checkout Faster

Sliding Cart for WooCommerce by FunnelKit – Skip Cart & Reach WooCommerce Checkout Faster

cart-for-woocommerce

A
100

FunnelKit Cart adds a beautiful sliding cart to your WooCommerce store. Let the buyers add items, edit quantity and add upsells on the side cart.

30K No CVEs
PowerFolio – Portfolio & Image Gallery for Elementor

PowerFolio – Portfolio & Image Gallery for Elementor

portfolio-elementor

A
96

A powerful portfolio and gallery plugin for WP, Elementor and Gutenberg. Create portfolio and image galleries in seconds using any page builder!

10K 4 CVEs
Qode Essential Addons

Qode Essential Addons

qode-essential-addons

A
98

Qode Essential Addons enhances themes with various functionalities- Portfolio post type, Portfolio List, Blog List & Product List shortcodes and more.

10K 2 CVEs
Sight – Professional Image Gallery and Portfolio

Sight – Professional Image Gallery and Portfolio

sight

A
99

Introducing Sight — a fast & simple way to create professional looking portfolios and neatly stunning image and video galleries — all with zero co …

4K 1 CVE
Filter Gallery

Filter Gallery

filter-gallery

A
100

Build a responsive filter gallery for your portfolio. Organize images with filters in a stunning grid or masonry layout easily.

3K 1 CVE
Developer Profile

Oswald Lite Extension Developer Profile

wpDataTables

11 plugins · 71K total installs

71
trust score
Avg Security Score
88/100
Avg Patch Time
924 days
View full developer profile
Detection Fingerprints

How We Detect Oswald Lite Extension

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/oswald-lite-extension/assets/css/frontend.css/wp-content/plugins/oswald-lite-extension/assets/js/frontend.js
Version Parameters
oswald-lite-extension/assets/css/frontend.css?ver=oswald-lite-extension/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

HTML Comments
<!-- Adding functions for theme -->
FAQ

Frequently Asked Questions about Oswald Lite Extension