Does GS Posts Grid – Recent Posts, Category Posts, Post Filter, Slider & List have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is GS Posts Grid – Recent Posts, Category Posts, Post Filter, Slider & List compatible with WordPress 6.9.4?

According to WordPress.org data, GS Posts Grid – Recent Posts, Category Posts, Post Filter, Slider & List 3.0.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

GS Posts Grid – Recent Posts, Category Posts, Post Filter, Slider & List Security & Risk Analysis

wordpress.org/plugins/posts-grid

GS Posts Grid – A flexible plugin to display posts in Grid, Masonry, Slider, Popup, List, Card, Table, Filter & Justified Gallery views.

100 active installs v3.0.3 PHP 5.6+ WP 4.3+ Updated Mar 10, 2026

latest-postspost-filterpost-gridpost-sliderrecent-posts

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is GS Posts Grid – Recent Posts, Category Posts, Post Filter, Slider & List Safe to Use in 2026?

Generally Safe

Score 100/100

GS Posts Grid – Recent Posts, Category Posts, Post Filter, Slider & List has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The "posts-grid" v3.0.3 plugin demonstrates a generally good security posture with strong adherence to best practices, particularly in its handling of SQL queries and output escaping. The vast majority of SQL queries utilize prepared statements, and over 94% of outputs are properly escaped, which are significant strengths. The plugin also implements a reasonable number of nonce and capability checks. However, the static analysis reveals several concerning areas. A significant portion of the plugin's attack surface, specifically 12 out of 29 entry points (8 AJAX handlers and 4 REST API routes), lack proper authentication or permission checks. Additionally, the taint analysis identified 3 high-severity flows with unsanitized paths, indicating potential for arbitrary code execution or data manipulation if these paths are triggered by user input. The absence of any recorded historical vulnerabilities is positive, but it does not negate the risks identified in the current analysis. The plugin's strengths in secure coding practices are commendable, but the identified unprotected entry points and high-severity taint flows represent significant security risks that need immediate attention.

Key Concerns

Unprotected AJAX handlers (8)
Unprotected REST API routes (4)
High severity taint flows (3)
Flows with unsanitized paths (5)

Vulnerabilities

None known

GS Posts Grid – Recent Posts, Category Posts, Post Filter, Slider & List Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

GS Posts Grid – Recent Posts, Category Posts, Post Filter, Slider & List Release Timeline

v3.0.3Current

v3.0.2

v3.0.1

v3.0.0

v1.2.0

v1.1.9

v1.1.8

v1.1.7

v1.1.6

v1.1.5

v1.1.4

v1.1.3

Code Analysis

Analyzed Mar 16, 2026

GS Posts Grid – Recent Posts, Category Posts, Post Filter, Slider & List Code Analysis

Dangerous Functions

Raw SQL Queries

18 prepared

Unescaped Output

405 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

86% prepared21 total queries

Output Escaping

94% escaped431 total outputs

Data Flows · Security

5 unsanitized

Data Flow Analysis

18 flows5 with unsanitized paths

posts_grid_shorcode_render_callback (includes\elementor\elementor-init.php:37)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

12 unprotected

GS Posts Grid – Recent Posts, Category Posts, Post Filter, Slider & List Attack Surface

Entry Points29

Unprotected12

AJAX Handlers 24

authwp_ajax_gs_posts_grid_create_shortcodeincludes\shortcode-builder\builder.php:26

authwp_ajax_gs_posts_grid_clone_shortcodeincludes\shortcode-builder\builder.php:27

authwp_ajax_gs_posts_grid_get_shortcodeincludes\shortcode-builder\builder.php:28

authwp_ajax_gs_posts_grid_update_shortcodeincludes\shortcode-builder\builder.php:29

authwp_ajax_gs_posts_grid_delete_shortcodesincludes\shortcode-builder\builder.php:30

authwp_ajax_gs_posts_grid_temp_save_shortcode_settingsincludes\shortcode-builder\builder.php:31

authwp_ajax_gs_posts_grid_get_shortcodesincludes\shortcode-builder\builder.php:32

authwp_ajax_gs_posts_grid_get_shortcode_prefincludes\shortcode-builder\builder.php:34

authwp_ajax_gs_posts_grid_save_shortcode_prefincludes\shortcode-builder\builder.php:35

authwp_ajax_gs_posts_grid_get_shortcode_layoutincludes\shortcode-builder\builder.php:37

authwp_ajax_gs_posts_grid_save_shortcode_layoutincludes\shortcode-builder\builder.php:38

authwp_ajax_gs_posts_grid_get_layout_optionsincludes\shortcode-builder\builder.php:43

authwp_ajax_gspg_get_fields_visibility_settingsincludes\shortcode-builder\builder.php:46

authwp_ajax_gspg_save_fields_visibility_settingsincludes\shortcode-builder\builder.php:47

authwp_ajax_update_posts_grid_popup_visibility_orderincludes\shortcode-builder\builder.php:49

authwp_ajax_gs_posts_grid_filterincludes\shortcode.php:17

noprivwp_ajax_gs_posts_grid_filterincludes\shortcode.php:18

authwp_ajax_gs_posts_grid_load_moreincludes\shortcode.php:21

noprivwp_ajax_gs_posts_grid_load_moreincludes\shortcode.php:22

authwp_ajax_gs_posts_grid_ajax_paginationincludes\shortcode.php:25

noprivwp_ajax_gs_posts_grid_ajax_paginationincludes\shortcode.php:26

authwp_ajax_update_post_orderincludes\sortable.php:45

authwp_ajax_update_posts_grid_visibility_orderincludes\sortable.php:46

authwp_ajax_gs_posts_grid_reordering_termsincludes\term-order\term-order.php:160

REST API Routes 4

POST/wp-json/gs-posts-grid/v1/preview-filterintegrations\gutenberg\post-filter\block.php:67

POST/wp-json/gs-posts-grid/v1/previewintegrations\gutenberg\post-grid\block.php:64

POST/wp-json/gs-posts-grid/v1/preview-masonryintegrations\gutenberg\post-masonry\block.php:67

POST/wp-json/gs-posts-grid/v1/preview-sliderintegrations\gutenberg\post-slider\block.php:72

Shortcodes 1

[gs-posts-grid] includes\shortcode.php:11

WordPress Hooks 97

actionswitch_themeincludes\appsero\Insights.php:132

actionswitch_themeincludes\appsero\Insights.php:133

actionadmin_footerincludes\appsero\Insights.php:145

actionadmin_noticesincludes\appsero\Insights.php:162

actionadmin_initincludes\appsero\Insights.php:165

filtercron_schedulesincludes\appsero\Insights.php:171

actionwp_footerincludes\asset-generator\gs-asset-generator-base.php:27

actionpost_updatedincludes\asset-generator\gs-asset-generator-base.php:28

actionsave_postincludes\asset-generator\gs-asset-generator-base.php:29

filterwidget_update_callbackincludes\asset-generator\gs-asset-generator-base.php:30

actionupdate_option_sidebars_widgetsincludes\asset-generator\gs-asset-generator-base.php:31

actiongsp_shortcode_createdincludes\asset-generator\gs-asset-generator-base.php:32

actiongsp_shortcode_updatedincludes\asset-generator\gs-asset-generator-base.php:33

actiongsp_shortcode_deletedincludes\asset-generator\gs-asset-generator-base.php:34

actiongsp_preference_updateincludes\asset-generator\gs-asset-generator-base.php:35

actionelementor/widgets/registerincludes\elementor\elementor-init.php:7

actionelementor/elements/categories_registeredincludes\elementor\elementor-init.php:8

actionelementor/editor/after_enqueue_scriptsincludes\elementor\elementor-init.php:54

actionadmin_noticesincludes\functions.php:303

actioninitincludes\gs-common-pages\gs-logo-common-pages.php:5

actionadmin_menuincludes\gs-common-pages\gs-plugins-common-pages.php:16

actionadmin_enqueue_scriptsincludes\gs-common-pages\gs-plugins-common-pages.php:17

actionadmin_initincludes\hooks.php:12

filterplugin_row_metaincludes\hooks.php:13

actionplugins_loadedincludes\hooks.php:14

actionin_admin_headerincludes\hooks.php:15

filtersingle_templateincludes\hooks.php:18

actionplugins_loadedincludes\init.php:9

actioninitincludes\init.php:44

actioninitincludes\integrations\integration-beaver.php:24

actiondivi_extensions_initincludes\integrations\integration-divi.php:28

actionet_builder_modules_loadedincludes\integrations\integration-divi.php:37

actionwp_enqueue_scriptsincludes\integrations\integration-divi.php:38

actionwp_headincludes\integrations\integration-divi.php:39

actionelementor/widgets/registerincludes\integrations\integration-elementor.php:27

actionelementor/elements/categories_registeredincludes\integrations\integration-elementor.php:28

actionelementor/editor/after_enqueue_scriptsincludes\integrations\integration-elementor.php:30

actionelementor/editor/after_enqueue_stylesincludes\integrations\integration-elementor.php:31

actionelementor/preview/enqueue_stylesincludes\integrations\integration-elementor.php:33

actionelementor/preview/enqueue_scriptsincludes\integrations\integration-elementor.php:34

actioninitincludes\integrations\integration-gutenberg.php:24

actionenqueue_block_editor_assetsincludes\integrations\integration-gutenberg.php:25

actionplugins_loadedincludes\integrations\integration-oxygen.php:23

actioninitincludes\integrations\integration-oxygen.php:24

actionct_builder_startincludes\integrations\integration-oxygen.php:31

actionct_builder_endincludes\integrations\integration-oxygen.php:35

actionwp_enqueue_scriptsincludes\integrations\integration-oxygen.php:56

actiontd_global_afterincludes\integrations\integration-tagdiv.php:24

actionwp_enqueue_scriptsincludes\integrations\integration-tagdiv.php:25

actionadmin_enqueue_scriptsincludes\integrations\integration-tagdiv.php:26

actionvc_before_initincludes\integrations\integration-wpb-vc.php:24

actionadmin_footerincludes\integrations\integration-wpb-vc.php:25

actionadd_meta_boxesincludes\metabox.php:13

actionplugins_loadedincludes\plugin.php:59

actionplugins_loadedincludes\scripts.php:38

actionwp_enqueue_scriptsincludes\scripts.php:39

actionadmin_enqueue_scriptsincludes\scripts.php:40

actionadmin_headincludes\scripts.php:41

actionwp_footerincludes\scripts.php:373

actionadmin_menuincludes\shortcode-builder\builder.php:22

actionadmin_enqueue_scriptsincludes\shortcode-builder\builder.php:23

actionwp_enqueue_scriptsincludes\shortcode-builder\builder.php:24

actiontemplate_includeincludes\shortcode-builder\builder.php:40

actionshow_admin_barincludes\shortcode-builder\builder.php:41

actiontemplate_redirectincludes\shortcode-builder\builder.php:44

actioninitincludes\shortcode-builder\builder.php:51

filtertemplate_includeincludes\shortcode-builder\builder.php:2576

actionwp_headincludes\shortcode-builder\shortcode_builder_fonts_loader.php:33

actionwp_footerincludes\shortcode-builder\shortcode_builder_fonts_loader.php:34

filterposts_orderbyincludes\sortable.php:42

actionadmin_menuincludes\sortable.php:43

actionadmin_enqueue_scriptsincludes\sortable.php:44

actioninitincludes\template-loader.php:26

filterget_terms_orderbyincludes\term-order\term-order.php:125

actionterms_clausesincludes\term-order\term-order.php:126

actioncreate_termincludes\term-order\term-order.php:127

actionedit_termincludes\term-order\term-order.php:128

filterdefault_hidden_columnsincludes\term-order\term-order.php:156

actionadmin_initincludes\term-order\term-order.php:164

actionload-edit-tags.phpincludes\term-order\term-order.php:168

actionadmin_print_scripts-edit-tags.phpincludes\term-order\term-order.php:193

actionadmin_head-edit-tags.phpincludes\term-order\term-order.php:194

actionadmin_head-edit-tags.phpincludes\term-order\term-order.php:195

actionquick_edit_custom_boxincludes\term-order\term-order.php:196

actioninitincludes\term-order\term-order.php:1211

actioninitintegrations\gutenberg\post-filter\block.php:8

actionenqueue_block_editor_assetsintegrations\gutenberg\post-filter\block.php:16

actionrest_api_initintegrations\gutenberg\post-filter\block.php:65

actioninitintegrations\gutenberg\post-grid\block.php:8

actionenqueue_block_editor_assetsintegrations\gutenberg\post-grid\block.php:16

actionrest_api_initintegrations\gutenberg\post-grid\block.php:62

actioninitintegrations\gutenberg\post-masonry\block.php:8

actionenqueue_block_editor_assetsintegrations\gutenberg\post-masonry\block.php:16

actionrest_api_initintegrations\gutenberg\post-masonry\block.php:65

actioninitintegrations\gutenberg\post-slider\block.php:8

actionenqueue_block_editor_assetsintegrations\gutenberg\post-slider\block.php:16

actionrest_api_initintegrations\gutenberg\post-slider\block.php:70

Maintenance & Trust

GS Posts Grid – Recent Posts, Category Posts, Post Filter, Slider & List Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 10, 2026

PHP min version5.6

Downloads13K

Community Trust

Rating84/100

Number of ratings5

Active installs100

Alternatives

GS Posts Grid – Recent Posts, Category Posts, Post Filter, Slider & List Alternatives

Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX

ultimate-post

A highly customizable plugin to create news, magazines, and any kind of blog site with post grid, post filter, post slider, and post blocks.

40K 24 CVEs

Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts

post-carousel

Display posts, pages, and taxonomies in beautiful carousel, slider, and grid layouts with advanced filtering. Customizable, Developer-friendly.

20K 5 CVEs

Advanced Post Block – Showcase Posts with Grid, List, Card Layouts and Filters

advanced-post-block

100

Advanced Post Block lets you add dynamic post grids, lists, sliders, and tickers. Filter content by category, tag, author, or custom post type.

10K 1 CVE

Post Slider

horizontal-post-slider

Post slider is a responsive carousel to slide recent posts with category selection and no.of posts. You can use the post slider in unlimited websites …

20 No CVEs

Pixel Post Grid

pixel-post-grid

100

Beautiful Gutenberg block to display posts in responsive grids, list, AJAX load more & pagination. Lightweight & customizable.

0 No CVEs

Developer Profile

GS Posts Grid – Recent Posts, Category Posts, Post Filter, Slider & List Developer Profile

GS Plugins

19 plugins · 42K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

173 days

View full developer profile

Detection Fingerprints

How We Detect GS Posts Grid – Recent Posts, Category Posts, Post Filter, Slider & List

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/posts-grid/assets/css/style.css/wp-content/plugins/posts-grid/assets/js/gs-posts-grid.js/wp-content/plugins/posts-grid/assets/css/gs-pg-frontend.css/wp-content/plugins/posts-grid/assets/js/gs-pg-frontend.js/wp-content/plugins/posts-grid/assets/js/gs-pg-isotope.js/wp-content/plugins/posts-grid/assets/js/gs-pg-imagesloaded.js/wp-content/plugins/posts-grid/assets/js/gs-pg-infinite-scroll.js/wp-content/plugins/posts-grid/assets/js/gs-pg-owl.js+2 more

Script Paths

/wp-content/plugins/posts-grid/assets/js/gs-posts-grid.js/wp-content/plugins/posts-grid/assets/js/gs-pg-frontend.js/wp-content/plugins/posts-grid/assets/js/gs-pg-isotope.js/wp-content/plugins/posts-grid/assets/js/gs-pg-imagesloaded.js/wp-content/plugins/posts-grid/assets/js/gs-pg-infinite-scroll.js/wp-content/plugins/posts-grid/assets/js/gs-pg-owl.js

Version Parameters

posts-grid/assets/css/style.css?ver=posts-grid/assets/js/gs-posts-grid.js?ver=posts-grid/assets/css/gs-pg-frontend.css?ver=posts-grid/assets/js/gs-pg-frontend.js?ver=posts-grid/assets/js/gs-pg-isotope.js?ver=posts-grid/assets/js/gs-pg-imagesloaded.js?ver=posts-grid/assets/js/gs-pg-infinite-scroll.js?ver=posts-grid/assets/js/gs-pg-owl.js?ver=posts-grid/assets/css/gs-pg-owl.css?ver=posts-grid/assets/css/gs-pg-frontend-gutenberg.css?ver=

HTML / DOM Fingerprints

CSS Classes

gs-posts-gridgs_pg_containergs-post-contentgs-post-catgs-logo-filter-catsgs-post-metags_pg_single--wrappergs-post-filter

HTML Comments

Data Attributes

data-gs-pg-iddata-gs-posts-grid-id

JS Globals

gs_pg_ajax_object

REST Endpoints

/wp-json/gs-posts-grid/v1

Shortcode Output

[gs-posts-grid

FAQ