Does PPM Carousel have any unpatched vulnerabilities?

No. All known vulnerabilities in PPM Carousel have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is PPM Carousel compatible with WordPress 3.5.2?

According to WordPress.org data, PPM Carousel 1.1 has been tested up to WordPress 3.5.2. Check the plugin's changelog for the latest compatibility information.

How often is PPM Carousel updated?

PPM Carousel was last updated on Jul 16, 2013. Frequent updates are generally a positive security signal.

What is PPM Carousel's security score?

PPM Carousel has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

PPM Carousel Security & Risk Analysis

wordpress.org/plugins/ppm-carousel

This plugin will add a responsive carousel image slideshow. You can use several way for embedding a Carousel.

100 active installs v1.1 PHP + WP 3.3+ Updated Jul 16, 2013

carouseljquery-carousel

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is PPM Carousel Safe to Use in 2026?

Generally Safe

Score 85/100

PPM Carousel has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The plugin "ppm-carousel" v1.1 exhibits a mixed security posture. On the positive side, the absence of known CVEs and the use of prepared statements for all SQL queries are strong indicators of responsible development and a good security history. The plugin also shows no file operations, external HTTP requests, or bundled libraries, which reduces potential attack vectors.

However, there are significant areas of concern. The code analysis reveals that 100% of the single detected output is not properly escaped, posing a high risk of Cross-Site Scripting (XSS) vulnerabilities. The lack of any nonce or capability checks across all entry points (AJAX, REST API, and shortcodes) is another critical weakness, allowing unauthenticated users to potentially trigger plugin functionality. The taint analysis showing zero flows is somewhat reassuring, but this is likely due to the absence of complex data processing within the plugin. The overall lack of security checks on its entry points is a major oversight.

Key Concerns

0% output escaping
0 capability checks
0 nonce checks

Vulnerabilities

None known

PPM Carousel Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

PPM Carousel Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped1 total outputs

Attack Surface

PPM Carousel Attack Surface

Entry Points3

Unprotected0

Shortcodes 3

[ppmcarosel] plugin-hook.php:47

[ppmimages] plugin-hook.php:52

[ppm_all_carousel] plugin-hook.php:94

WordPress Hooks 6

actioninitcarousel-img-type.php:31

actiondo_meta_boxescarousel-img-type.php:34

actioninitplugin-hook.php:20

filtermce_external_pluginsplugin-hook.php:57

filtermce_buttonsplugin-hook.php:58

actioninitplugin-hook.php:70

Maintenance & Trust

PPM Carousel Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2

Last updatedJul 16, 2013

PHP min version

Downloads20K

Community Trust

Rating82/100

Number of ratings16

Active installs100

Alternatives

PPM Carousel Alternatives

Bx Carousel Ultimate

bx-carousel-ultimate

Bx Carousel Ultimate Wordpress is a jQuery supper awesome carousel for your theme. By Installing this plugin you will get eye catching carousel.

10 No CVEs

E-carousel

e-carousel

100

E-carousel by http://www.webegenius.es/

10 No CVEs

Smart Slider 3

smart-slider-3

Responsive slider plugin to create sliders in visual editor easily. Build beautiful image slider, layer slider, video slider, post slider, and more.

800K 7 CVEs

Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider

ml-slider

Slider, gallery, carousel plugin for WordPress. Build your image slider, video slider, post slider, YouTube slider, or WooCommerce product slider.

500K 12 CVEs

WP Shortcodes Plugin — Shortcodes Ultimate

shortcodes-ultimate

A comprehensive collection of visual components for your site

400K 32 CVEs

Developer Profile

PPM Carousel Developer Profile

perfectpointmarketing

5 plugins · 710 total installs

trust score

Avg Security Score

88/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect PPM Carousel

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ppm-carousel/js/jquery.carouFredSel-6.2.1-packed.js/wp-content/plugins/ppm-carousel/js/helper-plugins/plugin-helper.js/wp-content/plugins/ppm-carousel/js/active.js/wp-content/plugins/ppm-carousel/css/plugin-style.css

Script Paths

/wp-content/plugins/ppm-carousel/js/jquery.carouFredSel-6.2.1-packed.js/wp-content/plugins/ppm-carousel/js/helper-plugins/plugin-helper.js/wp-content/plugins/ppm-carousel/js/active.js

HTML / DOM Fingerprints

CSS Classes

image_carouselppm_all_carouselvia_shortcode

Shortcode Output

<div class="image_carousel"><div id="foo2"><a class="prev" id="foo2_prev" href="#"><span>prev</span></a><a class="next" id="foo2_next" href="#"><span>next</span></a><div class="clearfix"></div>

FAQ