Does ReformBox have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is ReformBox compatible with WordPress 6.9.4?

According to WordPress.org data, ReformBox 0.3.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is ReformBox compatible with PHP 7.4+?

ReformBox requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is ReformBox updated?

ReformBox was last updated on Mar 26, 2026. Frequent updates are generally a positive security signal.

What is ReformBox's security score?

ReformBox has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ReformBox Security & Risk Analysis

wordpress.org/plugins/reformbox

Universal Lightbox for WordPress – lightbox support for Group, Paragraph, Video blocks with poster images, and core Image workflows.

0 active installs v0.3.3 PHP 7.4+ WP 6.4+ Updated Mar 26, 2026

blocksgutenberglightboxmodalpopup

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is ReformBox Safe to Use in 2026?

Generally Safe

Score 100/100

ReformBox has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

Based on the static analysis, reformbox v0.3.3 exhibits a strong security posture. The absence of any dangerous functions, file operations, external HTTP requests, or SQL queries not using prepared statements is highly positive. Furthermore, all identified output is properly escaped, and the plugin appears to handle permissions appropriately with a capability check present. The lack of any known CVEs or recorded vulnerabilities in its history suggests a well-maintained and secure codebase.

The attack surface is also minimal, with no AJAX handlers, REST API routes, shortcodes, or cron events, and importantly, no unprotected entry points. The taint analysis revealed no flows with unsanitized paths, indicating a low risk of injection vulnerabilities. The only potential area for slight concern is the absence of nonce checks. While the current attack surface is zero, the inclusion of nonces is a standard practice for preventing CSRF attacks if entry points were to be introduced in future versions.

In conclusion, reformbox v0.3.3 is a remarkably secure plugin. Its adherence to secure coding practices, minimal attack surface, and clean vulnerability history make it appear very safe. The sole point of note is the absence of nonce checks, which is a minor consideration given the current lack of exploitable entry points.

Key Concerns

Missing nonce checks

Vulnerabilities

None known

ReformBox Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

ReformBox Release Timeline

v0.3.3Current

v0.3.2

Code Analysis

Analyzed Apr 16, 2026

ReformBox Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

22 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped22 total outputs

Attack Surface

ReformBox Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 10

actionenqueue_block_editor_assetsincludes/class-reformbox.php:70

actionenqueue_block_assetsincludes/class-reformbox.php:71

actionwp_enqueue_scriptsincludes/class-reformbox.php:74

filterrender_block_core/groupincludes/class-reformbox.php:77

filterrender_block_core/videoincludes/class-reformbox.php:80

filterrender_block_core/paragraphincludes/class-reformbox.php:83

actionadmin_initincludes/class-reformbox.php:86

actionadmin_menuincludes/class-reformbox.php:87

actionwp_enqueue_scriptsincludes/class-reformbox.php:88

actionplugins_loadedreformbox.php:29

Maintenance & Trust

ReformBox Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 26, 2026

PHP min version7.4

Downloads123

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

ReformBox Alternatives

Light Modal Block

light-modal-block

100

Lightweight, customizable modal block for the WordPress block editor

2K No CVEs

Modal Builder Block

modal-builder-block

Build a modal with the power of WordPress' block editor. Anything you can do with the editor works inside of the modal content window or the moda …

700 No CVEs

Lightbox & Modal Popup WordPress Plugin – FooBox

foobox-image-lightbox

A responsive image lightbox for WordPress galleries, WordPress attachments & FooGallery

100K 5 CVEs

Modal Window – create popup modal window

modal-window

WordPress popup plugin for easily creating a popup and modal window with any kind of content and settings.

10K 7 CVEs

Pop-up

pop-up-pop-up

Pop-up Popups

10K 2 CVEs

Developer Profile

ReformBox Developer Profile

Tsubu

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ReformBox

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/reformbox/build/editor.js/wp-content/plugins/reformbox/build/editor.css/wp-content/plugins/reformbox/build/view.js/wp-content/plugins/reformbox/build/style-view.css

Script Paths

/wp-content/plugins/reformbox/build/editor.js/wp-content/plugins/reformbox/build/view.js

Version Parameters

reformbox-editorreformbox-editor-canvasreformbox-view

HTML / DOM Fingerprints

CSS Classes

wp-block-reformbox-wrapperreformbox-image-wrapperreformbox-video-wrapper

Data Attributes

data-reformbox-id

JS Globals

window.Reformbox

FAQ