Does Sel Shortcodes have any unpatched vulnerabilities?

No. All known vulnerabilities in Sel Shortcodes have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Sel Shortcodes compatible with WordPress 4.8.28?

According to WordPress.org data, Sel Shortcodes 1.0.0 has been tested up to WordPress 4.8.28. Check the plugin's changelog for the latest compatibility information.

How often is Sel Shortcodes updated?

Sel Shortcodes was last updated on Jul 19, 2017. Frequent updates are generally a positive security signal.

What is Sel Shortcodes's security score?

Sel Shortcodes has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Sel Shortcodes Security & Risk Analysis

wordpress.org/plugins/sel-shortcodes

This plugin created for official themes from Selthemes.com

10 active installs v1.0.0 PHP + WP 4.0+ Updated Jul 19, 2017

shortcodeshortcodes

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Sel Shortcodes Safe to Use in 2026?

Generally Safe

Score 85/100

Sel Shortcodes has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The sel-shortcodes v1.0.0 plugin exhibits a strong security posture based on the provided static analysis. The absence of dangerous functions, SQL queries not using prepared statements, and 100% proper output escaping are excellent indicators of secure coding practices. Furthermore, the lack of file operations, external HTTP requests, and the presence of capability checks on some code paths are positive signs. The vulnerability history being entirely clear also suggests a history of secure development or diligent patching.

However, a significant concern arises from the absence of nonce checks across all entry points, particularly the eight shortcodes. While capability checks are present, the lack of nonces makes these shortcodes potentially susceptible to Cross-Site Request Forgery (CSRF) attacks if they perform any sensitive actions. The taint analysis reporting zero flows is positive, but it's important to remember that static analysis might not catch all complex or dynamic vulnerabilities.

In conclusion, the plugin is well-developed with many security best practices implemented. The primary area for improvement and a potential risk lies in the lack of nonce protection on its shortcodes, which could be a target for CSRF attacks. Addressing this would significantly enhance its overall security.

Key Concerns

No nonce checks on entry points

Vulnerabilities

None known

Sel Shortcodes Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Sel Shortcodes Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

13 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped13 total outputs

Attack Surface

Sel Shortcodes Attack Surface

Entry Points8

Unprotected0

Shortcodes 8

[st_accordion_group] includes\shortcodes_accordion.php:30

[st_accordion] includes\shortcodes_accordion.php:31

[st_button] includes\shortcodes_button.php:29

[st_callouts] includes\shortcodes_callout.php:25

[st_row] includes\shortcodes_grid.php:39

[st_col] includes\shortcodes_grid.php:40

[st_tabgroup] includes\shortcodes_tabs.php:56

[st_tab] includes\shortcodes_tabs.php:57

WordPress Hooks 6

filterinitplugin.php:54

filtermce_external_pluginsplugin.php:65

filtermce_buttonsplugin.php:66

actionadmin_headplugin.php:69

filterthe_contentplugin.php:86

filterthe_contentplugin.php:87

Maintenance & Trust

Sel Shortcodes Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28

Last updatedJul 19, 2017

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Sel Shortcodes Alternatives

Column Shortcodes

column-shortcodes

Adds shortcodes to easily create columns in your posts or pages.

60K No CVEs

Apollo13 Framework Extensions

apollo13-framework-extensions

Adds custom post types, shortcodes and some features that are used in themes built on Apollo13 Framework.

20K 6 CVEs

Futurio Extra

futurio-extra

Futurio Extra add extra features to Futurio theme like widgets, WooCommerce options, Elementor widgets, one click demo import and much more.

20K 7 CVEs

ND Shortcodes

nd-shortcodes

The plugin adds some useful components to your page builder ( Elementor or WP Bakery Page Builder ). All components are full responsive and retina rea …

20K 5 CVEs

Contact Form 7 Shortcode Enabler

contact-form-7-shortcode-enabler

This plugin enables the usage of external shortcodes inside Contact Form 7 Forms.

10K No CVEs

Developer Profile

Sel Shortcodes Developer Profile

Selthemes

4 plugins · 40 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Sel Shortcodes

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/sel-shortcodes/assets/css/jquery-ui.min.css/wp-content/plugins/sel-shortcodes/assets/css/bootstrap-grid.min.css/wp-content/plugins/sel-shortcodes/assets/css/shortcodes-style.css/wp-content/plugins/sel-shortcodes/assets/js/app.js/wp-content/plugins/sel-shortcodes/assets/css/app.css/wp-content/plugins/sel-shortcodes/assets/js/mce-button.js

Script Paths

/wp-content/plugins/sel-shortcodes/assets/js/app.js/wp-content/plugins/sel-shortcodes/assets/js/mce-button.js

HTML / DOM Fingerprints

CSS Classes

st-accordionst-btnst-calloutsst-tabsst-tab-linkst-tab-contentrowcol-md-

Data Attributes

st_accordion_groupst_accordionst_buttonst_calloutsst_rowst_col+2 more

JS Globals

st-tabsst-accordion

Shortcode Output

<div id="st-accordion"><a href=<div class="st-callouts<div id="st-tabs"><ul>

FAQ