Show-Hide / Collapse-Expand Security & Risk Analysis
wordpress.org/plugins/show-hidecollapse-expandSave space on your pages, posts, sidebars. Hide the content before user clicks to see it. Collapse long lists, create FAQs & more.
Is Show-Hide / Collapse-Expand Safe to Use in 2026?
Mostly Safe
Score 84/100Show-Hide / Collapse-Expand is generally safe to use though it hasn't been updated recently. 2 past CVEs were resolved. Keep it updated.
The "show-hidecollapse-expand" plugin version 1.3.0 exhibits a mixed security posture. The static analysis reveals a very small attack surface with no apparent unprotected entry points, and a strong adherence to secure coding practices such as using prepared statements for all SQL queries and a high percentage of properly escaped output. The absence of dangerous functions and external HTTP requests is also positive. However, the plugin's vulnerability history is a significant concern, with two documented medium severity vulnerabilities: Cross-site Scripting and Missing Authorization. The fact that both of these are listed as 'currently unpatched' according to the data provided, despite the last vulnerability being in early 2023, suggests a potential for ongoing security weaknesses if these issues are not actively addressed by the developer. While the current version might be clean of critical issues based on the taint analysis, the historical pattern indicates a need for caution and vigilance regarding past vulnerability types.
Key Concerns
- Medium severity CVEs present in history
- Missing authorization vulnerability in history
- Cross-site Scripting vulnerability in history
Show-Hide / Collapse-Expand Security Vulnerabilities
CVEs by Year
Severity Breakdown
2 total CVEs
Show-Hide / Collapse-Expand <= 1.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Show-Hide / Collapse-Expand <= 1.2.6 - Missing Authorization
Show-Hide / Collapse-Expand Code Analysis
Bundled Libraries
Output Escaping
Data Flow Analysis
Show-Hide / Collapse-Expand Attack Surface
WordPress Hooks 2
Maintenance & Trust
Show-Hide / Collapse-Expand Maintenance & Trust
Maintenance Signals
Community Trust
Show-Hide / Collapse-Expand Alternatives
Expandable FAQ
expandable-faq
It’s a MIT-licensed (can be used in premium themes), high quality, native and responsive WordPress plugin to create and view expandable F.A.Q.'s
Accordion FAQ – Compatible With All Page Builder (Elementor, Gutenberg)
responsive-accordion-and-collapse
Accordion And Collapse is the most easiest drag & drop accordion builder for WordPress. You can add multiple accordion and collapse with this.
Read More Without Refresh
read-more-without-refresh
Expand hidden content without page refresh. SEO-friendly, crawlable by search engines and easy to use.
BBSpoiler
bbspoiler
This plugin allows you to hide text under the tags [spoiler]your text[/spoiler].
Master Accordion ( Former WP Awesome FAQ Plugin )
wp-awesome-faq
Best WordPress Accordion Plugin for WordPress. Master Accordion re-branded with lots new features and customization options
Show-Hide / Collapse-Expand Developer Profile
2 plugins · 10K total installs
How We Detect Show-Hide / Collapse-Expand
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/show-hidecollapse-expand/assets/css/bg-show-hide.css/wp-content/plugins/show-hidecollapse-expand/assets/js/bg-show-hide-mce-plugin.js/wp-content/plugins/show-hidecollapse-expand/assets/js/bg-show-hide-mce-plugin.jsHTML / DOM Fingerprints
bg-showmore-plg-linkbg-margibg-hidden-content<!-- TODO: write to log -->bg_collapse_expandbg-show-more-text-bg-show-less-text-bg-showmore-action-<a id='bg-showmore-action-<div class="bg-margi<input type='hidden' bg_collapse_expand='