Does Simple Slider have any unpatched vulnerabilities?

No. All known vulnerabilities in Simple Slider have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Simple Slider compatible with WordPress 3.5.2?

According to WordPress.org data, Simple Slider 1.2.4 has been tested up to WordPress 3.5.2. Check the plugin's changelog for the latest compatibility information.

How often is Simple Slider updated?

Simple Slider was last updated on Jul 13, 2013. Frequent updates are generally a positive security signal.

What is Simple Slider's security score?

Simple Slider has a WP-Safety security score of 84/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Simple Slider Security & Risk Analysis

wordpress.org/plugins/simple-slider

Create and Manage simple slideshows using images in WordPress media system

80 active installs v1.2.4 PHP + WP 3.0+ Updated Jul 13, 2013

galleryimageimagessliderslideshow

B · Generally Safe

CVEs total1

Unpatched0

Last CVENov 22, 2021

Plugin page Download

Safety Verdict

Is Simple Slider Safe to Use in 2026?

Mostly Safe

Score 84/100

Simple Slider is generally safe to use though it hasn't been updated recently. 1 past CVE were resolved. Keep it updated.

1 known CVELast CVE: Nov 22, 2021Updated 12yr ago

Risk Assessment

The "simple-slider" v1.2.4 plugin exhibits a mixed security posture. On the positive side, it has no unpatched known vulnerabilities and avoids dangerous functions, file operations, external HTTP requests, and raw SQL queries. The static analysis also indicates a small attack surface with no unprotected entry points. However, significant concerns arise from the output escaping. With 0% of its 23 outputs properly escaped, this plugin is highly susceptible to Cross-Site Scripting (XSS) vulnerabilities. The taint analysis, while not reporting critical or high severity issues, did find 3 flows with unsanitized paths, which, combined with the lack of output escaping, could still lead to XSS if user input reaches these flows. The plugin's vulnerability history shows a past high-severity XSS vulnerability, reinforcing the risk posed by the current lack of proper output sanitization. The absence of nonce and capability checks, while not immediately exploitable due to the limited entry points and lack of direct database interaction in these flows, represents a missed opportunity for robust security, especially if the plugin's functionality were to expand.

Key Concerns

0% of outputs properly escaped
3 flows with unsanitized paths
0 nonce checks
0 capability checks
1 past high-severity vulnerability

Vulnerabilities

Simple Slider Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

Patched Has unpatched

Severity Breakdown

High

1 total CVE

WF-a7e24341-b085-4412-aa7b-42712cd94f35-simple-sliderhigh · 7.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Simple Slider < 1.1 - Reflected Cross-Site Scripting

Nov 22, 2021 Patched in 1.1 (792d)

Code Analysis

Analyzed Mar 16, 2026

Simple Slider Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

0% escaped23 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths

__construct (plugin-admin.php:16)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Simple Slider Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[simple_slider] plugin-loader.php:36

WordPress Hooks 4

filterplugin_row_metaplugin-admin.php:44

actionadmin_menuplugin-admin.php:47

filtercontextual_helpplugin-admin.php:50

actionwp_enqueue_scriptsplugin-admin.php:54

Maintenance & Trust

Simple Slider Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2

Last updatedJul 13, 2013

PHP min version

Downloads14K

Community Trust

Rating60/100

Number of ratings6

Active installs80

Alternatives

Simple Slider Alternatives

Acquaint Slick Slider

acquaint-slick-slider

This plugin has multiple slick images and carousel using shortcode.Its has so many customizable features.

10 No CVEs

Smart Slider 3

smart-slider-3

Responsive slider plugin to create sliders in visual editor easily. Build beautiful image slider, layer slider, video slider, post slider, and more.

800K 8 CVEs

Product Gallery Slider, Additional Variation Images, Product Video, Product Image Zoom and Lightbox for WooCommerce – WooGallery

gallery-slider-for-woocommerce

100

🔥 All-in-One WooCommerce Product Image and Video Gallery Solution to Enhance Your Customers' Shopping Experience and Boost Sales Instantly! 🚀

20K No CVEs

WP Header Images

wp-header-images

100

A great WordPress plugin which helps you to choose a unique image for each menu page.

6K 1 CVE

WOW Slider

wowslider

WOW Slider is a Wordpress slider with stunning visual effects and tons of professionally made templates.

3K No CVEs

Developer Profile

Simple Slider Developer Profile

ChrisHurst

19 plugins · 2K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

2044 days

View full developer profile

Detection Fingerprints

How We Detect Simple Slider

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/simple-slider/css/simple-slider.css/wp-content/plugins/simple-slider/js/simple-slider.js

Script Paths

/wp-content/plugins/simple-slider/js/simple-slider.js

Version Parameters

simple-slider/style.css?ver=simple-slider/simple-slider.js?ver=

HTML / DOM Fingerprints

CSS Classes

simple-slider

FAQ