WP-Safety

Slider Pro Security & Risk Analysis

wordpress.org/plugins/slider-pro-wp

A modular, responsive and touch-enabled jQuery slider plugin that enables you to create elegant and professionally looking sliders

1K active installs v1.0.0 PHP + WP 4.8.0+ Updated Oct 3, 2020
content-sliderimage-sliderpost-slidersliderwoocommerce-slider
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Slider Pro Safe to Use in 2026?

Generally Safe

Score 85/100

Slider Pro has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The "slider-pro-wp" v1.0.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by not containing any dangerous functions, performing all SQL queries using prepared statements, and having a low number of file operations and external HTTP requests. The absence of known CVEs and a clean vulnerability history are also positive indicators, suggesting a generally stable and well-maintained codebase.

However, significant concerns arise from the identified attack surface. The plugin exposes two AJAX handlers without any authentication checks. This lack of authorization on entry points is a critical security flaw that could allow unauthenticated users to trigger potentially harmful actions. Furthermore, while the taint analysis shows no critical or high severity flows, the presence of one flow with an unsanitized path, although not explicitly tied to a vulnerability, warrants attention as it could be an avenue for issues if not properly handled.

In conclusion, while the plugin avoids common pitfalls like raw SQL queries and dangerous functions, the unprotected AJAX endpoints represent a substantial risk. The presence of an unsanitized path in taint analysis, though not critical, adds to this concern. The lack of past vulnerabilities is encouraging, but the current static analysis findings highlight a need for immediate attention to the authentication and sanitization of its entry points to improve its overall security.

Key Concerns

  • Unprotected AJAX handlers
  • Flows with unsanitized paths
Vulnerabilities
None known

Slider Pro Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Slider Pro Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
68
262 escaped
Nonce Checks
1
Capability Checks
4
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

79% escaped330 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths
sliderpro_multiple_images (admin\class-admin-settings.php:294)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Slider Pro Attack Surface

Entry Points3
Unprotected2

AJAX Handlers 2

noprivwp_ajax_sliderpro_multiple_imagesadmin\class-admin-settings.php:36
authwp_ajax_sliderpro_multiple_imagesadmin\class-admin-settings.php:37

Shortcodes 1

[slider_pro] public\class-public-settings.php:23
WordPress Hooks 11
actioninitadmin\class-admin-settings.php:21
actionadd_meta_boxesadmin\class-admin-settings.php:24
actionsave_postadmin\class-admin-settings.php:27
filtermanage_slider_pro_posts_columnsadmin\class-admin-settings.php:30
actionmanage_slider_pro_posts_custom_columnadmin\class-admin-settings.php:33
actionadmin_print_scriptsadmin\class-admin-settings.php:40
actionadmin_print_stylesadmin\class-admin-settings.php:41
actioninitpublic\class-public-settings.php:17
actionwp_enqueue_scriptspublic\class-public-settings.php:26
actionplugin_action_linksslider-pro.php:111
actionadmin_noticesslider-pro.php:294
Maintenance & Trust

Slider Pro Maintenance & Trust

Maintenance Signals

WordPress version tested5.5.18
Last updatedOct 3, 2020
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs1K
Alternatives

Slider Pro Alternatives

Prime Slider – Addons for Elementor

Prime Slider – Addons for Elementor

bdthemes-prime-slider-lite

A
95

Create responsive sliders using Elementor for hero sections, posts, logos, images, products, testimonials, and more.

100K 15 CVEs
Ditty – Responsive News Tickers, Sliders, and Lists

Ditty – Responsive News Tickers, Sliders, and Lists

ditty-news-ticker

A
91

Ditty offers a range of content display options, including its signature news ticker and customizable layouts.

30K 14 CVEs
Super block slider – Image & content slider

Super block slider – Image & content slider

super-block-slider

A
99

Lightweight image & content slider for block and classic editor.

9K 1 CVE
Carousel, Recent Post Slider and Banner Slider

Carousel, Recent Post Slider and Banner Slider

spice-post-slider

A
100

Display your blog posts with a responsive, customizable slider that works smoothly on all devices.

8K 1 CVE
Block Slider – Responsive Image Slider, Video Slider & Post Slider

Block Slider – Responsive Image Slider, Video Slider & Post Slider

block-slider

C
63

Create Responsive Sliders using WordPress Blocks. Image slider, video slider, YouTube slider, post slider, product slider, WooCommerce slider & more.

4K 1 unpatched
Developer Profile

Slider Pro Developer Profile

Devnath verma

1 plugin · 1K total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Slider Pro

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/slider-pro-wp/assets/css//wp-content/plugins/slider-pro-wp/assets/js//wp-content/plugins/slider-pro-wp/assets/images/

HTML / DOM Fingerprints

HTML Comments
<!-- Slider Pro Plugin Define Constants. --><!-- The base-class of the plugin. --><!-- Instance of this class. --><!-- Return an instance of this class. -->+10 more
FAQ

Frequently Asked Questions about Slider Pro