Does Slimbox have any unpatched vulnerabilities?

No. All known vulnerabilities in Slimbox have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Slimbox compatible with WordPress 4.6.30?

According to WordPress.org data, Slimbox 1.0.8 has been tested up to WordPress 4.6.30. Check the plugin's changelog for the latest compatibility information.

How often is Slimbox updated?

Slimbox was last updated on Oct 17, 2016. Frequent updates are generally a positive security signal.

What is Slimbox's security score?

Slimbox has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Slimbox Security & Risk Analysis

wordpress.org/plugins/slimbox

Enables slimbox 2.03 on all image links including BMP, GIF, JPG, JPEG, and PNG links.

700 active installs v1.0.8 PHP + WP 2.7+ Updated Oct 17, 2016

imagesjavascriptlightboxslimbox

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Slimbox Safe to Use in 2026?

Generally Safe

Score 85/100

Slimbox has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

Based on the provided static analysis and vulnerability history, the Slimbox v1.0.8 plugin exhibits a strong security posture. The absence of identified dangerous functions, the exclusive use of prepared statements for SQL queries, and the consistent application of output escaping all point to good development practices. Furthermore, the zero-count for known CVEs and the lack of any recorded vulnerabilities in its history suggest a mature and well-maintained codebase.

However, the static analysis reveals a complete lack of security checks such as nonce and capability checks across all identified entry points, which are zero in this case. While there are no active entry points detected, if any were to be introduced or discovered in the future without proper authentication and authorization mechanisms, this could pose a significant risk. The absence of any detected taint flows or critical/high severity issues in the taint analysis is positive, but this is in conjunction with zero flows being analyzed, which might indicate a limited scope of analysis or a very simple plugin.

In conclusion, Slimbox v1.0.8 appears to be a secure plugin based on the data, with no known vulnerabilities and good internal code practices for the features it has. The primary concern, albeit theoretical given the current data, lies in the potential for future introductions of vulnerabilities if new functionalities are added without robust security checks like nonce and capability checks.

Key Concerns

No nonce checks detected
No capability checks detected

Vulnerabilities

None known

Slimbox Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Slimbox Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Slimbox Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actionwp_headslimbox.php:36

Maintenance & Trust

Slimbox Maintenance & Trust

Maintenance Signals

WordPress version tested4.6.30

Last updatedOct 17, 2016

PHP min version

Downloads57K

Community Trust

Rating100/100

Number of ratings1

Active installs700

Alternatives

Slimbox Alternatives

Slimbox Plugin

slimbox-plugin

Plugin used to overlay images on the current page into neat Javascript-powered overlay popups.

600 No CVEs

FancyBox

fancy-box

Enables fancybox on all image links including BMP, GIF, JPG, JPEG, and PNG links.

4K 1 unpatched

Cleaner Gallery

cleaner-gallery

A cleaner WordPress [gallery] that integrates with multiple Lightbox-type scripts.

2K No CVEs

Shutter Reloaded

shutter-reloaded

Darkens the current page and displays an image (like Lightbox, Thickbox, etc.), but is a lot smaller (10KB) and faster.

1K No CVEs

Add LightBox & Title

add-lightbox-title

This plugin for WordPress automatically add the rel="lightbox[ID-OF-THE-POST]" and recovers the image title.

300 No CVEs

Developer Profile

Slimbox Developer Profile

Kevin Sylvestre

2 plugins · 5K total installs

trust score

Avg Security Score

75/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Slimbox

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/slimbox/stylesheets/jquery.slimbox.css/wp-content/plugins/slimbox/javascript/jquery.slimbox.js

Script Paths

/wp-content/plugins/slimbox/javascript/jquery.slimbox.js

Version Parameters

jquery.slimbox.js?ver=jquery.slimbox.css?ver=

HTML / DOM Fingerprints

JS Globals

jQuery

FAQ