WP-Safety

Smartlib Tools Security & Risk Analysis

wordpress.org/plugins/smartlib-tools

Useful post types and customizer options.

200 active installs v1.0.7 PHP + WP 4.0+ Updated Apr 21, 2020
customizerfaqportfoliopost-typesteam-member
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Smartlib Tools Safe to Use in 2026?

Generally Safe

Score 85/100

Smartlib Tools has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The plugin "smartlib-tools" v1.0.7 exhibits a mixed security posture. On the positive side, the plugin has no recorded vulnerabilities or CVEs, and its static analysis indicates a lack of direct SQL injection vulnerabilities due to the exclusive use of prepared statements. Furthermore, the absence of external HTTP requests and file operations reduces the attack surface in those areas. The limited attack surface with only one shortcode as an entry point is also a positive sign, especially since it appears to have authorization checks.

However, significant concerns arise from the output escaping. With 2 total outputs and 0% properly escaped, this represents a critical vulnerability. Any data rendered to the user interface without proper sanitization is susceptible to Cross-Site Scripting (XSS) attacks, allowing attackers to inject malicious scripts that can be executed in the context of a user's browser. The lack of taint analysis results is unusual but doesn't negate the explicit finding of unescaped output. The presence of an outdated bundled library, Select2 v3.5.2, is another notable weakness, as older versions of libraries often contain known vulnerabilities that could be exploited.

Key Concerns

  • 0% of outputs properly escaped
  • Bundled outdated library (Select2 v3.5.2)
Vulnerabilities
None known

Smartlib Tools Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Smartlib Tools Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
2
0 escaped
Nonce Checks
0
Capability Checks
3
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Select23.5.2

Output Escaping

0% escaped2 total outputs
Attack Surface

Smartlib Tools Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[smartlib_icon_shortcode] includes\shortcodes.php:10
WordPress Hooks 24
filteruser_contactmethodsincludes\class-user.php:15
actionshow_user_profileincludes\class-user.php:16
actionedit_user_profileincludes\class-user.php:17
actionpersonal_options_updateincludes\class-user.php:18
actionedit_user_profile_updateincludes\class-user.php:19
actionadmin_enqueue_scriptsincludes\class-user.php:22
filterget_avatarincludes\class-user.php:25
filteradmin_initincludes\metabox-integration.php:18
actioninitincludes\post-types.php:6
actioninitincludes\post-types.php:8
filtersu/data/shortcodesincludes\shortcode-integration.php:3
actioninitincludes\shortcodes.php:6
actioncustomize_registerincludes\theme-integration.php:16
filterkirki/controlsincludes\theme-integration.php:20
actionwp_footerincludes\theme-integration.php:150
actionwp_footerincludes\theme-integration.php:154
actionwp_footerincludes\theme-integration.php:158
filterrwmb_meta_boxesincludes\theme-integration.php:269
actionadmin_noticessmartlib-tools.php:31
actionadmin_enqueue_scriptssmartlib-tools.php:70
actionadmin_enqueue_scriptssmartlib-tools.php:71
actionwp_enqueue_scriptssmartlib-tools.php:73
actionwp_enqueue_scriptssmartlib-tools.php:74
actionafter_setup_themesmartlib-tools.php:80
Maintenance & Trust

Smartlib Tools Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19
Last updatedApr 21, 2020
PHP min version
Downloads20K

Community Trust

Rating0/100
Number of ratings0
Active installs200
Alternatives

Smartlib Tools Alternatives

Theme Demo Importer and Patterns Library for CozyThemes – Cozy Essential Addons

Theme Demo Importer and Patterns Library for CozyThemes – Cozy Essential Addons

cozy-essential-addons

A
100

Cozy Essential Addons is the free WordPress plugin for Custom post type and provides basic skeletal for custom post type list.

7K No CVEs
SFN Easy FAQ Manager

SFN Easy FAQ Manager

wordpress-faq-manager

A
100

Uses custom post types and taxonomies to manage an FAQ section for your site.

2K No CVEs
Walker Core

Walker Core

walker-core

A
99

Walker Core is the companion plugin for WalkerWP Themes, which provides core functionality and custom post type for the themes.

900 1 CVE
All in one demo Export/Import

All in one demo Export/Import

all-in-one-demo-importexport

A
85

Easily export or import your WordPress customizer settings!

20 No CVEs
TallyKit

TallyKit

tallykit

A
85

A collection of features and functionality for Tally Framework Theme.

10 No CVEs
Developer Profile

Smartlib Tools Developer Profile

netbiel

3 plugins · 310 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Smartlib Tools

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/smartlib-tools/assets/main-smart-tools.js/wp-content/plugins/smartlib-tools/assets/font-awesome/css/font-awesome.min.css/wp-content/plugins/smartlib-tools/assets/animate.css/wp-content/plugins/smartlib-tools/assets/smart-tools.css
Script Paths
/wp-content/plugins/smartlib-tools/assets/main-smart-tools.js

HTML / DOM Fingerprints

CSS Classes
smartlib-imagesmartlib-user-image-container
Data Attributes
smartlib_profile_image
FAQ

Frequently Asked Questions about Smartlib Tools