WP-Safety

Slider by Soliloquy – Responsive Image Slider for WordPress Security & Risk Analysis

wordpress.org/plugins/soliloquy-lite

The best WordPress slider plugin. Drag & Drop responsive slider builder that helps you create a beautiful image slideshows with just a few clicks.

30K active installs v2.8.1 PHP 7.0+ WP 5.7.0+ Updated Nov 13, 2025
carouselgallery-sliderinstagram-sliderslideshowvideo-slider
99
A · Safe
CVEs total2
Unpatched0
Last CVEAug 7, 2024
Plugin page Download
Safety Verdict

Is Slider by Soliloquy – Responsive Image Slider for WordPress Safe to Use in 2026?

Generally Safe

Score 99/100

Slider by Soliloquy – Responsive Image Slider for WordPress has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Aug 7, 2024Updated 4mo ago
Risk Assessment

The Soliloquy Lite plugin v2.8.1 presents a mixed security posture. On the positive side, it demonstrates good practices regarding SQL queries, exclusively using prepared statements, and a high percentage of properly escaped output, minimizing risks of SQL injection and reflected/stored cross-site scripting. The presence of numerous nonce and capability checks also indicates an effort to protect against unauthorized actions. However, the plugin has a significant number of unprotected entry points, specifically 5 AJAX handlers that lack authentication checks. This creates a substantial attack surface that could be exploited by unauthenticated users.

The vulnerability history reveals a pattern of medium-severity issues, including Cross-site Scripting and Missing Authorization. While there are currently no unpatched CVEs, the existence of past vulnerabilities in these categories, particularly Missing Authorization, directly aligns with the static analysis findings of unprotected AJAX handlers. The recent last vulnerability date suggests ongoing security attention but also highlights the persistent nature of certain risk types.

Overall, Soliloquy Lite v2.8.1 has strengths in its data handling and output sanitization. However, the critical deficiency in securing a portion of its AJAX endpoints poses a notable risk. Users should be aware of this potential for unauthorized access and manipulation through these unprotected handlers, especially given the plugin's history of authorization-related vulnerabilities.

Key Concerns

  • Unprotected AJAX handlers (5 without auth checks)
  • Past medium severity vulnerabilities (2 total, XSS, Missing Auth)
Vulnerabilities
2

Slider by Soliloquy – Responsive Image Slider for WordPress Security Vulnerabilities

CVEs by Year

1 CVE in 2023
2023
1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

CVE-2024-35775medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Slider by Soliloquy <= 2.7.6 - Missing Authorization to Authenticated (Author+) Stored Cross-Site Scripting

Aug 7, 2024 Patched in 2.7.7 (8d)
CVE-2023-51519medium · 4.3Missing Authorization

Slider by Soliloquy <= 2.7.2 - Missing Authorization

Dec 27, 2023 Patched in 2.7.3 (27d)
Code Analysis
Analyzed Mar 16, 2026

Slider by Soliloquy – Responsive Image Slider for WordPress Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
58
380 escaped
Nonce Checks
23
Capability Checks
21
File Operations
1
External Requests
4
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

87% escaped438 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
change_type (includes\admin\ajax.php:289)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
5 unprotected

Slider by Soliloquy – Responsive Image Slider for WordPress Attack Surface

Entry Points28
Unprotected5

AJAX Handlers 27

authwp_ajax_soliloquy_is_hosted_videoincludes\admin\ajax.php:45
authwp_ajax_soliloquy_upgrade_slidersincludes\admin\ajax.php:46
authwp_ajax_soliloquy_change_typeincludes\admin\ajax.php:47
authwp_ajax_soliloquy_load_imageincludes\admin\ajax.php:48
authwp_ajax_soliloquy_insert_slidesincludes\admin\ajax.php:49
authwp_ajax_soliloquy_sort_imagesincludes\admin\ajax.php:50
authwp_ajax_soliloquy_remove_slidesincludes\admin\ajax.php:51
authwp_ajax_soliloquy_remove_slideincludes\admin\ajax.php:52
authwp_ajax_soliloquy_save_metaincludes\admin\ajax.php:53
authwp_ajax_soliloquy_bulk_save_metaincludes\admin\ajax.php:54
authwp_ajax_soliloquy_refreshincludes\admin\ajax.php:55
authwp_ajax_soliloquy_load_slider_dataincludes\admin\ajax.php:56
authwp_ajax_soliloquy_install_addonincludes\admin\ajax.php:57
authwp_ajax_soliloquy_activate_addonincludes\admin\ajax.php:58
authwp_ajax_soliloquy_deactivate_addonincludes\admin\ajax.php:59
authwp_ajax_soliloquy_init_slidersincludes\admin\ajax.php:60
noprivwp_ajax_soliloquy_init_slidersincludes\admin\ajax.php:61
authwp_ajax_soliloquy_sort_addonsincludes\admin\ajax.php:62
authwp_ajax_soliloquy_change_slide_statusincludes\admin\ajax.php:63
authwp_ajax_soliloquy_slider_viewincludes\admin\ajax.php:64
authwp_ajax_soliloquy_get_attachment_linksincludes\admin\ajax.php:65
authwp_ajax_soliloquy_activate_partnerincludes\admin\ajax.php:66
authwp_ajax_soliloquy_deactivate_partnerincludes\admin\ajax.php:67
authwp_ajax_soliloquy_install_partnerincludes\admin\ajax.php:68
authwp_ajax_soliloquy_connectincludes\admin\ajax.php:69
authwp_ajax_soliloquy_notification_dismissincludes\admin\notifications.php:51
authwp_ajax_soliloquy_dismiss_reviewincludes\admin\review.php:78

Shortcodes 1

[soliloquy] includes\global\shortcode.php:135
WordPress Hooks 67
actionadmin_menuincludes\admin\addons.php:64
actionadmin_enqueue_scriptsincludes\admin\addons.php:96
actionadmin_enqueue_scriptsincludes\admin\addons.php:97
actioninitincludes\admin\blocks.php:43
actionadmin_noticesincludes\admin\common.php:60
actionadmin_noticesincludes\admin\common.php:61
actionadmin_enqueue_scriptsincludes\admin\common.php:64
actionadmin_enqueue_scriptsincludes\admin\common.php:65
actiondelete_attachmentincludes\admin\common.php:68
actiondelete_attachmentincludes\admin\common.php:69
actionwp_trash_postincludes\admin\common.php:72
actionuntrash_postincludes\admin\common.php:73
filteradmin_footer_textincludes\admin\common.php:74
actionin_admin_footerincludes\admin\common.php:75
actionadmin_footerincludes\admin\common.php:76
actionadmin_menuincludes\admin\common.php:77
actionadmin_headincludes\admin\common.php:78
actionadmin_footerincludes\admin\common.php:79
filtermedia_buttonsincludes\admin\editor.php:69
actionadmin_footerincludes\admin\editor.php:98
filterSoliloquy_Media_View_Lite_stringsincludes\admin\media-view.php:60
actionprint_media_templatesincludes\admin\media-view.php:61
actionadmin_enqueue_scriptsincludes\admin\metaboxes.php:68
actionadmin_enqueue_scriptsincludes\admin\metaboxes.php:69
actionadd_meta_boxesincludes\admin\metaboxes.php:72
actionsoliloquy_tab_sliderincludes\admin\metaboxes.php:77
actionsoliloquy_tab_configincludes\admin\metaboxes.php:78
actionsoliloquy_tab_miscincludes\admin\metaboxes.php:79
actionsoliloquy_tab_mobile_liteincludes\admin\metaboxes.php:80
actionsoliloquy_tab_lightbox_liteincludes\admin\metaboxes.php:81
actionsoliloquy_tab_pinterest_liteincludes\admin\metaboxes.php:82
actionsoliloquy_tab_schedule_liteincludes\admin\metaboxes.php:83
actionsoliloquy_tab_carousel_liteincludes\admin\metaboxes.php:84
actionsoliloquy_tab_thumbnails_liteincludes\admin\metaboxes.php:85
actionsave_postincludes\admin\metaboxes.php:88
actionadmin_headincludes\admin\metaboxes.php:248
actionedit_form_after_titleincludes\admin\metaboxes.php:333
actionedit_form_after_titleincludes\admin\metaboxes.php:334
actionpost-plupload-upload-uiincludes\admin\metaboxes.php:340
actionpost-html-upload-uiincludes\admin\metaboxes.php:341
actionsoliloquy_admin_notifications_updateincludes\admin\notifications.php:52
filterpost_updated_messagesincludes\admin\posttype.php:72
actionadmin_headincludes\admin\posttype.php:75
actioninitincludes\admin\posttype.php:78
actionin_admin_headerincludes\admin\posttype.php:80
actionadmin_enqueue_scriptsincludes\admin\posttype.php:83
actionadmin_enqueue_scriptsincludes\admin\posttype.php:84
filtermanage_edit-soliloquy_columnsincludes\admin\posttype.php:87
actionmanage_soliloquy_posts_custom_columnincludes\admin\posttype.php:88
actionquick_edit_custom_boxincludes\admin\posttype.php:91
actionbulk_edit_custom_boxincludes\admin\posttype.php:92
actionpost_updatedincludes\admin\posttype.php:93
actionadmin_initincludes\admin\posttype.php:95
actionadmin_noticesincludes\admin\posttype.php:631
actionadmin_noticesincludes\admin\review.php:77
actionadmin_menuincludes\admin\settings.php:23
actionadmin_menuincludes\admin\welcome.php:65
actionadmin_enqueue_scriptsincludes\admin\welcome.php:68
actionadmin_enqueue_scriptsincludes\admin\welcome.php:69
actionadmin_print_scriptsincludes\admin\welcome.php:72
filterrest_prepare_soliloquyincludes\global\posttype.php:106
filtermap_meta_capincludes\global\posttype.php:109
filterwidget_textincludes\global\shortcode.php:136
actionwp_footerincludes\global\shortcode.php:213
actionplugins_loadedsoliloquy-lite.php:117
actioninitsoliloquy-lite.php:120
filteradmin_footer_textsoliloquy-lite.php:122

Scheduled Events 1

soliloquy_admin_notifications_update
Maintenance & Trust

Slider by Soliloquy – Responsive Image Slider for WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedNov 13, 2025
PHP min version7.0
Downloads2.5M

Community Trust

Rating94/100
Number of ratings1,024
Active installs30K
Alternatives

Slider by Soliloquy – Responsive Image Slider for WordPress Alternatives

Carousel, Slider, Photo Gallery with Lightbox, Video Slider, by WP Carousel

Carousel, Slider, Photo Gallery with Lightbox, Video Slider, by WP Carousel

wp-carousel-free

A
96

Carousel, Slider, and Photo Gallery with Lightbox plugin. Create Image Carousel, Video Slider, Post Carousel, Post Grid, Product Carousel, and more.

70K 5 CVEs
Rainbow Slider

Rainbow Slider

rainbow-slider

A
100

Turn any Elementor template into a fully responsive Swiper Slider. Supports Sections, Flexbox Containers, and CSS Grid.

10 No CVEs
Smart Slider 3

Smart Slider 3

smart-slider-3

A
91

Responsive slider plugin to create sliders in visual editor easily. Build beautiful image slider, layer slider, video slider, post slider, and more.

800K 7 CVEs
Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider

Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider

ml-slider

A
94

Slider, gallery, carousel plugin for WordPress. Build your image slider, video slider, post slider, YouTube slider, or WooCommerce product slider.

500K 12 CVEs
Depicter — Popup & Slider Builder

Depicter — Popup & Slider Builder

depicter

A
89

Build Stunning Slider and Popup. Exit intent Popup, Image slider carousel, video slider carousel, post slider carousel, product slider, promote popup

90K 14 CVEs
Developer Profile

Slider by Soliloquy – Responsive Image Slider for WordPress Developer Profile

Syed Balkhi

94 plugins · 23.5M total installs

73
trust score
Avg Security Score
91/100
Avg Patch Time
795 days
View full developer profile
Detection Fingerprints

How We Detect Slider by Soliloquy – Responsive Image Slider for WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/soliloquy-lite/assets/css/admin.min.css/wp-content/plugins/soliloquy-lite/assets/css/common.min.css/wp-content/plugins/soliloquy-lite/assets/css/frontend.min.css/wp-content/plugins/soliloquy-lite/assets/js/admin.min.js/wp-content/plugins/soliloquy-lite/assets/js/common.min.js/wp-content/plugins/soliloquy-lite/assets/js/frontend.min.js
Script Paths
/wp-content/plugins/soliloquy-lite/assets/js/admin.min.js/wp-content/plugins/soliloquy-lite/assets/js/common.min.js/wp-content/plugins/soliloquy-lite/assets/js/frontend.min.js
Version Parameters
soliloquy-lite/assets/css/admin.min.css?ver=soliloquy-lite/assets/css/common.min.css?ver=soliloquy-lite/assets/css/frontend.min.css?ver=soliloquy-lite/assets/js/admin.min.js?ver=soliloquy-lite/assets/js/common.min.js?ver=soliloquy-lite/assets/js/frontend.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
soliloquy-slider
Data Attributes
data-soliloquy-id
JS Globals
soliloquy_instance
Shortcode Output
[soliloquy[soliloquy id=[soliloquy slug=
FAQ

Frequently Asked Questions about Slider by Soliloquy – Responsive Image Slider for WordPress