Does Spiraclethemes Site Library have any unpatched vulnerabilities?

No. All known vulnerabilities in Spiraclethemes Site Library have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Spiraclethemes Site Library compatible with WordPress 6.8.5?

According to WordPress.org data, Spiraclethemes Site Library 1.5.8 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Spiraclethemes Site Library compatible with PHP 5.6+?

Spiraclethemes Site Library requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Spiraclethemes Site Library updated?

Spiraclethemes Site Library was last updated on Nov 3, 2025. Frequent updates are generally a positive security signal.

What is Spiraclethemes Site Library's security score?

Spiraclethemes Site Library has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Spiraclethemes Site Library Security & Risk Analysis

wordpress.org/plugins/spiraclethemes-site-library

A plugin by Spiracle Themes that adds one-click demo import, theme customization, starter templates, and page builder support to its free themes.

2K active installs v1.5.8 PHP 5.6+ WP 5.0+ Updated Nov 3, 2025

demoimportspiraclethemesthemes

A · Safe

CVEs total1

Unpatched0

Last CVEMay 7, 2025

Plugin page Download

Safety Verdict

Is Spiraclethemes Site Library Safe to Use in 2026?

Generally Safe

Score 99/100

Spiraclethemes Site Library has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: May 7, 2025Updated 5mo ago

Risk Assessment

The "spiraclethemes-site-library" plugin v1.5.8 exhibits a generally good security posture, with robust practices observed in its static analysis. The absence of any detected critical or high severity taint flows, raw SQL queries, or direct file operations is a strong positive. Furthermore, the high percentage of properly escaped output (86%) and the presence of numerous nonce and capability checks across its AJAX and shortcode entry points indicate a conscious effort to mitigate common web vulnerabilities. The plugin also shows no externally bundled libraries that could introduce outdated components.

However, a historical medium severity Cross-Site Scripting (XSS) vulnerability, though currently patched, raises a flag. This suggests that while the developers have addressed past issues, vigilance is still required. The presence of 3 external HTTP requests, while not explicitly flagged as problematic, warrants monitoring in future analyses, as these can sometimes be vectors for injection or supply chain attacks. The large number of AJAX handlers (17) and shortcodes (21) contribute to a significant attack surface, although the current analysis indicates that these are adequately protected. The plugin's last vulnerability was in May 2025, which is in the future, suggesting this data may be from a predictive model or an error. Assuming it refers to a past event and given it's a medium severity XSS, it's a notable concern.

In conclusion, the plugin's current version demonstrates good development practices with a focus on input validation and output escaping. The absence of critical immediate threats is encouraging. The primary area for continued attention is the historical vulnerability, which, despite being patched, highlights the potential for XSS issues. Monitoring external requests and ensuring ongoing robust security practices for its substantial attack surface will be key to maintaining its security.

Key Concerns

Historical medium severity XSS vulnerability

Vulnerabilities

Spiraclethemes Site Library Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-47656medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Spiraclethemes Site Library <= 1.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

May 7, 2025 Patched in 1.5.5 (80d)

Code Analysis

Analyzed Mar 16, 2026

Spiraclethemes Site Library Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

428 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

86% escaped498 total outputs

Data Flows

All sanitized

Data Flow Analysis

10 flows

spiraclethemes_site_library_save_settings (admin\admin-init.php:113)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Spiraclethemes Site Library Attack Surface

Entry Points38

Unprotected0

AJAX Handlers 17

authwp_ajax_ssl_save_settingsadmin\admin-init.php:68

authwp_ajax_own_shop_quick_viewinc\own-shop-functions.php:582

noprivwp_ajax_own_shop_quick_viewinc\own-shop-functions.php:583

authwp_ajax_own_shop_quick_view_add_to_cartinc\own-shop-functions.php:647

noprivwp_ajax_own_shop_quick_view_add_to_cartinc\own-shop-functions.php:648

authwp_ajax_own_shop_quick_viewinc\own-shop-lite-functions.php:581

noprivwp_ajax_own_shop_quick_viewinc\own-shop-lite-functions.php:582

authwp_ajax_own_shop_quick_view_add_to_cartinc\own-shop-lite-functions.php:646

noprivwp_ajax_own_shop_quick_view_add_to_cartinc\own-shop-lite-functions.php:647

authwp_ajax_own_shop_quick_viewinc\own-shope-functions.php:581

noprivwp_ajax_own_shop_quick_viewinc\own-shope-functions.php:582

authwp_ajax_own_shop_quick_view_add_to_cartinc\own-shope-functions.php:646

noprivwp_ajax_own_shop_quick_view_add_to_cartinc\own-shope-functions.php:647

authwp_ajax_own_shop_quick_viewinc\own-store-functions.php:582

noprivwp_ajax_own_shop_quick_viewinc\own-store-functions.php:583

authwp_ajax_own_shop_quick_view_add_to_cartinc\own-store-functions.php:647

noprivwp_ajax_own_shop_quick_view_add_to_cartinc\own-store-functions.php:648

Shortcodes 21

[gridposts] inc\blogson-functions.php:361

[listprod] inc\own-shop-functions.php:242

[featuredprod] inc\own-shop-functions.php:267

[newprod] inc\own-shop-functions.php:292

[popularprod] inc\own-shop-functions.php:317

[recentblog] inc\own-shop-functions.php:441

[listprod] inc\own-shop-lite-functions.php:238

[featuredprod] inc\own-shop-lite-functions.php:263

[newprod] inc\own-shop-lite-functions.php:288

[popularprod] inc\own-shop-lite-functions.php:313

[recentblog] inc\own-shop-lite-functions.php:437

[listprod] inc\own-shope-functions.php:238

[featuredprod] inc\own-shope-functions.php:263

[newprod] inc\own-shope-functions.php:288

[popularprod] inc\own-shope-functions.php:313

[recentblog] inc\own-shope-functions.php:437

[listprod] inc\own-store-functions.php:238

[featuredprod] inc\own-store-functions.php:263

[newprod] inc\own-store-functions.php:288

[popularprod] inc\own-store-functions.php:313

[recentblog] inc\own-store-functions.php:437

WordPress Hooks 114

actionadmin_menuadmin\admin-init.php:66

actionadmin_enqueue_scriptsadmin\admin-init.php:67

actionplugins_loadedelements\blogson\helper-functions.php:69

actionelementor/initelements\blogson\helper-functions.php:105

actionadmin_noticeselements\blogson\helper-functions.php:130

actionadmin_noticeselements\blogson\helper-functions.php:136

actionelementor/widgets/registerelements\blogson\helper-functions.php:161

actionelementor/elements/categories_registeredelements\blogson\widget-category.php:27

actionplugins_loadedelements\own-shop\helper-functions.php:69

actionelementor/initelements\own-shop\helper-functions.php:105

actionadmin_noticeselements\own-shop\helper-functions.php:130

actionadmin_noticeselements\own-shop\helper-functions.php:136

actionelementor/widgets/registerelements\own-shop\helper-functions.php:161

actionelementor/elements/categories_registeredelements\own-shop\widget-category.php:27

filteradmin_body_classinc\blogson-functions.php:24

filterpt-ocdi/import_filesinc\blogson-functions.php:53

actionpt-ocdi/after_importinc\blogson-functions.php:82

filterocdi/register_pluginsinc\blogson-functions.php:101

actionadmin_initinc\blogson-functions.php:103

filterpt-ocdi/import_filesinc\colon-functions.php:42

actionpt-ocdi/after_importinc\colon-functions.php:64

filterocdi/register_pluginsinc\colon-functions.php:88

actionadmin_initinc\colon-functions.php:90

filterpt-ocdi/import_filesinc\colon-plus-functions.php:39

actionpt-ocdi/after_importinc\colon-plus-functions.php:66

filterocdi/register_pluginsinc\colon-plus-functions.php:90

actionadmin_initinc\colon-plus-functions.php:92

filterpt-ocdi/import_filesinc\crater-free-functions.php:40

actionpt-ocdi/after_importinc\crater-free-functions.php:66

filterpt-ocdi/import_filesinc\krystal-business-functions.php:39

actionpt-ocdi/after_importinc\krystal-business-functions.php:66

filterocdi/register_pluginsinc\krystal-business-functions.php:95

actionadmin_initinc\krystal-business-functions.php:97

filterpt-ocdi/import_filesinc\krystal-functions.php:44

actionpt-ocdi/after_importinc\krystal-functions.php:66

filterocdi/register_pluginsinc\krystal-functions.php:90

actionadmin_initinc\krystal-functions.php:92

filterpt-ocdi/import_filesinc\krystal-lawyer-functions.php:39

actionpt-ocdi/after_importinc\krystal-lawyer-functions.php:66

filterocdi/register_pluginsinc\krystal-lawyer-functions.php:95

actionadmin_initinc\krystal-lawyer-functions.php:97

filterpt-ocdi/import_filesinc\krystal-shop-functions.php:39

actionpt-ocdi/after_importinc\krystal-shop-functions.php:66

filterocdi/register_pluginsinc\krystal-shop-functions.php:95

actionadmin_initinc\krystal-shop-functions.php:97

filteradmin_body_classinc\lawfiz-functions.php:24

filterpt-ocdi/import_filesinc\lawfiz-functions.php:61

actionpt-ocdi/after_importinc\lawfiz-functions.php:87

filterocdi/register_pluginsinc\lawfiz-functions.php:111

actionadmin_initinc\lawfiz-functions.php:113

actionadmin_headinc\lawfiz-functions.php:128

filterpt-ocdi/import_filesinc\lawfiz-one-functions.php:39

actionpt-ocdi/after_importinc\lawfiz-one-functions.php:66

filterocdi/register_pluginsinc\lawfiz-one-functions.php:90

actionadmin_initinc\lawfiz-one-functions.php:92

filteradmin_body_classinc\legalblow-functions.php:24

filterpt-ocdi/import_filesinc\legalblow-functions.php:61

actionpt-ocdi/after_importinc\legalblow-functions.php:87

filterocdi/register_pluginsinc\legalblow-functions.php:111

actionadmin_initinc\legalblow-functions.php:113

actionadmin_headinc\legalblow-functions.php:128

filterpt-ocdi/import_filesinc\mestore-functions.php:39

actionpt-ocdi/after_importinc\mestore-functions.php:72

filterocdi/register_pluginsinc\mestore-functions.php:106

actionadmin_initinc\mestore-functions.php:108

filterpt-ocdi/import_filesinc\own-shop-functions.php:41

actionpt-ocdi/after_importinc\own-shop-functions.php:72

filterocdi/register_pluginsinc\own-shop-functions.php:101

actionadmin_initinc\own-shop-functions.php:103

actionwp_enqueue_scriptsinc\own-shop-functions.php:472

actionwoocommerce_after_shop_loop_iteminc\own-shop-functions.php:656

actionwoocommerce_initinc\own-shop-functions.php:658

filterpt-ocdi/import_filesinc\own-shop-lite-functions.php:39

actionpt-ocdi/after_importinc\own-shop-lite-functions.php:68

filterocdi/register_pluginsinc\own-shop-lite-functions.php:97

actionadmin_initinc\own-shop-lite-functions.php:99

actionwp_enqueue_scriptsinc\own-shop-lite-functions.php:471

actionwoocommerce_after_shop_loop_iteminc\own-shop-lite-functions.php:655

actionwoocommerce_initinc\own-shop-lite-functions.php:657

filterpt-ocdi/import_filesinc\own-shop-trend-functions.php:39

actionpt-ocdi/after_importinc\own-shop-trend-functions.php:68

filterocdi/register_pluginsinc\own-shop-trend-functions.php:97

actionadmin_initinc\own-shop-trend-functions.php:99

filterpt-ocdi/import_filesinc\own-shope-functions.php:39

actionpt-ocdi/after_importinc\own-shope-functions.php:68

filterocdi/register_pluginsinc\own-shope-functions.php:97

actionadmin_initinc\own-shope-functions.php:99

actionwp_enqueue_scriptsinc\own-shope-functions.php:471

actionwoocommerce_after_shop_loop_iteminc\own-shope-functions.php:655

actionwoocommerce_initinc\own-shope-functions.php:657

filterpt-ocdi/import_filesinc\own-store-functions.php:39

actionpt-ocdi/after_importinc\own-store-functions.php:68

filterocdi/register_pluginsinc\own-store-functions.php:97

actionadmin_initinc\own-store-functions.php:99

actionwp_enqueue_scriptsinc\own-store-functions.php:472

actionwoocommerce_after_shop_loop_iteminc\own-store-functions.php:656

actionwoocommerce_initinc\own-store-functions.php:658

filterpt-ocdi/import_filesinc\purea-fashion-functions.php:39

actionpt-ocdi/after_importinc\purea-fashion-functions.php:68

filterpt-ocdi/import_filesinc\purea-magazine-functions.php:41

actionpt-ocdi/after_importinc\purea-magazine-functions.php:67

filterpt-ocdi/import_filesinc\somalite-functions.php:39

actionpt-ocdi/after_importinc\somalite-functions.php:65

filterocdi/register_pluginsinc\somalite-functions.php:99

actionadmin_initinc\somalite-functions.php:101

actionwp_dashboard_setupinc\widget\widget.php:233

actionadmin_headinc\widget\widget.php:254

actionadmin_initspiraclethemes-site-library.php:101

actionadmin_noticesspiraclethemes-site-library.php:102

actionadmin_noticesspiraclethemes-site-library.php:103

actionadmin_initspiraclethemes-site-library.php:104

actionadmin_initspiraclethemes-site-library.php:105

actioninitspiraclethemes-site-library.php:107

actionadmin_enqueue_scriptsspiraclethemes-site-library.php:147

Maintenance & Trust

Spiraclethemes Site Library Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedNov 3, 2025

PHP min version5.6

Downloads74K

Community Trust

Rating0/100

Number of ratings0

Active installs2K

Alternatives

Spiraclethemes Site Library Alternatives

aThemes Starter Sites

athemes-starter-sites

We've got a full and ever-growing library stocked with ready-made templates for any kind of business.

40K 1 CVE

FameTheme Demo Importer

famethemes-demo-importer

FameThemes Demo importer

30K 1 CVE

Acme Demo Setup

acme-demo-setup

100

Easily set up your site with dummy data. Import settings, widgets, and content in one click using Advanced Import.

10K No CVEs

Demo Importer Plus

demo-importer-plus

Import the demo content, widgets, customizer settings and theme settings with a single click without any hassle.

10K 5 CVEs

Mystery Themes Demo Importer

mysterythemes-demo-importer

100

One Click Demo Importer For Mystery Themes official themes demo content, customization options, widgets and theme settings.

8K No CVEs

Developer Profile

Spiraclethemes Site Library Developer Profile

Spiracle Themes

15 plugins · 4K total installs

trust score

Avg Security Score

94/100

Avg Patch Time

80 days

View full developer profile

Detection Fingerprints

How We Detect Spiraclethemes Site Library

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/spiraclethemes-site-library/css/main.css

Version Parameters

spiraclethemes-site-library/css/main.css?ver=

HTML / DOM Fingerprints

CSS Classes

ssl-pro-upgrade-noticeballoonpos-1pos-2pos-3pos-4pos-5notice-content

Data Attributes

class="balloon pos-1"class="balloon pos-2"class="balloon pos-3"class="balloon pos-4"class="balloon pos-5"

FAQ