WP-Safety

Squelch Tabs and Accordions Shortcodes Security & Risk Analysis

wordpress.org/plugins/squelch-tabs-and-accordions-shortcodes

Shortcodes for creating accordions, horizontal accordions and tabs.

1K active installs v0.4.9 PHP 7.4+ WP 4.6+ Updated Jul 8, 2024
accordionsfaqshaccordiontabsvaccordion
90
A · Safe
CVEs total3
Unpatched0
Last CVEJul 8, 2024
Plugin page Download
Safety Verdict

Is Squelch Tabs and Accordions Shortcodes Safe to Use in 2026?

Generally Safe

Score 90/100

Squelch Tabs and Accordions Shortcodes has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: Jul 8, 2024Updated 1yr ago
Risk Assessment

The "squelch-tabs-and-accordions-shortcodes" plugin (v0.4.9) exhibits a mixed security posture. On the positive side, static analysis shows excellent adherence to secure coding practices, with nearly all output properly escaped, a significant number of capability checks, and a single nonce check in place. Crucially, there are no identified dangerous functions, file operations, external HTTP requests, or critical/high severity taint flows. The plugin also demonstrates a strong commitment to preventing SQL injection by exclusively using prepared statements.

However, a significant concern arises from its vulnerability history. The plugin has a record of 3 medium severity CVEs, with the most recent being on July 8, 2024. The common vulnerability types, Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF), suggest that past issues have stemmed from improper input handling and insufficient protection against malicious actions. The fact that these vulnerabilities have occurred, even if currently patched, indicates a recurring pattern of potential weaknesses in input validation or authorization that need ongoing vigilance.

Overall, while the current version's static analysis is promising with strong output escaping and proper SQL handling, the historical vulnerability data warrants caution. The plugin has demonstrated a propensity for XSS and CSRF vulnerabilities in the past. Users should ensure they are always running the latest version and remain aware of any future security advisories related to this plugin. The large number of shortcodes, while having no direct unprotected entry points in this analysis, represent a potential attack surface if any new vulnerabilities are discovered.

Key Concerns

  • History of 3 medium CVEs
  • Recent vulnerability (2024-07-08)
  • Common vulnerability types: XSS & CSRF
  • 25 shortcodes (potential attack surface)
Vulnerabilities
3

Squelch Tabs and Accordions Shortcodes Security Vulnerabilities

CVEs by Year

3 CVEs in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
3

3 total CVEs

CVE-2024-5946medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Squelch Tabs and Accordions Shortcodes <= 0.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via tab Shortcode

Jul 8, 2024 Patched in 0.4.9 (1d)
CVE-2024-4463medium · 4.3Cross-Site Request Forgery (CSRF)

Squelch Tabs and Accordions Shortcodes <= 0.4.7 - Cross-Site Request Forgery

May 7, 2024 Patched in 0.4.8 (3d)
CVE-2024-2499medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Squelch Tabs and Accordions Shortcodes <= 0.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via accordions Shortcode

Apr 4, 2024 Patched in 0.4.4 (2d)
Code Analysis
Analyzed Mar 16, 2026

Squelch Tabs and Accordions Shortcodes Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
94 escaped
Nonce Checks
1
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

99% escaped95 total outputs
Data Flows
All sanitized

Data Flow Analysis

1 flows
<admin> (inc\admin.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Squelch Tabs and Accordions Shortcodes Attack Surface

Entry Points25
Unprotected0

Shortcodes 25

[accordions] squelch-tabs-and-accordions.php:142
[subaccordions] squelch-tabs-and-accordions.php:143
[subsubaccordions] squelch-tabs-and-accordions.php:144
[accordion] squelch-tabs-and-accordions.php:187
[subaccordion] squelch-tabs-and-accordions.php:188
[subsubaccordion] squelch-tabs-and-accordions.php:189
[haccordions] squelch-tabs-and-accordions.php:283
[subhaccordions] squelch-tabs-and-accordions.php:284
[subsubhaccordions] squelch-tabs-and-accordions.php:285
[haccordion] squelch-tabs-and-accordions.php:326
[subhaccordion] squelch-tabs-and-accordions.php:327
[subsubhaccordion] squelch-tabs-and-accordions.php:328
[tabs] squelch-tabs-and-accordions.php:407
[subtabs] squelch-tabs-and-accordions.php:408
[subsubtabs] squelch-tabs-and-accordions.php:409
[tablinks] squelch-tabs-and-accordions.php:441
[tab] squelch-tabs-and-accordions.php:518
[subtab] squelch-tabs-and-accordions.php:519
[subsubtab] squelch-tabs-and-accordions.php:520
[toggles] squelch-tabs-and-accordions.php:582
[subtoggles] squelch-tabs-and-accordions.php:583
[subsubtoggles] squelch-tabs-and-accordions.php:584
[toggle] squelch-tabs-and-accordions.php:623
[subtoggle] squelch-tabs-and-accordions.php:624
[subsubtoggle] squelch-tabs-and-accordions.php:625
WordPress Hooks 4
actionplugins_loadedsquelch-tabs-and-accordions.php:65
actionwp_enqueue_scriptssquelch-tabs-and-accordions.php:760
actionadmin_menusquelch-tabs-and-accordions.php:882
filterplugin_action_linkssquelch-tabs-and-accordions.php:949
Maintenance & Trust

Squelch Tabs and Accordions Shortcodes Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8
Last updatedJul 8, 2024
PHP min version7.4
Downloads73K

Community Trust

Rating96/100
Number of ratings24
Active installs1K
Alternatives

Squelch Tabs and Accordions Shortcodes Alternatives

Meks Flexible Shortcodes

Meks Flexible Shortcodes

meks-flexible-shortcodes

A
97

Add some cool elements to your post/page content with flexible shortcodes.

10K 3 CVEs
ACF Tab & Accordion Title Icons

ACF Tab & Accordion Title Icons

acf-tab-accordion-title-icons

A
92

Add icons to the titles of ACF Tabs and Accordions

80 No CVEs
Materialize Accordions

Materialize Accordions

materialize-accordions

A
100

Materialize Accordions allows you to add a simple accordion with titles and body text via a shortcode.

20 No CVEs
Display FAQ – Responsive Accordion and Product FAQ For WooCommerce

Display FAQ – Responsive Accordion and Product FAQ For WooCommerce

wp-display-faq

A
100

Create and display responsive Accordions, FAQs in a webpage. Also create Product FAQ for WooCommerce and display them in a single product page.

20 No CVEs
CM FAQ – Simplify support with an intuitive FAQ management tool

CM FAQ – Simplify support with an intuitive FAQ management tool

cm-faq

A
99

Create and manage a user-friendly FAQ section on your site with this FAQ plugin. Answer common questions and improve user experience.

10 1 CVE
Developer Profile

Squelch Tabs and Accordions Shortcodes Developer Profile

Matt Lowe

2 plugins · 1K total installs

94
trust score
Avg Security Score
91/100
Avg Patch Time
2 days
View full developer profile
Detection Fingerprints

How We Detect Squelch Tabs and Accordions Shortcodes

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/squelch-tabs-and-accordions-shortcodes/css/squelch-taas.css/wp-content/plugins/squelch-tabs-and-accordions-shortcodes/js/squelch-taas.js/wp-content/plugins/squelch-tabs-and-accordions-shortcodes/js/jquery-ui.min.js/wp-content/plugins/squelch-tabs-and-accordions-shortcodes/css/themes/dark.css/wp-content/plugins/squelch-tabs-and-accordions-shortcodes/css/themes/light.css/wp-content/plugins/squelch-tabs-and-accordions-shortcodes/css/themes/stitch.css/wp-content/plugins/squelch-tabs-and-accordions-shortcodes/css/themes/basic.css/wp-content/plugins/squelch-tabs-and-accordions-shortcodes/css/themes/smoothness/jquery-ui.css
Script Paths
/wp-content/plugins/squelch-tabs-and-accordions-shortcodes/js/jquery-ui.min.js/wp-content/plugins/squelch-tabs-and-accordions-shortcodes/js/squelch-taas.js
Version Parameters
/wp-content/plugins/squelch-tabs-and-accordions-shortcodes/css/squelch-taas.css?ver=/wp-content/plugins/squelch-tabs-and-accordions-shortcodes/js/squelch-taas.js?ver=

HTML / DOM Fingerprints

CSS Classes
squelch-taas-accordionsquelch-taas-overridesquelch-taas-accordion-shortcode-contentsquelch-taas-tabssquelch-taas-tab-contentsquelch-taas-group-titlesquelch-taas-headersquelch-taas-tab-header+9 more
HTML Comments
squelch_taas_get_vanity_url() output accordions/subaccordions/subsubaccordions shortcode accordion/subaccordion/subsubaccordion shortcode tabs/tabs group shortcode +3 more
Data Attributes
data-activedata-disableddata-autoheightdata-collapsibledata-hwidthdata-speed+6 more
JS Globals
squelch_taas_accordionssquelch_taas_tabssquelch_taas_haccordions
Shortcode Output
<h[1-6]><div class="squelch-taas-accordion<div class="squelch-taas-accordion-shortcode-content<div class="squelch-taas-tabs
FAQ

Frequently Asked Questions about Squelch Tabs and Accordions Shortcodes