Does Timeline History have any unpatched vulnerabilities?

No. All known vulnerabilities in Timeline History have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Timeline History compatible with WordPress 5.0.25?

According to WordPress.org data, Timeline History 1.4 has been tested up to WordPress 5.0.25. Check the plugin's changelog for the latest compatibility information.

How often is Timeline History updated?

Timeline History was last updated on Dec 19, 2018. Frequent updates are generally a positive security signal.

What is Timeline History's security score?

Timeline History has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Timeline History Security & Risk Analysis

wordpress.org/plugins/timeline-history

This plugin used for show History as a timeline in horizontally form by date and text both on your wordpress page, post etc.

500 active installs v1.4 PHP + WP 3.8+ Updated Dec 19, 2018

historyhorizontaltimeline

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Timeline History Safe to Use in 2026?

Generally Safe

Score 85/100

Timeline History has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The "timeline-history" v1.4 plugin demonstrates a generally good security posture based on the provided static analysis and vulnerability history. The plugin has no recorded CVEs, indicating a history of security responsibility or a lack of significant past vulnerabilities. Its attack surface is relatively small, with all identified entry points (AJAX handlers and shortcodes) appearing to have some form of authorization check. Furthermore, the taint analysis found no critical or high severity flows with unsanitized paths, which is a positive sign. The code also shows a reasonable effort towards secure coding practices with the use of nonces and capability checks, and a moderate percentage of SQL queries utilizing prepared statements. However, there are areas for improvement. A significant portion of SQL queries are not prepared, which could be a potential vector for SQL injection if not handled with extreme care. Additionally, while output escaping is present, 29% of outputs are not properly escaped, raising concerns about potential cross-site scripting (XSS) vulnerabilities if user-supplied data is involved in these outputs. Overall, while the plugin is not inherently insecure, these areas represent potential weaknesses that could be exploited.

Key Concerns

SQL queries not using prepared statements
Outputs not properly escaped

Vulnerabilities

None known

Timeline History Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Timeline History Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

12 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

33% prepared3 total queries

Output Escaping

71% escaped17 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

save_kt_custom_meta_box_top_History (metabox.php:64)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Timeline History Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 1

authwp_ajax_my_actionmetabox.php:169

Shortcodes 1

[timeline-history] history.php:76

WordPress Hooks 7

filtermanage_edit-history_post_columnsinclude\history-table_list.php:7

actionmanage_history_post_posts_custom_columninclude\history-table_list.php:21

actionadd_meta_boxesmetabox.php:11

actionadd_meta_boxesmetabox.php:23

actionsave_postmetabox.php:114

actionadmin_footermetabox.php:149

actioninitpost-type.php:6

Maintenance & Trust

Timeline History Maintenance & Trust

Maintenance Signals

WordPress version tested5.0.25

Last updatedDec 19, 2018

PHP min version

Downloads12K

Community Trust

Rating80/100

Number of ratings4

Active installs500

Alternatives

Timeline History Alternatives

Timeline Widget For Elementor (Elementor Timeline, Vertical & Horizontal Timeline)

timeline-widget-addon-for-elementor

100

Highlight your company’s history, milestones, and key events directly inside Elementor using stunning vertical and horizontal timelines.

70K 1 CVE

Cool Timeline (Horizontal & Vertical Timeline)

cool-timeline

100

Showcase your story or company history, events, and roadmap in an interactive timeline using the powerful Cool Timeline plugin.

20K 1 CVE

Bold Timeline Lite

bold-timeline-lite

Bold Timeline Lite – WordPress Timeline Plugin

10K 5 CVEs

Timeline Module for Divi

timeline-module-for-divi

100

Highlight your company's history, milestones, and future plans with the advanced Timeline Module for Divi.

2K No CVEs

GUTENBERG TIMELINE BLOCK

jnext-timeline-blocks

GUTENBERG TIMELINE is a powerful WordPress plugin that enables you to create visually striking and informative timelines. it's provide Curve Time …

10 No CVEs

Developer Profile

Timeline History Developer Profile

sehgal.sunny

2 plugins · 510 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Timeline History

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/timeline-history/css/history.css/wp-content/plugins/timeline-history/css/style.css/wp-content/plugins/timeline-history/js/history.js

HTML / DOM Fingerprints

CSS Classes

cd-horizontal-timelineevents-wrappereventstimelinecd-timeline-navigationevents-contenthistory_top_title

Data Attributes

data-date

JS Globals

webshims

Shortcode Output

<section class="cd-horizontal-timeline"><div class="timeline"><div class="events-wrapper"><div class="events">

FAQ