WP-Safety

Timeline Pro Security & Risk Analysis

wordpress.org/plugins/timeline-pro

Timeline Pro is pure HTML & CSS timeline style grid for WordPress.

60 active installs v1.4 PHP + WP 4.0.0+ Updated Jan 8, 2025
biography-timelineresponsive-timelineresponsive-timeline-wordpresstimelinetimeline-for-wordpress
91
A · Safe
CVEs total1
Unpatched0
Last CVEJan 7, 2025
Plugin page Download
Safety Verdict

Is Timeline Pro Safe to Use in 2026?

Generally Safe

Score 91/100

Timeline Pro has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 7, 2025Updated 1yr ago
Risk Assessment

The static analysis of the timeline-pro plugin v1.4 indicates a strong adherence to secure coding practices. The absence of any identified dangerous functions, raw SQL queries, unescaped output, file operations, external HTTP requests, or missing nonce/capability checks is commendable. Furthermore, the taint analysis shows no flows with unsanitized paths, suggesting a good defense against common injection vulnerabilities.

Despite these positive static analysis findings, the plugin has a history of a single medium-severity vulnerability related to Cross-Site Scripting (XSS), which was last patched on January 7, 2025. While this vulnerability is noted as patched, the existence of an XSS flaw in its past warrants continued vigilance. The plugin's zero-day attack surface is also a positive indicator. The overall security posture appears robust, with the primary concern being the historical presence of an XSS vulnerability, even though it's currently addressed. Developers should continue to monitor for new vulnerabilities and maintain the plugin's secure coding standards.

Key Concerns

  • Past medium severity XSS vulnerability
Vulnerabilities
1

Timeline Pro Security Vulnerabilities

CVEs by Year

1 CVE in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2025-22584medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Timeline Pro <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via [placeholder]

Jan 7, 2025 Patched in 1.4 (8d)
Code Analysis
Analyzed Mar 16, 2026

Timeline Pro Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0
Attack Surface

Timeline Pro Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 4
actionplugins_loadedtimeline-pro.php:39
actionwp_enqueue_scriptstimeline-pro.php:78
actionwp_enqueue_scriptstimeline-pro.php:93
actionadmin_enqueue_scriptstimeline-pro.php:147
Maintenance & Trust

Timeline Pro Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedJan 8, 2025
PHP min version
Downloads11K

Community Trust

Rating90/100
Number of ratings6
Active installs60
Alternatives

Timeline Pro Alternatives

Time Line Diagram

Time Line Diagram

timeline-diagram

A
100

Time Line Diagram is a responsive WordPress Plugin that allows you to create beautiful vertical storyline. You simply create posts, set images and dat &hellip;

10 No CVEs
Timeline and History slider

Timeline and History slider

timeline-and-history-slider

A
98

Timeline Plugin for WordPress. Easy to add and display history OR timeline for your WordPress website. Also work with Gutenberg shortcode block.

5K 1 CVE
Event Timeline – Vertical Timeline

Event Timeline – Vertical Timeline

rich-event-timeline

C
64

Timeline plugin is fully responsive. Timeline Is awesome WordPress plugin with many useful features and effects.

1K 1 unpatched
Ultimate Timeline – Responsive History Timeline

Ultimate Timeline – Responsive History Timeline

ultimate-timeline

A
100

Ultimate Timeline plugin creates beautiful history time-lines on your website. It is responsive time-line showcase in DESC order based on posted date &hellip;

60 No CVEs
Timeline Widget For Elementor (Elementor Timeline, Vertical & Horizontal Timeline)

Timeline Widget For Elementor (Elementor Timeline, Vertical & Horizontal Timeline)

timeline-widget-addon-for-elementor

A
100

Highlight your company’s history, milestones, and key events directly inside Elementor using stunning vertical and horizontal timelines.

70K 1 CVE
Developer Profile

Timeline Pro Developer Profile

PluginsPoint

20 plugins · 600 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
8 days
View full developer profile
Detection Fingerprints

How We Detect Timeline Pro

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/timeline-pro/public/css/style.css/wp-content/plugins/timeline-pro/public/css/font-awesome.min.css/wp-content/plugins/timeline-pro/public/js/timeline-pro-script.js/wp-content/plugins/timeline-pro/public/js/timeline-pro-ajax.js/wp-content/plugins/timeline-pro/admin/css/admin-style.css/wp-content/plugins/timeline-pro/admin/js/custom-meta-box.js/wp-content/plugins/timeline-pro/admin/js/timeline-pro-admin.js/wp-content/plugins/timeline-pro/admin/js/color-picker.js
Script Paths
public/css/style.csspublic/css/font-awesome.min.csspublic/js/timeline-pro-script.jspublic/js/timeline-pro-ajax.jsadmin/css/admin-style.cssadmin/js/custom-meta-box.js+2 more
Version Parameters
timeline-pro/style.css?ver=timeline-pro/font-awesome.min.css?ver=timeline-pro/timeline-pro-script.js?ver=timeline-pro/timeline-pro-ajax.js?ver=timeline-pro/admin-style.css?ver=timeline-pro/custom-meta-box.js?ver=timeline-pro/timeline-pro-admin.js?ver=timeline-pro/color-picker.js?ver=

HTML / DOM Fingerprints

CSS Classes
timeline-protimeline-pro-itemtimeline-pro-contenttimeline-pro-datetimeline-pro-arrow
Data Attributes
data-timeline-pro
JS Globals
timeline_pro_ajaxtimelineProAjaxcustomMetaBoxAjax
Shortcode Output
[timeline-pro[timeline_pro
FAQ

Frequently Asked Questions about Timeline Pro