WP-Safety

Twenty20 Image Before-After Security & Risk Analysis

wordpress.org/plugins/twenty20

Professional before & after image comparison slider for WordPress. Create engaging visual comparisons with an intuitive drag & drop interface.

20K active installs v2.0.4 PHP 5.6+ WP 5.9+ Updated Mar 2, 2025
before-after-sliderelementorimage-comparisonimage-slidervisual-composer
92
A · Safe
CVEs total1
Unpatched0
Last CVEJan 23, 2023
Plugin page Download
Safety Verdict

Is Twenty20 Image Before-After Safe to Use in 2026?

Generally Safe

Score 92/100

Twenty20 Image Before-After has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 23, 2023Updated 1yr ago
Risk Assessment

The "twenty20" v2.0.4 plugin exhibits a generally good security posture based on the static analysis, with no identified dangerous functions, SQL injection vulnerabilities, or file operations. A high percentage of output is properly escaped, and there are no external HTTP requests. However, the lack of nonce and capability checks across all entry points, particularly the shortcode, presents a notable concern, as these are crucial for preventing CSRF attacks and ensuring proper authorization. While taint analysis shows no immediate critical or high-severity issues, the absence of these checks means that potentially malicious inputs could be processed without sufficient validation. The plugin's vulnerability history, which includes one medium-severity Cross-Site Scripting (XSS) vulnerability patched in January 2023, indicates a past weakness that, while addressed, highlights the potential for such issues to arise. The absence of unpatched CVEs is a positive sign, but the overall reliance on WordPress's core security features without explicit plugin-level checks is a weakness.

Key Concerns

  • Missing nonce checks on entry points
  • Missing capability checks on entry points
  • One past medium severity CVE
  • 94% output escaping (some unescaped)
Vulnerabilities
1

Twenty20 Image Before-After Security Vulnerabilities

CVEs by Year

1 CVE in 2023
2023
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2022-4580medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Twenty20 Image Before-After <= 1.5.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Jan 23, 2023 Patched in 1.6.0 (365d)
Code Analysis
Analyzed Mar 16, 2026

Twenty20 Image Before-After Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
8
126 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

94% escaped134 total outputs
Attack Surface

Twenty20 Image Before-After Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[twenty20] inc\twenty20-shortcode.php:147
WordPress Hooks 12
actionwp_enqueue_scriptsinc\enqueue.php:44
actionwp_enqueue_mediainc\enqueue.php:50
actionmedia_buttonsinc\enqueue.php:59
actionadmin_footerinc\enqueue.php:139
actionadmin_footerinc\enqueue.php:219
actionux_builder_setupinc\for-flatsome-ux-builder.php:3
actionvc_before_initinc\twenty20-shortcode-vc.php:5
actionwp_footerinc\twenty20-shortcode.php:144
actionadminesc_html_enqueue_scriptsinc\widget-twenty20.php:15
actionwidgets_initinc\widget-twenty20.php:194
actioninitttwenty.php:22
actionelementor/widgets/registerttwenty.php:59
Maintenance & Trust

Twenty20 Image Before-After Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedMar 2, 2025
PHP min version5.6
Downloads417K

Community Trust

Rating80/100
Number of ratings55
Active installs20K
Alternatives

Twenty20 Image Before-After Alternatives

Before After Image Comparison Slider for Elementor

Before After Image Comparison Slider for Elementor

before-after-image-comparison-slider-for-elementor

A
100

Before After Image Comparison Slider for Elementor is an image comparison slider plugin for Elementor Page Builder. This plugin allows you to create t &hellip;

10K No CVEs
Before After Image Comparison Slider for WPBakery Page Builder

Before After Image Comparison Slider for WPBakery Page Builder

before-after-image-comparison-slider-for-visual-composer

A
92

Before After Image Comparison Slider for WPBakery is an image comparison slider plugin for WPBakery Page Builder. This plugin allows you to create the &hellip;

1K No CVEs
Prime Slider – Addons for Elementor

Prime Slider – Addons for Elementor

bdthemes-prime-slider-lite

A
95

Create responsive sliders using Elementor for hero sections, posts, logos, images, products, testimonials, and more.

100K 15 CVEs
Ultimate Before After Image Slider & Gallery – BEAF

Ultimate Before After Image Slider & Gallery – BEAF

beaf-before-and-after-gallery

A
97

Need a Before After Image Comparison slider? Create your before and after slider with BEAF. Addon for Elementor Before and After Slider is included.

30K 2 CVEs
JetWidgets For Elementor

JetWidgets For Elementor

jetwidgets-for-elementor

A
95

Addon for Elementor Page builder. It provides the set of widgets to create different kinds of content like pricing tables, posts lists, banners, etc.

10K 8 CVEs
Developer Profile

Twenty20 Image Before-After Developer Profile

Zayed Baloch

3 plugins · 30K total installs

73
trust score
Avg Security Score
92/100
Avg Patch Time
331 days
View full developer profile
Detection Fingerprints

How We Detect Twenty20 Image Before-After

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/twenty20/assets/css/twenty20.css/wp-content/plugins/twenty20/assets/js/jquery.twenty20.js
Script Paths
/wp-content/plugins/twenty20/assets/js/jquery.twenty20.js

HTML / DOM Fingerprints

CSS Classes
twentytwenty-containertwenty20-slidertwenty20-before-after
Data Attributes
data-orientation
Shortcode Output
[twenty20 img1=[twenty20 img2=[twenty20 direction=[twenty20 offset=
FAQ

Frequently Asked Questions about Twenty20 Image Before-After