Does Visual Slider have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Visual Slider compatible with WordPress 6.8.5?

According to WordPress.org data, Visual Slider 1.7 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Visual Slider compatible with PHP 7.4.0+?

Visual Slider requires PHP 7.4.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Visual Slider updated?

Visual Slider was last updated on Feb 9, 2026. Frequent updates are generally a positive security signal.

What is Visual Slider's security score?

Visual Slider has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Visual Slider: 1 Patched CVE

Safety Verdict

Is Visual Slider Safe to Use in 2026?

Generally Safe

Score 99/100

Visual Slider has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Jan 16, 2025Updated 3mo ago

Risk Assessment

The visual-slider plugin v1.7 exhibits a generally positive security posture, with a strong reliance on prepared statements for SQL queries and a high percentage of properly escaped output. The plugin also demonstrates a good number of nonce and capability checks, indicating an awareness of common WordPress security practices. However, the presence of an unprotected AJAX handler represents a significant security concern, as it could be exploited by unauthenticated users. The taint analysis showing unsanitized paths, while not reaching critical or high severity, warrants attention as it suggests potential avenues for injection if further exploited. The plugin's vulnerability history, marked by a single medium-severity Cross-Site Scripting (XSS) vulnerability patched in the past, suggests a history of security issues, though the current unpatched status of any CVEs is a positive sign. Overall, while the plugin has strengths in its coding practices, the unprotected entry point and past vulnerability history necessitate careful monitoring and prompt updates.

Key Concerns

Unprotected AJAX handler
Flows with unsanitized paths
One known medium CVE in history

Vulnerabilities

1 published

Visual Slider Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1

1 total CVE

CVE-2025-23448medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

visualslider Sldier <= 1.1.1 - Reflected Cross-Site Scripting

Jan 16, 2025 Patched in 1.4 (121d)

Version History

Visual Slider Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

Visual Slider Code Analysis

Dangerous Functions

0

Raw SQL Queries

0

0 prepared

Unescaped Output

73

552 escaped

Nonce Checks

24

Capability Checks

43

File Operations

1

External Requests

0

Bundled Libraries

0

Output Escaping

88% escaped625 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

16 flows2 with unsanitized paths

vs_module_content (admin\includes\metabox.php:103)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Visual Slider Attack Surface

Entry Points23

Unprotected1

AJAX Handlers 21

authwp_ajax_vs_options_encodeadmin\includes\code.php:59

authwp_ajax_vs_module_layer_listadmin\includes\layer.php:28

authwp_ajax_vs_module_layer_itemadmin\includes\layer.php:59

authwp_ajax_vs_module_contentadmin\includes\metabox.php:102

authwp_ajax_vs_icon_pickeradmin\includes\options-functions.php:464

authwp_ajax_vs_icon_fontsadmin\includes\options-functions.php:588

authwp_ajax_vs_perview_globaladmin\includes\perview-global.php:77

authwp_ajax_vs_perview_layeradmin\includes\perview-slide.php:199

authwp_ajax_vs_module_slide_listadmin\includes\slide.php:29

authwp_ajax_vs_module_slide_itemadmin\includes\slide.php:64

authwp_ajax_vs_module_slide_inneradmin\includes\slide.php:99

authwp_ajax_vs_module_panel_optionsadmin\includes\slide.php:200

authwp_ajax_vs_template_saveadmin\includes\template.php:6

authwp_ajax_vs_template_save_globaladmin\includes\template.php:55

authwp_ajax_vs_template_save_slideadmin\includes\template.php:92

authwp_ajax_vs_template_save_layeradmin\includes\template.php:121

authwp_ajax_vs_template_optionsadmin\includes\template.php:155

authwp_ajax_vs_template_removeadmin\includes\template.php:211

authwp_ajax_vs_template_demoadmin\includes\template.php:231

authwp_ajax_vs_template_importadmin\includes\template.php:274

authwp_ajax_vs_template_exportadmin\includes\template.php:310

Shortcodes 2

[vc_visualslider] inc\composer-visualslider.php:22

[visualslider] visual-slider.php:371

WordPress Hooks 46

filtervs_icon_elementadmin\fonts\fa-icon.php:981

filtervs_icon_elementadmin\fonts\flaticon.php:415

filtervs_icon_elementadmin\fonts\flaticon_thin.php:849

filtervs_icon_elementadmin\fonts\metrizeicon.php:323

filtervs_icon_elementadmin\fonts\typcn.php:358

actionadd_meta_boxesadmin\includes\metabox.php:13

actionsave_postadmin\includes\metabox.php:170

actioninitadmin\includes\options-functions.php:449

actioninitadmin\includes\options-functions.php:570

actionadmin_enqueue_scriptsadmin\index.php:33

actionadmin_enqueue_scriptsadmin\index.php:51

filtermanage_visualslider_posts_columnsadmin\index.php:135

actionmanage_visualslider_posts_custom_columnadmin\index.php:142

filtervs_setting_optionsadmin\setting-options.php:6

filtervs_slide_optionsadmin\slide-options.php:6

actioninitinc\composer-visualslider.php:21

filtersao_element_iteminc\sao-visualslider.php:12

filtersao_element_options_visualsliderinc\sao-visualslider.php:32

filtersao_builder_perview_visualsliderinc\sao-visualslider.php:108

filtersao_builder_visualsliderinc\sao-visualslider.php:151

filtervb_element_optionsinc\vb-visualslider.php:14

filtervb_element_visualsliderinc\vb-visualslider.php:74

actionwidgets_initinc\widget-visualslider.php:6

filtervs_layer_element_optionslayer\box.php:13

filtervs_layer_perview_boxlayer\box.php:204

filtervs_layer_boxlayer\box.php:221

filtervs_layer_element_optionslayer\button.php:13

filtervs_layer_perview_buttonlayer\button.php:307

filtervs_layer_buttonlayer\button.php:320

filtervs_layer_element_optionslayer\icon.php:13

filtervs_layer_perview_iconlayer\icon.php:297

filtervs_layer_iconlayer\icon.php:317

filtervs_layer_element_optionslayer\image.php:14

filtervs_layer_perview_imagelayer\image.php:129

filtervs_layer_imagelayer\image.php:146

filtervs_layer_element_optionslayer\text.php:14

filtervs_layer_perview_textlayer\text.php:328

filtervs_layer_textlayer\text.php:350

actionvisualslider_initvisual-slider.php:35

actionplugins_loadedvisual-slider.php:51

actioninitvisual-slider.php:58

actionelementor/widgets/registervisual-slider.php:109

actioninitvisual-slider.php:134

actionwp_enqueue_scriptsvisual-slider.php:319

filtersingle_templatevisual-slider.php:376

filtersingle_templatevisual-slider.php:425

Maintenance & Trust

Visual Slider Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedFeb 9, 2026

PHP min version7.4.0

Downloads5K

Community Trust

Rating50/100

Number of ratings2

Active installs700

Alternatives

Visual Slider Alternatives

Max Elements for Elementor – Advanced Widgets, Extensions & Theme Builder

max-elements

A

100

Unlock the full power of Elementor with Max Elements – advanced widgets, dynamic builders, WooCommerce support, popups, offcanvas, and more.

10 No CVEs

Slider Builder Elementor

slider-builder-elementor

A

85

Enhance your Elementor page building experience with elementor dynamic slider builder. Add power to your page builder using our easy-to-use elements t …

0 No CVEs

Developer Profile

Visual Slider Developer Profile

dastan800

3 plugins · 1K total installs

87

trust score

Avg Security Score

99/100

Avg Patch Time

48 days

View full developer profile

Detection Fingerprints

How We Detect Visual Slider

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/visual-slider/assets/css/fonts/fontawesome.css/wp-content/plugins/visual-slider/assets/css/fonts/flaticonarrow.css/wp-content/plugins/visual-slider/assets/css/fonts/flaticonmultimedia.css/wp-content/plugins/visual-slider/assets/css/fonts/flaticonbusiness.css/wp-content/plugins/visual-slider/assets/css/fonts/flaticonoffice.css/wp-content/plugins/visual-slider/assets/css/fonts/flaticoninterface.css/wp-content/plugins/visual-slider/assets/css/fonts/flaticonessentialset.css/wp-content/plugins/visual-slider/assets/css/fonts/flaticontechsupport.css+13 more

HTML / DOM Fingerprints

CSS Classes

visualslider_slidervs_slider_wrapper

Data Attributes

data-vsslider-options

JS Globals

visualslider_settings

Shortcode Output

[visual_slider[/visual_slider]

FAQ

Visual Slider Security & Risk Analysis