Does w2pe Beaver Slider have any unpatched vulnerabilities?

No. All known vulnerabilities in w2pe Beaver Slider have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is w2pe Beaver Slider compatible with WordPress 3.7.41?

According to WordPress.org data, w2pe Beaver Slider 1.0.1 has been tested up to WordPress 3.7.41. Check the plugin's changelog for the latest compatibility information.

How often is w2pe Beaver Slider updated?

w2pe Beaver Slider was last updated on Mar 8, 2014. Frequent updates are generally a positive security signal.

What is w2pe Beaver Slider's security score?

w2pe Beaver Slider has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

w2pe Beaver Slider Security & Risk Analysis

wordpress.org/plugins/w2pe-beaverslider

w2pe-beaverslider is one of simple image slider made for wordpress blog or site.

10 active installs v1.0.1 PHP + WP 3.7+ Updated Mar 8, 2014

beaversliderimage-slidersliderw2pe-beaverslider

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is w2pe Beaver Slider Safe to Use in 2026?

Generally Safe

Score 85/100

w2pe Beaver Slider has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The "w2pe-beaverslider" plugin, in version 1.0.1, exhibits several security concerns that warrant attention. While there is no recorded vulnerability history, which is a positive indicator, the static analysis reveals significant weaknesses. The plugin has a small attack surface with only two entry points, but one of these, an AJAX handler, lacks any authentication checks, making it a prime target for unauthorized actions.

The code analysis also highlights a lack of proper output escaping for all identified output points. This is a critical flaw that could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is displayed without sanitization. Furthermore, the plugin uses SQL queries, with a substantial portion not utilizing prepared statements, increasing the risk of SQL injection. The taint analysis identified a high-severity flow with unsanitized paths, indicating a potential for more serious vulnerabilities than initially apparent.

Overall, despite the absence of known CVEs, the identified coding practices, particularly the unprotected AJAX handler and pervasive lack of output escaping, present a moderate to high security risk. The potential for XSS and SQL injection, combined with the unprotected entry point, significantly outweighs the positive of no prior vulnerabilities. Users should exercise caution and consider these risks before implementing this plugin.

Key Concerns

AJAX handler without auth checks
All outputs unescaped
SQL queries not using prepared statements
High severity taint flow
No nonce checks
No capability checks

Vulnerabilities

None known

w2pe Beaver Slider Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

w2pe Beaver Slider Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

25% prepared8 total queries

Output Escaping

0% escaped39 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

<bslider_setting> (bslider_setting.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

w2pe Beaver Slider Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 1

authwp_ajax_bslider_effectindex.php:125

Shortcodes 1

[w2pe_bSlider] index.php:121

WordPress Hooks 3

actionadmin_footerbslider_effect.php:72

actionadmin_noticesindex.php:74

actionadmin_menuindex.php:78

Maintenance & Trust

w2pe Beaver Slider Maintenance & Trust

Maintenance Signals

WordPress version tested3.7.41

Last updatedMar 8, 2014

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings7

Active installs10

Alternatives

w2pe Beaver Slider Alternatives

Smart Slider 3

smart-slider-3

Responsive slider plugin to create sliders in visual editor easily. Build beautiful image slider, layer slider, video slider, post slider, and more.

800K 8 CVEs

Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider

ml-slider

Slider, gallery, carousel plugin for WordPress. Build your image slider, video slider, post slider, YouTube slider, or WooCommerce product slider.

500K 12 CVEs

Prime Slider – Addons for Elementor

bdthemes-prime-slider-lite

Create responsive sliders using Elementor for hero sections, posts, logos, images, products, testimonials, and more.

100K 15 CVEs

Master Slider – Responsive Touch Slider

master-slider

Build SEO friendly sliders fast and easy with touch swipe navigation that works smoothly across all devices.

60K 3 unpatched

Ultimate Responsive Image Slider

ultimate-responsive-image-slider

100

Create stunning responsive sliders in minutes. Drag-and-drop builder, unlimited sliders, mobile-friendly & SEO optimized!

30K 1 CVE

Developer Profile

w2pe Beaver Slider Developer Profile

wppluginexpert

2 plugins · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect w2pe Beaver Slider

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/w2pe-beaverslider/css/bslider_css.css/wp-content/plugins/w2pe-beaverslider/css/admin_css.css

Script Paths

http://beaverslider.com/code/current/beaverslider.jshttp://beaverslider.com/code/current/beaverslider-effects.js

HTML / DOM Fingerprints

Shortcode Output

[w2pe_bSlider]

FAQ