Does Wp anything slider have any unpatched vulnerabilities?

No. All known vulnerabilities in Wp anything slider have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Wp anything slider compatible with WordPress 6.4.8?

According to WordPress.org data, Wp anything slider 9.2 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

How often is Wp anything slider updated?

Wp anything slider was last updated on Oct 29, 2023. Frequent updates are generally a positive security signal.

What is Wp anything slider's security score?

Wp anything slider has a WP-Safety security score of 84/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Wp anything slider Security & Risk Analysis

wordpress.org/plugins/wp-anything-slider

Wp anything slider plugin let you to create the sliding slideshow into your posts & pages. In admin we have Tiny MCE editor to add the content.

200 active installs v9.2 PHP + WP 3.4+ Updated Oct 29, 2023

anythingslider

B · Generally Safe

CVEs total1

Unpatched0

Last CVEOct 30, 2023

Plugin page Download

Safety Verdict

Is Wp anything slider Safe to Use in 2026?

Mostly Safe

Score 84/100

Wp anything slider is generally safe to use though it hasn't been updated recently. 1 past CVE were resolved. Keep it updated.

1 known CVELast CVE: Oct 30, 2023Updated 2yr ago

Risk Assessment

The "wp-anything-slider" v9.2 plugin exhibits a generally positive security posture with several good practices in place. Notably, the plugin demonstrates strong adherence to secure coding standards by utilizing prepared statements for a vast majority (94%) of its SQL queries, significantly mitigating the risk of SQL injection. The absence of file operations and external HTTP requests further reduces potential attack vectors. The static analysis also shows a limited attack surface with only one shortcode and no unprotected AJAX handlers or REST API routes. The presence of nonce and capability checks, while present, is not universally applied across all entry points, which could be a concern if sensitive actions are performed without adequate authorization.

However, there are areas that warrant attention. The output escaping is only properly implemented 60% of the time, which, while not critical, could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is displayed without proper sanitization. The plugin's vulnerability history reveals one high-severity CVE related to SQL injection, which was patched. The fact that a high-severity SQL injection vulnerability existed, even if patched, suggests a potential for similar issues to arise if security practices are not consistently maintained. While the current version has no unpatched CVEs and a limited number of dangerous functions, the past high-severity vulnerability should be considered a cautionary indicator.

In conclusion, "wp-anything-slider" v9.2 is a reasonably secure plugin with a strong foundation in preventing common web vulnerabilities, particularly SQL injection. The proactive use of prepared statements and the absence of critical taint flows are commendable. Nevertheless, the moderate output escaping and the historical presence of a high-severity vulnerability indicate that ongoing vigilance and comprehensive security testing are essential. Developers should ensure all output is properly escaped and continue to implement robust authorization checks for all entry points.

Key Concerns

Unpatched CVE: 0
High severity CVE in history
Output escaping: 60% proper
Capability checks: 0

Vulnerabilities

Wp anything slider Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

Patched Has unpatched

Severity Breakdown

High

1 total CVE

CVE-2023-5466high · 8.8Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Wp anything slider <= 9.1 - Authenticated (Subscriber+) SQL Injection via Shortcode

Oct 30, 2023 Patched in 9.2 (85d)

Code Analysis

Analyzed Mar 16, 2026

Wp anything slider Code Analysis

Dangerous Functions

Raw SQL Queries

34 prepared

Unescaped Output

27 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

94% prepared36 total queries

Output Escaping

60% escaped45 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

<content-show> (pages\content-show.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Wp anything slider Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[wp-anything-slider] wp-anything-slider.php:216

WordPress Hooks 6

filteradmin_headpages\content-add.php:77

filteradmin_headpages\content-edit.php:98

actionplugins_loadedwp-anything-slider.php:215

actionadmin_menuwp-anything-slider.php:217

actionwp_enqueue_scriptswp-anything-slider.php:218

actionadmin_enqueue_scriptswp-anything-slider.php:221

Maintenance & Trust

Wp anything slider Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedOct 29, 2023

PHP min version

Downloads42K

Community Trust

Rating74/100

Number of ratings7

Active installs200

Alternatives

Wp anything slider Alternatives

Smart Slider 3

smart-slider-3

Responsive slider plugin to create sliders in visual editor easily. Build beautiful image slider, layer slider, video slider, post slider, and more.

800K 8 CVEs

Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider

ml-slider

Slider, gallery, carousel plugin for WordPress. Build your image slider, video slider, post slider, YouTube slider, or WooCommerce product slider.

500K 12 CVEs

SiteOrigin Widgets Bundle

so-widgets-bundle

Essential elements for modern websites. Add buttons, sliders, heroes, maps, images, carousels, features, icons, more. Create dynamic pages easily.

400K 11 CVEs

Prime Slider – Addons for Elementor

bdthemes-prime-slider-lite

Create responsive sliders using Elementor for hero sections, posts, logos, images, products, testimonials, and more.

100K 15 CVEs

The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid

the-post-grid

Display WordPress posts in beautiful grid, list, slider, and filter layouts. Works with Gutenberg, Elementor, Divi, and Shortcodes.

100K 11 CVEs

Developer Profile

Wp anything slider Developer Profile

gopi_plus

8 plugins · 1K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

1046 days

View full developer profile

Detection Fingerprints

How We Detect Wp anything slider

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-anything-slider/wp-anything-slider.css

Script Paths

/wp-content/plugins/wp-anything-slider/js/jquery.cycle.all.latest.js/wp-content/plugins/wp-anything-slider/pages/setting.js

Version Parameters

wp-anything-slider/wp-anything-slider.css?ver=wp-anything-slider/js/jquery.cycle.all.latest.js?ver=wp-anything-slider/pages/setting.js?ver=

HTML / DOM Fingerprints

CSS Classes

WP-ANYTHING-

JS Globals

WP_wpanything_PLUGIN_URL

Shortcode Output

<div id="WP-ANYTHING-<div id="anything">

FAQ