Does Wp Text Slider Widget have any unpatched vulnerabilities?

Yes — Wp Text Slider Widget currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Wp Text Slider Widget compatible with WordPress 4.6.30?

According to WordPress.org data, Wp Text Slider Widget 1.0 has been tested up to WordPress 4.6.30. Check the plugin's changelog for the latest compatibility information.

How often is Wp Text Slider Widget updated?

Wp Text Slider Widget was last updated on Sep 21, 2016. Frequent updates are generally a positive security signal.

What is Wp Text Slider Widget's security score?

Wp Text Slider Widget has a WP-Safety security score of 63/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Wp Text Slider Widget Security & Risk Analysis

wordpress.org/plugins/wp-text-slider-widget

Easy to use text slider widget.

70 active installs v1.0 PHP + WP 4.1+ Updated Sep 21, 2016

simple-text-slidertext-slidertext-slider-widgettext-widget

C · Use Caution

CVEs total1

Unpatched1

Last CVEDec 25, 2025

Plugin page Download

Safety Verdict

Is Wp Text Slider Widget Safe to Use in 2026?

Use With Caution

Score 63/100

Wp Text Slider Widget has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Dec 25, 2025Updated 9yr ago

Risk Assessment

The wp-text-slider-widget plugin version 1.0 exhibits a mixed security posture. While it boasts no dangerous function usage, raw SQL queries, or file operations, significant concerns arise from its attack surface and output escaping. The presence of an unprotected AJAX handler represents a direct entry point for attackers, increasing the risk of various exploits. Furthermore, only one-third of output is properly escaped, leaving the plugin susceptible to Cross-Site Scripting (XSS) vulnerabilities, a pattern confirmed by its vulnerability history.

The plugin's vulnerability history, specifically a medium severity XSS vulnerability last patched in December 2025, is a critical red flag. This suggests a recurring issue with input sanitization and output escaping, which the static analysis confirms. While the absence of taint analysis results is noted, the presence of an unprotected AJAX handler and poor output escaping strongly implies potential for unsanitized data to reach users. The plugin demonstrates a weakness in fundamental security practices, particularly concerning user input handling and output sanitization, despite some positive coding practices in other areas.

Key Concerns

Unprotected AJAX handler found
Low output escaping rate (33%)
Unpatched CVE (medium severity XSS)
Missing nonce checks on AJAX

Vulnerabilities

Wp Text Slider Widget Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-68868medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Text Slider Widget <= 1.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting

Dec 25, 2025Unpatched

Code Analysis

Analyzed Mar 16, 2026

Wp Text Slider Widget Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

33% escaped3 total outputs

Attack Surface

1 unprotected

Wp Text Slider Widget Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_ca_save_slider_textadmin\wp-text-slider-admin-page.php:6

WordPress Hooks 4

actionadmin_menuadmin\wp-text-slider-admin-page.php:5

actionwp_enqueue_scriptswp-text-slider.php:18

actionwp_enqueue_scriptswp-text-slider.php:19

actionwidgets_initwp-text-slider.php:49

Maintenance & Trust

Wp Text Slider Widget Maintenance & Trust

Maintenance Signals

WordPress version tested4.6.30

Last updatedSep 21, 2016

PHP min version

Downloads4K

Community Trust

Rating70/100

Number of ratings2

Active installs70

Alternatives

Wp Text Slider Widget Alternatives

Marquee Running Text

marquee-running-text

100

Display eye-catching running text in your site's header effortlessly with the Marquee Running Text plugin.

5K No CVEs

Classic Text Widget

classic-text-widget

The classic pre-WordPress version 4.8 text widget

2K No CVEs

Slider Block by Sliderberg – Slider & Carousel Plugin for Gutenberg

sliderberg

100

Slider & Carousel Block For the Block Editor (Gutenberg). Create Beautiful Sliders and Carousels With Ease.

800 No CVEs

Gabfire Widget Pack

gabfire-widget-pack

The Gabfire Widget Pack contains over a dozen useful widgets to extend your WordPress site. It is a free plugin that will work with ANY theme.

700 No CVEs

Slider Text Scroll

slider-text-scroll

Easy to add Slider Text Scroll via shortcode [sts] for every WordPress theme. Slider Text Scroll plugin will help you to enable Slider Text Scroll is …

300 No CVEs

Developer Profile

Wp Text Slider Widget Developer Profile

codeaffairs

1 plugin · 70 total installs

trust score

Avg Security Score

63/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Wp Text Slider Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-text-slider-widget/js/wp-text-slider-widget.js/wp-content/plugins/wp-text-slider-widget/css/style.css

Script Paths

/wp-content/plugins/wp-text-slider-widget/js/wp-text-slider-widget.js

Version Parameters

wp-text-slider-widget/css/style.css?ver=wp-text-slider-widget/js/wp-text-slider-widget.js?ver=

HTML / DOM Fingerprints

Shortcode Output

<div id="ca-wp-text"><div>

FAQ