Does Vertical Image Slider have any unpatched vulnerabilities?

No. All known vulnerabilities in Vertical Image Slider have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Vertical Image Slider compatible with WordPress 6.9.4?

According to WordPress.org data, Vertical Image Slider 1.2.19 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Vertical Image Slider updated?

Vertical Image Slider was last updated on Dec 4, 2025. Frequent updates are generally a positive security signal.

What is Vertical Image Slider's security score?

Vertical Image Slider has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Vertical Image Slider Security & Risk Analysis

wordpress.org/plugins/wp-vertical-image-slider

This is a beautiful responsive vertical image slider for wp blogs and sites. Admin can manage any number of images into the responsive vertical slider …

1K active installs v1.2.19 PHP + WP 3.5+ Updated Dec 4, 2025

wp-vertical-image-sliderwp-vertical-sliderwp-vertical-thumbnail-scrollerwp-vertical-vertical-image-sliders

A · Safe

CVEs total4

Unpatched0

Last CVEMay 9, 2023

Plugin page Download

Safety Verdict

Is Vertical Image Slider Safe to Use in 2026?

Generally Safe

Score 98/100

Vertical Image Slider has a strong security track record. Known vulnerabilities have been patched promptly.

4 known CVEsLast CVE: May 9, 2023Updated 4mo ago

Risk Assessment

The wp-vertical-image-slider plugin, version 1.2.19, presents a mixed security posture. While it demonstrates good practices by implementing nonce checks, capability checks, and largely using prepared statements for SQL queries, several areas raise concerns. The static analysis reveals a low percentage of properly escaped output, with only 18% meeting this standard. This significant gap, coupled with two identified flows with unsanitized paths, indicates a heightened risk of Cross-Site Scripting (XSS) vulnerabilities, especially given the plugin's history of XSS-related CVEs. Furthermore, the presence of file operations and an external HTTP request without further context on their sanitization or purpose warrants attention. The plugin's vulnerability history, with 4 known CVEs, including one high severity and three medium, primarily related to XSS and CSRF, suggests a pattern of insecure input handling and lack of robust output sanitization in the past. Although there are currently no unpatched CVEs, this history, combined with the static analysis findings, points to a plugin that, while having some security strengths, requires careful scrutiny regarding its handling of user-provided data and output rendering to prevent potential exploitation.

Key Concerns

Low output escaping percentage (18%)
Unsanitized paths identified in taint analysis
Vulnerability history of XSS and CSRF
Multiple file operations without context
External HTTP request without context

Vulnerabilities

Vertical Image Slider Security Vulnerabilities

CVEs by Year

2 CVEs in 2015

2015

2 CVEs in 2023

2023

Patched Has unpatched

Severity Breakdown

High

Medium

4 total CVEs

CVE-2023-24413medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

wordpress vertical image slider plugin <= 1.2.16 - Reflected Cross-Site Scripting

May 9, 2023 Patched in 1.2.17 (259d)

CVE-2023-2289medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

wordpress vertical image slider plugin <= 1.2.16 - Reflected Cross-Site Scripting

Apr 25, 2023 Patched in 1.2.17 (273d)

WF-966b43ea-dbd3-4f1e-b803-08027fff6f8f-wp-vertical-image-slidermedium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

wordpress vertical image slider plugin < 1.2 - Cross-Site Scripting

Sep 19, 2015 Patched in 1.2 (3048d)

WF-b7fe772a-542e-4c3e-b1cb-05cce3b2ec3f-wp-vertical-image-sliderhigh · 8.8Cross-Site Request Forgery (CSRF)

wordpress vertical image slider plugin < 1.2 - Cross-Site Request Forgery

Aug 2, 2015 Patched in 1.2 (3096d)

Code Analysis

Analyzed Mar 16, 2026

Vertical Image Slider Code Analysis

Dangerous Functions

Raw SQL Queries

12 prepared

Unescaped Output

216

49 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

92% prepared13 total queries

Output Escaping

18% escaped265 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths

wrthslider_slider_mass_upload_verticalslider (wp-vertical-images-thumbnail-slider.php:2766)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Vertical Image Slider Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 1

authwp_ajax_mass_upload_verticalsliderwp-vertical-images-thumbnail-slider.php:24

Shortcodes 1

[print_vertical_thumbnail_slider] wp-vertical-images-thumbnail-slider.php:18

WordPress Hooks 10

actionadmin_menuwp-vertical-images-thumbnail-slider.php:13

actionwp_enqueue_scriptswp-vertical-images-thumbnail-slider.php:17

filterwidget_textwp-vertical-images-thumbnail-slider.php:19

actionadmin_noticeswp-vertical-images-thumbnail-slider.php:20

filteruser_has_capwp-vertical-images-thumbnail-slider.php:21

actionplugins_loadedwp-vertical-images-thumbnail-slider.php:23

filtermap_meta_capwp-vertical-images-thumbnail-slider.php:29

filterwidget_text_contentwp-vertical-images-thumbnail-slider.php:2859

filterthe_contentwp-vertical-images-thumbnail-slider.php:2860

filterrender_blockwp-vertical-images-thumbnail-slider.php:2873

Maintenance & Trust

Vertical Image Slider Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 4, 2025

PHP min version

Downloads70K

Community Trust

Rating98/100

Number of ratings7

Active installs1K

Alternatives

Vertical Image Slider Alternatives

No alternatives data available yet.

Developer Profile

Vertical Image Slider Developer Profile

Nks

19 plugins · 23K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

350 days

View full developer profile

Detection Fingerprints

How We Detect Vertical Image Slider

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-vertical-image-slider/js/main.js/wp-content/plugins/wp-vertical-image-slider/css/slider.css

Script Paths

/wp-content/plugins/wp-vertical-image-slider/js/main.js

Version Parameters

wp-vertical-image-slider/js/main.js?ver=wp-vertical-image-slider/css/slider.css?ver=

HTML / DOM Fingerprints

CSS Classes

vts-slider-containervts-thumbnail-wrappervts-thumbnail-active

Data Attributes

data-slider-iddata-thumbnail-widthdata-thumbnail-heightdata-image-widthdata-image-heightdata-vertical-navigation

JS Globals

vts_slider_options

Shortcode Output

[print_vertical_thumbnail_slider

FAQ