PLUGIN SECURITY
Is Simple Lightbox safe?
Known vulnerabilities, PHP compatibility and safer alternatives for the Simple Lightbox WordPress plugin — checked against WP Clinic's local security database.
Plugin details
- Slug:
simple-lightbox - Requires PHP: 5.6.20+
- Max supported PHP (analyzed): <8.0
Known vulnerabilities
- Simple Lightbox [simple-lightbox] < 2.9.4 [Simple Lightbox < 2.9.4 - Contributor+ Stored XSS, WordPress Simple Lightbox Plugin < 2.9.4 is vulnerable to Cross Site Scripting (XSS), EUVD-2025-15412, Simple Lightbox <= 2.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting]
Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.
Safer / more established alternatives
- Smart Slider 3 — 800000+ active installs — max PHP <8.0
- Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider — 500000+ active installs — max PHP 8.4
- Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery — 400000+ active installs — max PHP 8.4
- Firelight Lightbox — 200000+ active installs — max PHP 8.4
- Imsanity — 200000+ active installs — max PHP 8.4
Check your own WordPress site
Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.