Does After Content have any unpatched vulnerabilities?

No. All known vulnerabilities in After Content have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is After Content compatible with WordPress 3.7.41?

According to WordPress.org data, After Content 1.5 has been tested up to WordPress 3.7.41. Check the plugin's changelog for the latest compatibility information.

How often is After Content updated?

After Content was last updated on Mar 7, 2014. Frequent updates are generally a positive security signal.

What is After Content's security score?

After Content has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

After Content Security & Risk Analysis

wordpress.org/plugins/after-content

Adds post pagination, related content, author info, social sharing buttons, post meta, text, image and banner after posts content.

10 active installs v1.5 PHP + WP 3.0+ Updated Mar 7, 2014

author-biographyauthor-infopost-metapost-paginationrelated-content

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is After Content Safe to Use in 2026?

Generally Safe

Score 85/100

After Content has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The "after-content" plugin v1.5 exhibits a generally strong security posture with no known historical vulnerabilities. The static analysis reveals a limited attack surface, with only one AJAX handler identified and no REST API routes, shortcodes, or cron events that appear to be publicly accessible or unprotected. The plugin demonstrates good practices by utilizing nonces and capability checks on its entry points, and a majority of its SQL queries use prepared statements.

However, there are several areas of concern. The taint analysis indicates "flows with unsanitized paths," which, while not classified as critical or high severity in this instance, points to a potential for path traversal vulnerabilities if not properly handled. Furthermore, the plugin has a significantly low rate of proper output escaping (only 12%), which is a major red flag. This means that user-supplied data displayed on the frontend could be vulnerable to Cross-Site Scripting (XSS) attacks.

While the vulnerability history is clean, the code analysis reveals weaknesses that, if exploited, could lead to security issues. The low rate of output escaping, in particular, represents a substantial risk that needs immediate attention. In conclusion, the plugin has strengths in its limited attack surface and use of basic security checks, but the significant lack of output escaping and the presence of unsanitized paths are considerable weaknesses that lower its overall security score.

Key Concerns

Low output escaping rate
Unsanitized paths in taint flows

Vulnerabilities

None known

After Content Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

After Content Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

328

44 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

67% prepared3 total queries

Output Escaping

12% escaped372 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

6 flows4 with unsanitized paths

_admin_notices (ReduxFramework\ReduxCore\framework.php:468)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

After Content Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_redux_allow_trackingReduxFramework\ReduxCore\inc\tracking.php:267

WordPress Hooks 27

filterthe_contentafter-content.php:59

actionwp_enqueue_scriptsafter-content.php:95

actionwp_enqueue_scriptsafter-content.php:102

actionwp_enqueue_scriptsafter-content.php:109

actionwp_enqueue_scriptsafter-content.php:116

actionwp_enqueue_scriptsafter-content.php:125

actionwp_enqueue_scriptsafter-content.php:131

actionwp_enqueue_scriptsafter-content.php:138

actionplugins_loadedinc\plugin-options.php:20

filteruser_contactmethodsinc\social-profiles.php:25

actionadmin_enqueue_scriptsReduxFramework\ReduxCore\extensions\customizer\extension_customizer.php:85

actioncustomize_registerReduxFramework\ReduxCore\extensions\customizer\extension_customizer.php:87

actionload_textdomainReduxFramework\ReduxCore\extensions\customizer\extension_customizer.php:93

actionadmin_menuReduxFramework\ReduxCore\framework.php:420

actionadmin_bar_menuReduxFramework\ReduxCore\framework.php:423

actionadmin_initReduxFramework\ReduxCore\framework.php:426

actionadmin_noticesReduxFramework\ReduxCore\framework.php:429

actionadmin_initReduxFramework\ReduxCore\framework.php:432

actionadmin_enqueue_scriptsReduxFramework\ReduxCore\framework.php:436

actionwp_headReduxFramework\ReduxCore\framework.php:440

actionadmin_headReduxFramework\ReduxCore\framework.php:1780

filteradmin_footer_textReduxFramework\ReduxCore\framework.php:1783

filterredux/font-iconsReduxFramework\ReduxCore\inc\fields\select\elusive-icons.php:309

actionadmin_enqueue_scriptsReduxFramework\ReduxCore\inc\tracking.php:34

actionredux_trackingReduxFramework\ReduxCore\inc\tracking.php:42

actionadmin_print_footer_scriptsReduxFramework\ReduxCore\inc\tracking.php:53

filterredux/tracking/optionsReduxFramework\ReduxCore\inc\tracking.php:247

Scheduled Events 1

redux_tracking

Maintenance & Trust

After Content Maintenance & Trust

Maintenance Signals

WordPress version tested3.7.41

Last updatedMar 7, 2014

PHP min version

Downloads3K

Community Trust

Rating20/100

Number of ratings1

Active installs10

Alternatives

After Content Alternatives

Pure Metafields

pure-metafields

100

Pure Metafields is very light weight plugin tused to create custom metabox for any post type like page, post and your custom post type support it.

10K No CVEs

Advanced Query Loop

advanced-query-loop

100

Transform your Query Loop blocks into powerful, flexible content engines! 🚀

5K No CVEs

Post Meta Inspector

post-meta-inspector

Peer inside your post meta

3K No CVEs

Post Meta Data Manager

post-meta-data-manager

View, edit, search, and manage post meta, user meta, and taxonomy meta directly from WordPress edit screens—no database access needed.

1K 1 unpatched

Developer Profile

After Content Developer Profile

laura20

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect After Content

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/after-content/after-content.css

Script Paths

/wp-content/plugins/after-content/js/facebook.js/wp-content/plugins/after-content/js/twitter.js/wp-content/plugins/after-content/js/google-plus.js

Version Parameters

after-content.css?ver=1.5

HTML / DOM Fingerprints

FAQ