Does All Districts News have any unpatched vulnerabilities?

No. All known vulnerabilities in All Districts News have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is All Districts News compatible with WordPress 4.7.32?

According to WordPress.org data, All Districts News 2.0 has been tested up to WordPress 4.7.32. Check the plugin's changelog for the latest compatibility information.

How often is All Districts News updated?

All Districts News was last updated on Aug 14, 2015. Frequent updates are generally a positive security signal.

What is All Districts News's security score?

All Districts News has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

All Districts News Security & Risk Analysis

wordpress.org/plugins/all-districts-news

All Districts News wordpress plugin.

20 active installs v2.0 PHP + WP 3.0.1+ Updated Aug 14, 2015

bangladeshcategory-widgetdistrictsnews

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is All Districts News Safe to Use in 2026?

Generally Safe

Score 85/100

All Districts News has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The "all-districts-news" v2.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates strong adherence to secure coding practices by exclusively utilizing prepared statements for SQL queries and reporting no dangerous functions, file operations, or external HTTP requests. Furthermore, the plugin has no recorded vulnerability history, suggesting a generally stable and secure past.

However, significant concerns arise from the static analysis. The complete lack of output escaping for all identified output points presents a serious risk of Cross-Site Scripting (XSS) vulnerabilities. Additionally, the absence of nonce and capability checks on its single shortcode entry point, despite no direct AJAX or REST API endpoints being reported, still leaves a potential avenue for unauthorized actions if the shortcode's functionality is sensitive. The lack of taint analysis flow data is also a negative indicator, as it prevents a thorough assessment of how user-supplied data might be mishandled.

In conclusion, while the plugin has a clean vulnerability history and avoids common SQL injection pitfalls, the critical oversight in output escaping and the potential for an unprotected shortcode entry point significantly elevate its risk profile. These issues require immediate attention to prevent potential security breaches.

Key Concerns

All outputs are unescaped
Shortcode lacks nonce/capability checks
No taint analysis data provided

Vulnerabilities

None known

All Districts News Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

All Districts News Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped7 total outputs

Attack Surface

All Districts News Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[alldistrictsnews] index.php:229

WordPress Hooks 2

actionwidgets_initindex.php:25

actionadmin_menuindex.php:167

Maintenance & Trust

All Districts News Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32

Last updatedAug 14, 2015

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings1

Active installs20

Alternatives

All Districts News Alternatives

Deshi News Aggregator

deshi-news-aggregator

Display news from prominent Bangladeshi newspaper (Prothom-Alo) in your wordpress site's widget

0 No CVEs

XML Sitemap Generator for Google

google-sitemap-generator

Generate multiple types of sitemaps to improve SEO and get your website indexed quickly.

1.0M 3 CVEs

Hostinger Reach – AI-Powered Email Marketing for WordPress

hostinger-reach

100

Launch and grow your email marketing effortlessly with Hostinger Reach. Collect contacts, sync subscribers, and send emails – all in one, AI powered.

1.0M No CVEs

MC4WP: Mailchimp for WordPress

mailchimp-for-wp

The #1 Mailchimp plugin for WordPress. Allows you to add a multitude of newsletter sign-up methods to your site.

1.0M 11 CVEs

MailPoet – Newsletters, Email Marketing, and Automation

mailpoet

Send beautiful newsletters from WordPress. Collect subscribers with signup forms, automate your emails for WooCommerce, blog post notifications & more

500K 3 CVEs

Developer Profile

All Districts News Developer Profile

Emran Hossen

3 plugins · 100 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect All Districts News

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/all-districts-news/menu-pages/images/icon.png

HTML / DOM Fingerprints

CSS Classes

domain-breadcrumb-menu

Data Attributes

id='states'id='cities'

JS Globals

var Dhaka=var Chittagong=var Khulna=var Rajshahi=var Barisal=var Sylhet=+3 more

Shortcode Output

<div class="domain-breadcrumb-menu"><select id='states' onchange='stateChanged(this.value);'><select id='cities' onchange='cityChanged(this.value);'>সকল জেলার সংবাদ

FAQ