Does All Related Posts have any unpatched vulnerabilities?

No. All known vulnerabilities in All Related Posts have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is All Related Posts compatible with WordPress 4.3.34?

According to WordPress.org data, All Related Posts 1.0.4 has been tested up to WordPress 4.3.34. Check the plugin's changelog for the latest compatibility information.

How often is All Related Posts updated?

All Related Posts was last updated on Aug 11, 2015. Frequent updates are generally a positive security signal.

What is All Related Posts's security score?

All Related Posts has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

All Related Posts Security & Risk Analysis

wordpress.org/plugins/all-related-posts

Displays some related / relevant posts based on search engine terms, current post and previously viewed posts.

50 active installs v1.0.4 PHP + WP 4.0+ Updated Aug 11, 2015

aolaskbinggoogleyahoo

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is All Related Posts Safe to Use in 2026?

Generally Safe

Score 85/100

All Related Posts has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The 'all-related-posts' v1.0.4 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by avoiding dangerous functions, file operations, and external HTTP requests. All identified SQL queries are properly prepared, and there is no recorded vulnerability history, suggesting a generally stable and secure codebase over time. However, several significant concerns arise from the static analysis. The plugin has a very low rate of output escaping (3%), indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities. Furthermore, the taint analysis revealed two flows with unsanitized paths, which could potentially lead to security issues if these paths are exposed or manipulated. The complete absence of nonce and capability checks across all entry points is also a critical weakness, leaving any potential functionality exposed to unauthorized actions or data manipulation.

Key Concerns

Unescaped output rate is critically low (3%)
Taint analysis shows unsanitized paths
No nonce checks found
No capability checks found

Vulnerabilities

None known

All Related Posts Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

All Related Posts Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared3 total queries

Output Escaping

3% escaped36 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

form (all-related-posts.php:84)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

All Related Posts Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actionwidgets_initall-related-posts.php:19

actionsend_headersall-related-posts.php:41

filterplugin_row_metaall-related-posts.php:445

Maintenance & Trust

All Related Posts Maintenance & Trust

Maintenance Signals

WordPress version tested4.3.34

Last updatedAug 11, 2015

PHP min version

Downloads19K

Community Trust

Rating0/100

Number of ratings0

Active installs50

Alternatives

All Related Posts Alternatives

ClaimIt Webmaster Tools

claimit

Simple plugin to claim your website on webmaster tools like in Google, Bing, Yandex, etc.

60 No CVEs

SW Video SiteMap

salesworks-media-sitemap

This plugin generates a video sitemap of posts in a given category. Use the settings to identify which categories, what custom fields contain your vi …

10 No CVEs