WP-Safety

Feeds for TikTok – Display Video Feeds in Grid Layouts Security & Risk Analysis

wordpress.org/plugins/b-tiktok-feed

Embed Tiktok feed in your website

1K active installs v1.0.25 PHP 7.1+ WP 6.5+ Updated Jan 18, 2026
blockfeedtiktoktiktok-gallerytiktok-plugin
98
A · Safe
CVEs total2
Unpatched0
Last CVEDec 2, 2025
Download
Safety Verdict

Is Feeds for TikTok – Display Video Feeds in Grid Layouts Safe to Use in 2026?

Generally Safe

Score 98/100

Feeds for TikTok – Display Video Feeds in Grid Layouts has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Dec 2, 2025Updated 2mo ago
Risk Assessment

The b-tiktok-feed plugin v1.0.25 demonstrates a generally good security posture with several positive indicators. The code analysis reveals no critical or high-severity issues in taint flows, and the plugin uses prepared statements for all SQL queries. A high percentage of output is properly escaped, and crucial security mechanisms like nonce and capability checks are present. However, the presence of 5 external HTTP requests without clear sanitization or authentication context in the static analysis is a point of concern, as these could potentially be leveraged for various attacks if not handled securely.

The vulnerability history, while showing no currently unpatched CVEs, indicates a pattern of past medium-severity vulnerabilities, specifically related to missing authorization. The fact that there have been two such historical vulnerabilities suggests a potential recurring weakness in how authorization is handled, even though the current static analysis shows no unprotected entry points. This warrants careful consideration and ongoing vigilance.

In conclusion, while the plugin has implemented many security best practices, the past vulnerability trend and the presence of external HTTP requests require attention. The plugin is not inherently insecure, but the historical context and potential for unexamined external interactions suggest a moderate level of risk that could be mitigated with further scrutiny and potentially more robust input validation and authorization checks on external requests.

Key Concerns

  • Historical medium severity vulnerabilities exist
  • External HTTP requests present
Vulnerabilities
2

Feeds for TikTok – Display Video Feeds in Grid Layouts Security Vulnerabilities

CVEs by Year

2 CVEs in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

CVE-2025-66110medium · 5.3Missing Authorization

Tiktok Feed <= 1.0.23 - Missing Authorization

Dec 2, 2025 Patched in 1.0.24 (36d)
CVE-2025-54710medium · 4.3Missing Authorization

Tiktok Feed <= 1.0.21 - Missing Authorization

Aug 26, 2025 Patched in 1.0.22 (9d)
Code Analysis
Analyzed Mar 16, 2026

Feeds for TikTok – Display Video Feeds in Grid Layouts Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
60 escaped
Nonce Checks
6
Capability Checks
7
File Operations
0
External Requests
5
Bundled Libraries
1

Bundled Libraries

Freemius

Output Escaping

98% escaped61 total outputs
Data Flows
All sanitized

Data Flow Analysis

5 flows
fs_init (freemius-lite\inc\Base\FSActivate.php:68)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Feeds for TikTok – Display Video Feeds in Grid Layouts Attack Surface

Entry Points5
Unprotected0

AJAX Handlers 4

authwp_ajax_fs_initfreemius-lite\inc\Base\FSActivate.php:42
authwp_ajax_ttp_tiktok_videosincludes\api\TiktokAPI.php:35
noprivwp_ajax_ttp_tiktok_videosincludes\api\TiktokAPI.php:36
authwp_ajax_ttp_tiktok_clearincludes\api\TiktokAPI.php:38

Shortcodes 1

[ttp-tiktok-feed] includes\post-type\custom-post.php:10
WordPress Hooks 20
actionadmin_headfreemius-lite\inc\Base\FSActivate.php:29
actionadmin_enqueue_scriptsfreemius-lite\inc\Base\FSActivate.php:30
actionadmin_menufreemius-lite\inc\Base\FSActivate.php:33
actionadmin_footerfreemius-lite\inc\Base\FSActivate.php:38
actionadmin_footerfreemius-lite\inc\Base\FSActivate.php:39
actionadmin_noticesfreemius-lite\inc\Base\FSActivate.php:44
actioninitfreemius-lite\inc\Base\FS_Lite.php:29
actionadmin_enqueue_scriptsincludes\admin-menu.php:7
actionadmin_menuincludes\admin-menu.php:8
actionadmin_initincludes\api\TiktokAPI.php:32
actioninitincludes\api\TiktokAPI.php:33
actioninitincludes\post-type\custom-post.php:9
filtermanage_ttp-tiktok-feed_posts_columnsincludes\post-type\custom-post.php:11
actionmanage_ttp-tiktok-feed_posts_custom_columnincludes\post-type\custom-post.php:12
actionuse_block_editor_for_postincludes\post-type\custom-post.php:13
actionenqueue_block_assetsindex.php:77
actionadmin_enqueue_scriptsindex.php:78
actioninitindex.php:79
actionadmin_footerindex.php:80
actionwp_footerindex.php:81
Maintenance & Trust

Feeds for TikTok – Display Video Feeds in Grid Layouts Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 18, 2026
PHP min version7.1
Downloads42K

Community Trust

Rating74/100
Number of ratings3
Active installs1K
Alternatives

Feeds for TikTok – Display Video Feeds in Grid Layouts Alternatives

Custom Feed for TikTok – Social Post Feed Plugin for TikTok

Custom Feed for TikTok – Social Post Feed Plugin for TikTok

custom-feed-for-tiktok

A
100

Explore the power of Custom Feed for TikTok, the top-notch plugin for displaying your videos with user-friendly and up-to-date features

1K No CVEs
QuadLayers TikTok Feed

QuadLayers TikTok Feed

wp-tiktok-feed

B
78

Display beautiful and responsive galleries on your website from your TikTok feed account.

8K 1 unpatched
Feed for TikTok

Feed for TikTok

feed-for-tiktok

A
85

Displays the feed of any user on TikTok plus account information. Available for Elementor and shortcode.

200 No CVEs
My Social Feeds – Social Feeds Embedder Plugin for WordPress

My Social Feeds – Social Feeds Embedder Plugin for WordPress

my-social-feeds

A
100

Embed Instagram, TikTok, Pinterest, and Twitter feeds easily using Gutenberg blocks.

200 No CVEs
Gallery Feed for TikTok – Show TikTok Videos in Grid, Masonry, or Slideshow

Gallery Feed for TikTok – Show TikTok Videos in Grid, Masonry, or Slideshow

ws-tiktok-feed

A
100

Embed TikTok videos and feeds in WordPress. Show likes, views, comments, shares & user info with Grid, Blog, Masonry, or Slideshow layouts.

30 No CVEs
Developer Profile

Feeds for TikTok – Display Video Feeds in Grid Layouts Developer Profile

colorlibplugins

120 plugins · 738K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
140 days
View full developer profile
Detection Fingerprints

How We Detect Feeds for TikTok – Display Video Feeds in Grid Layouts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/b-tiktok-feed/assets/css/fancyapps.min.css/wp-content/plugins/b-tiktok-feed/assets/js/fancyapps.min.js/wp-content/plugins/b-tiktok-feed/assets/css/admin.css/wp-content/plugins/b-tiktok-feed/assets/js/admin.js
Version Parameters
b-tiktok-feed/assets/css/fancyapps.min.css?ver=b-tiktok-feed/assets/js/fancyapps.min.js?ver=b-tiktok-feed/assets/css/admin.css?ver=b-tiktok-feed/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
fs_notice_board
Data Attributes
data-noncedata-slugdatadata-notice
JS Globals
ttpDatattpPattersfs_lite
REST Endpoints
/wp-json/data/v1/accept-data/wp-json/wp/v2/posts
FAQ

Frequently Asked Questions about Feeds for TikTok – Display Video Feeds in Grid Layouts