BD Buttons Security & Risk Analysis
wordpress.org/plugins/bd-buttonsBD Buttons was developed to empower the every day person to be able to buttonize any link with an attention grabbing design.
Is BD Buttons Safe to Use in 2026?
Generally Safe
Score 85/100BD Buttons has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The bd-buttons plugin exhibits a mixed security posture. On the positive side, it has a very small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events. This significantly limits potential entry points for attackers. Furthermore, the plugin has no recorded vulnerability history, which suggests it has been relatively secure in the past. The static analysis also shows no critical or high severity taint flows, and a good percentage of output is properly escaped.
However, significant concerns arise from the SQL query handling and the lack of essential security checks. All SQL queries are executed without prepared statements, posing a substantial risk of SQL injection vulnerabilities. Additionally, there are no nonce checks or capability checks implemented, meaning that any functionality exposed through potential future entry points would be unprotected. While the current attack surface is zero, the absence of these fundamental security measures is a serious weakness that could be exploited if new entry points are added or discovered. The file operations without clear context also warrant caution.
In conclusion, while the plugin currently presents a low risk due to its limited attack surface and clean vulnerability history, the lack of prepared statements for SQL queries and the complete absence of nonce and capability checks represent critical security oversights. These are fundamental security practices that should be addressed to prevent future vulnerabilities, especially if the plugin evolves to include more functionality or entry points.
Key Concerns
- All SQL queries are not using prepared statements
- No nonce checks implemented
- No capability checks implemented
- File operations present without clear context
BD Buttons Security Vulnerabilities
BD Buttons Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
BD Buttons Attack Surface
WordPress Hooks 8
Maintenance & Trust
BD Buttons Maintenance & Trust
Maintenance Signals
Community Trust
BD Buttons Alternatives
Broken Link Checker
broken-link-checker
Broken Link Checker helps you catch broken links & images fast, before they hurt your SEO or UX. Scan and bulk-fix issues from one easy dashboard.
Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links
broken-link-checker-seo
Broken Link Checker by AIOSEO ensures all links on your website are working. Check your site for broken links and easily fix them to improve SEO.
PrettyLinks – Affiliate Links, Link Branding, Link Tracking, Marketing and Stripe Payments Plugin
pretty-link
🌠 The best WordPress link management, branding, tracking, sharing and payments plugin. Easily make pretty & trackable shortlinks. 🔗
LuckyWP Table of Contents
luckywp-table-of-contents
Creates SEO-friendly table of contents for your posts/pages. Works automatically or manually (via shortcode, Gutenberg block or widget).
Nginx Helper
nginx-helper
Cleans nginx's fastcgi/proxy cache or redis-cache whenever a post is edited/published. Also does a few more things.
BD Buttons Developer Profile
3 plugins · 40 total installs
How We Detect BD Buttons
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/bd-buttons/includes/_CSS-bearlydoug.css/wp-content/plugins/bd-buttons/includes/_CSS-bdButtons.css/wp-content/plugins/bd-buttons/includes/_CSS-minicolors.css/wp-content/plugins/bd-buttons/includes/_JS-minicolors.js/wp-content/plugins/bd-buttons/includes/_JS-minicolors.jsHTML / DOM Fingerprints
bdp_