Does Shortcodes have any unpatched vulnerabilities?

No. All known vulnerabilities in Shortcodes have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Shortcodes compatible with WordPress 4.8.28?

According to WordPress.org data, Shortcodes 1.0.4 has been tested up to WordPress 4.8.28. Check the plugin's changelog for the latest compatibility information.

How often is Shortcodes updated?

Shortcodes was last updated on Oct 5, 2017. Frequent updates are generally a positive security signal.

What is Shortcodes's security score?

Shortcodes has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Shortcodes Security & Risk Analysis

wordpress.org/plugins/bkc-wp-shortcodes

Shortcodes plugin will helps to get option, post meta and other core data using shortcode.

10 active installs v1.0.4 PHP + WP 3+ Updated Oct 5, 2017

meta-shortcodeoption-shortcodewordpress-shortcodeswp-shortcodes

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Shortcodes Safe to Use in 2026?

Generally Safe

Score 85/100

Shortcodes has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "bkc-wp-shortcodes" v1.0.4 plugin exhibits a strong security posture based on the provided static analysis. There are no detected dangerous functions, file operations, or external HTTP requests, and all SQL queries utilize prepared statements, which is excellent. Furthermore, all identified outputs are properly escaped, and the plugin has a clean vulnerability history with no known CVEs. This indicates diligent development practices and a commitment to security from the developers.

While the overall security is good, there are a few areas that present minor concerns. The absence of nonce checks and capability checks, coupled with the presence of four shortcodes as potential entry points with no explicit authentication checks mentioned, could theoretically introduce vulnerabilities if the shortcodes themselves handle user-supplied data in an insecure manner. However, the taint analysis shows no unsanitized paths, which mitigates this risk significantly for the current version. The lack of detected taint flows is a positive sign, but it's important to remember that taint analysis is not foolproof and can miss certain types of vulnerabilities.

In conclusion, "bkc-wp-shortcodes" v1.0.4 appears to be a secure plugin. Its strengths lie in its robust handling of database interactions and output escaping, alongside a spotless vulnerability record. The minor potential weaknesses are largely theoretical given the lack of positive findings in taint analysis. Developers should continue to be mindful of input validation and authorization, especially as new features are added or data handling becomes more complex.

Key Concerns

Shortcodes without explicit auth checks
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Shortcodes Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Shortcodes Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped1 total outputs

Attack Surface

Shortcodes Attack Surface

Entry Points4

Unprotected0

Shortcodes 4

[wp_get_option] classes\class-bkc-wp-shortcodes.php:66

[wp_get_network_option] classes\class-bkc-wp-shortcodes.php:67

[wp_get_post_meta] classes\class-bkc-wp-shortcodes.php:68

[wp_get_metadata] classes\class-bkc-wp-shortcodes.php:69

WordPress Hooks 2

actionadmin_menuclasses\class-bkc-wp-shortcodes-admin.php:65

actionadmin_headclasses\class-bkc-wp-shortcodes-admin.php:66

Maintenance & Trust

Shortcodes Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28

Last updatedOct 5, 2017

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Shortcodes Alternatives

WP Foundation Shortcodes

wp-foundation-shortcodes

WP Foundation Shortcodes Plugin makes your ZURB Foundation website to the most powerful framework by styling your content with shortcodes

100 No CVEs

FOUNDATION LIVE SHORTCODES

foundation-live-shortcodes

Add to your content the elements of Zurb Foundation Framework. This plugin is compatible with all themes.

10 No CVEs

Effortless Shortcode Insertion

effortless-shortcode-insertion

100

Easily manage and insert custom shortcodes in WordPress to display dynamic content.

0 No CVEs

UT WordPress Shortcodes

ut-wordpress-shortcodes

Plugin to create useful shortcodes for easy site management.

0 No CVEs

Developer Profile

Shortcodes Developer Profile

Dinesh Chouhan

2 plugins · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Shortcodes

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bkc-wp-shortcodes/bkc-wp-shortcodes.php

Version Parameters

bkc-wp-shortcodes/bkc-wp-shortcodes.php?ver=bkc-wp-shortcodes/classes/class-bkc-wp-shortcodes-loader.php?ver=

HTML / DOM Fingerprints

Shortcode Output

[wp_get_option[wp_get_network_option[wp_get_post_meta[wp_get_metadata

FAQ