Does Bloglovin Button have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Bloglovin Button compatible with WordPress 6.9.4?

According to WordPress.org data, Bloglovin Button 1.3.9 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Bloglovin Button updated?

Bloglovin Button was last updated on Dec 3, 2025. Frequent updates are generally a positive security signal.

What is Bloglovin Button's security score?

Bloglovin Button has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Bloglovin Button Security & Risk Analysis

wordpress.org/plugins/bloglovin-button

Easily add the Bloglovin' Button to your WordPress blog ...without having to touch any code!

800 active installs v1.3.9 PHP + WP 4.0+ Updated Dec 3, 2025

bloglovinbloglovin-buttonbloglovin-widgetsubscribewidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Bloglovin Button Safe to Use in 2026?

Generally Safe

Score 100/100

Bloglovin Button has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The "bloglovin-button" plugin v1.3.9 exhibits a generally positive security posture based on the provided static analysis. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests is a strong indication of good coding practices. Furthermore, the lack of any recorded vulnerabilities in its history suggests a history of responsible development or a limited scope of functionality that hasn't attracted exploitation. However, a significant concern arises from the low percentage of properly escaped output (41%). This leaves the plugin vulnerable to Cross-Site Scripting (XSS) attacks, as user-supplied data displayed on the frontend may not be adequately sanitized, potentially allowing malicious scripts to execute within the user's browser.

Key Concerns

Low output escaping (41%)
0 nonce checks
0 capability checks

Vulnerabilities

None known

Bloglovin Button Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Bloglovin Button Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

Bloglovin Button Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

15 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

41% escaped37 total outputs

Attack Surface

Bloglovin Button Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[bloglovin_button] bloglovin-button.php:190

WordPress Hooks 1

actionwidgets_initbloglovin-button.php:154

Maintenance & Trust

Bloglovin Button Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 3, 2025

PHP min version

Downloads55K

Community Trust

Rating0/100

Number of ratings0

Active installs800

Alternatives

Bloglovin Button Alternatives

Bloglovin Widget

bloglovin-widget

A Bloglovin' Widget for WordPress which automatically displays your total follower count.

10 No CVEs

JetWidgets For Elementor

jetwidgets-for-elementor

Addon for Elementor Page builder. It provides the set of widgets to create different kinds of content like pricing tables, posts lists, banners, etc.

10K 8 CVEs

WP Subscribe

wp-subscribe

WP Subscribe is a simple but powerful subscription plugin which supports MailChimp, Aweber and Feedburner.

8K 1 unpatched

Another Mailchimp Widget

another-mailchimp-widget

Simple Mailchimp subscription form to your lists and groups.

5K No CVEs

YouTube Subscribe widget

youtube-subscribe-widget

Add a widget to display YouTube subscribe box in the sidebar.

400 No CVEs

Developer Profile

Bloglovin Button Developer Profile

pipdig

10 plugins · 80K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

353 days

View full developer profile

Detection Fingerprints

How We Detect Bloglovin Button

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bloglovin-button/img/button_with_count.png/wp-content/plugins/bloglovin-button/img/button_no_count.png/wp-content/plugins/bloglovin-button/img/bloglovin-button-full.png

HTML / DOM Fingerprints

CSS Classes

blsdk-follow

Data Attributes

data-blsdk-counterdata-blsdk-type

Shortcode Output

[bloglovin_button]<a title="Follow on Bloglovin" class="blsdk-follow" href="

FAQ