Does BP Fan Page have any unpatched vulnerabilities?

No. All known vulnerabilities in BP Fan Page have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is BP Fan Page compatible with WordPress 6.6.5?

According to WordPress.org data, BP Fan Page 1.2.0 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

How often is BP Fan Page updated?

BP Fan Page was last updated on Jul 21, 2024. Frequent updates are generally a positive security signal.

What is BP Fan Page's security score?

BP Fan Page has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

BP Fan Page Security & Risk Analysis

wordpress.org/plugins/bp-fan-page

This plugin allows you to change any BuddyPress group into a fan page group, where only admins and moderators can post.

10 active installs v1.2.0 PHP + WP 5.6+ Updated Jul 21, 2024

buddypressfan-pagefan-page-groupgroupgroups

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is BP Fan Page Safe to Use in 2026?

Generally Safe

Score 92/100

BP Fan Page has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "bp-fan-page" v1.2.0 plugin exhibits a strong security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the potential attack surface. Furthermore, the code signals indicate responsible development practices with 100% of SQL queries using prepared statements and a high percentage of output escaping. The presence of capability checks, though only one, is also a positive sign.

While the static analysis shows no identified vulnerabilities, the lack of taint analysis data (0 flows analyzed) means that potential vulnerabilities in data handling might not have been detected. The complete absence of known CVEs in its vulnerability history is a significant strength, suggesting a history of secure development or a lack of targeting. However, the absence of any recorded vulnerabilities could also mean it hasn't been extensively tested or reviewed for security flaws.

Overall, this plugin appears to be well-developed from a security perspective, with a minimal attack surface and good use of security features. The primary area for potential concern, albeit not explicitly identified in the data, is the limited depth of the taint analysis performed. Nevertheless, based on the available information, the plugin is assessed as having a low risk profile.

Key Concerns

Lack of taint analysis data
Only one capability check found
80% output escaping (20% unescaped)

Vulnerabilities

None known

BP Fan Page Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

BP Fan Page Release Timeline

v1.2.0Current

v1.1.6

v1.1.5

v1.1.4

v1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.0.2

v1.0.1

v1.0.0

Code Analysis

Analyzed Mar 16, 2026

BP Fan Page Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

80% escaped5 total outputs

Attack Surface

BP Fan Page Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 11

actioninitbp-fan-page.php:38

filterbp_group_is_memberbp-fan-page.php:58

filterbp_get_group_statusbp-fan-page.php:76

filterbp_get_group_typebp-fan-page.php:91

actionbp_after_group_settings_adminbp-fan-page.php:107

actionbp_after_group_settings_creation_stepbp-fan-page.php:108

actiongroups_group_after_savebp-fan-page.php:151

actionbp_before_group_headerbp-fan-page.php:179

filterbbp_current_user_can_access_create_topic_formbp-fan-page.php:190

actionbp_groups_directory_group_filterbp-fan-page.php:259

filterbp_after_has_groups_parse_argsbp-fan-page.php:296

Maintenance & Trust

BP Fan Page Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedJul 21, 2024

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

BP Fan Page Alternatives

Registration Options for BuddyPress

bp-registration-options

Moderate new BuddyPress members and fight BuddyPress spam.

1K No CVEs

BuddyPress Group Email Subscription

buddypress-group-email-subscription

This powerful plugin allows users to receive email notifications of group activity. Weekly or daily digests are available.

1K No CVEs

Wbcom Designs – Shortcodes & Elementor Widgets For BuddyPress

shortcodes-for-buddypress

100

This plugin generates shortcodes for Listing Activity Streams, Members, and Groups on any website post or page.

700 No CVEs

BuddyPress Default Data

bp-default-data

Plugin will create lots of users, messages, friends connections, groups, topics, activity items, profile data - useful for testing purpose.

400 No CVEs

BuddyPress Groups Extras

buddypress-groups-extras

Introduce custom fields and custom pages to your BuddyPress-powered groups.

400 1 CVE

Developer Profile

BP Fan Page Developer Profile

Venutius

21 plugins · 650 total installs

trust score

Avg Security Score

91/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect BP Fan Page

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bp-fan-page/bp-fan-page.php

HTML / DOM Fingerprints

CSS Classes

bpfp-fan-page-group

HTML Comments

<!-- Note: This is a fan page group where you have access to add content. Regular members can view but not add content. -->

Data Attributes

name="bpfp-fan-page-group"value="normal"value="fan-page"

FAQ