Does BuddyPress Group Twitter have any unpatched vulnerabilities?

No. All known vulnerabilities in BuddyPress Group Twitter have been patched as of the latest data update. Always keep the plugin updated to the latest version.

How often is BuddyPress Group Twitter updated?

BuddyPress Group Twitter was last updated on Feb 24, 2010. Frequent updates are generally a positive security signal.

What is BuddyPress Group Twitter's security score?

BuddyPress Group Twitter has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

BuddyPress Group Twitter Security & Risk Analysis

wordpress.org/plugins/buddypress-group-twitter

Attach Twitter accounts to a BuddyPress group then aggregate and track tweets within that group.

10 active installs v1.2 PHP + WP + Updated Feb 24, 2010

aggregationbuddypressfeedsgroupstwitter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is BuddyPress Group Twitter Safe to Use in 2026?

Generally Safe

Score 85/100

BuddyPress Group Twitter has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 16yr ago

Risk Assessment

The "buddypress-group-twitter" plugin version 1.2 exhibits a mixed security posture. On the positive side, it demonstrates good practices regarding SQL queries, exclusively using prepared statements, and has no recorded vulnerability history, suggesting a relatively stable codebase. However, significant concerns arise from the static analysis. The presence of a single AJAX handler without authentication checks presents a direct attack vector, especially given the absence of capability checks in general. Furthermore, a concerning 100% of observed output is not properly escaped, opening the door to Cross-Site Scripting (XSS) vulnerabilities. While taint analysis showed no issues, this could be due to the limited scope of analysis or the absence of complex data flows that would trigger it. The overall risk is moderate due to the high potential for XSS and the direct unprotected entry point, despite the absence of known CVEs and robust SQL handling.

Key Concerns

AJAX handler without authentication check
Output escaping is not properly implemented
No capability checks on entry points

Vulnerabilities

None known

BuddyPress Group Twitter Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

BuddyPress Group Twitter Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

0% escaped3 total outputs

Attack Surface

1 unprotected

BuddyPress Group Twitter Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_refetch_group_twitterbp-group-twitter.php:266

WordPress Hooks 6

actionbp_group_activity_filter_optionsbp-group-twitter.php:233

actionbp_activity_filter_optionsbp-group-twitter.php:234

actionwp_footerbp-group-twitter.php:242

actiongroups_screen_group_homebp-group-twitter.php:260

actionbp_group_twitter_cronbp-group-twitter.php:277

actionbp_initloader.php:19

Scheduled Events 1

bp_group_twitter_cron

Maintenance & Trust

BuddyPress Group Twitter Maintenance & Trust

Maintenance Signals

WordPress version tested

Last updatedFeb 24, 2010

PHP min version

Downloads6K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

BuddyPress Group Twitter Alternatives

BP External Group Blogs

external-group-blogs

Give group creators and administrators on your BuddyPress install the ability to attach

10 No CVEs

WP Twitter Feeds

wp-twitter-feeds

WP Twitter Feeds - A simple widget which lets you add your latest tweets in just a few clicks on your website.

3K No CVEs

Registration Options for BuddyPress

bp-registration-options

Moderate new BuddyPress members and fight BuddyPress spam.

1K No CVEs

BuddyPress Group Email Subscription

buddypress-group-email-subscription

This powerful plugin allows users to receive email notifications of group activity. Weekly or daily digests are available.

1K No CVEs

Wbcom Designs – Shortcodes & Elementor Widgets For BuddyPress

shortcodes-for-buddypress

100

This plugin generates shortcodes for Listing Activity Streams, Members, and Groups on any website post or page.

700 No CVEs

Developer Profile

BuddyPress Group Twitter Developer Profile

Andy Peatling

3 plugins · 1K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect BuddyPress Group Twitter

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Data Attributes

groups_get_groupmetagroups_update_groupmetabp_activity_deletefetch_rssbp_group_twitter_fetchbp_group_twitter_twitterize

FAQ