Does Button Group have any unpatched vulnerabilities?

No. All known vulnerabilities in Button Group have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Button Group compatible with WordPress 6.6.5?

According to WordPress.org data, Button Group 1.2.6 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

How often is Button Group updated?

Button Group was last updated on Jul 29, 2024. Frequent updates are generally a positive security signal.

What is Button Group's security score?

Button Group has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Button Group Security & Risk Analysis

wordpress.org/plugins/button-group

Create Two Buttons To Be Stacked Together

100 active installs v1.2.6 PHP + WP 5.6+ Updated Jul 29, 2024

blockblocksbuttonbutton-groupgrouped-button

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Button Group Safe to Use in 2026?

Generally Safe

Score 92/100

Button Group has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "button-group" plugin v1.2.6 exhibits an exceptionally strong security posture based on the provided static analysis and vulnerability history. The absence of any identified attack surface entry points, dangerous functions, raw SQL queries, unescaped output, file operations, or external HTTP requests is highly commendable. Furthermore, the code's adherence to security best practices is underscored by a perfect score in SQL prepared statements and output escaping, along with a recorded capability check.

The taint analysis also reveals no concerning flows, indicating a robust defense against common injection vulnerabilities. The plugin's vulnerability history is equally impressive, with zero recorded CVEs of any severity, suggesting a well-maintained and secure codebase over time. The only minor area for observation is the lack of any nonce checks, which, given the absence of other entry points, presents a minimal risk in this specific context. However, for future development or if the attack surface expands, implementing nonces on any potential AJAX handlers would further enhance security.

Overall, this plugin appears to be exceptionally secure, demonstrating a deep commitment to security best practices and a consistent track record of vulnerability-free operation. The strengths far outweigh any perceived weaknesses, making it a highly trustworthy addition to a WordPress site.

Key Concerns

Missing nonce checks

Vulnerabilities

None known

Button Group Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Button Group Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Button Group Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actioninitbutton-group.php:137

actionwp_enqueue_scriptsincludes\font-loader.php:33

actionadmin_enqueue_scriptsincludes\font-loader.php:34

actionadmin_enqueue_scriptsincludes\helpers.php:33

filterinitincludes\post-meta.php:12

Maintenance & Trust

Button Group Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedJul 29, 2024

PHP min version

Downloads7K

Community Trust

Rating100/100

Number of ratings1

Active installs100

Alternatives

Button Group Alternatives

Magic Content & CTA Box Builder – Advanced Gutenberg Blocks for Flexible Page Sections, Headers, Buttons, Shape Dividers, and Layout Options

magic-content-box-lite

100

Advanced Gutenberg Blocks for Flexible Page Sections, Call to Action, Headers, Buttons, Shape Dividers, and Layout Options

6K No CVEs

CP Blocks

cp-blocks

CP Blocks allows to insert complementary blocks of code, like buttons, design elements, new functionalities, etc. It supports inserting blocks into th …

1K 2 CVEs

Block Enhancements – Extended styling for the Block Editor

block-enhancements

100

Add icon, responsive spacing, typography, alignment, shadow, transform, transition, color, hover style to blocks. Lightweight, fast, and clean.

600 No CVEs

Buttons For Gutenberg

fd-buttons-gutenberg

100

Add advanced button styles and options to the WordPress Block Editor for marketing pages and call-to-action links.

10 No CVEs

Advanced Button for Block Editor

zolo-advanced-button

100

The Advanced Button block lets you design stylish, customizable WordPress buttons with layout controls, pre-made styles, and integrated icons.

0 No CVEs

Developer Profile

Button Group Developer Profile

WPDeveloper

46 plugins · 4.0M total installs

trust score

Avg Security Score

91/100

Avg Patch Time

163 days

View full developer profile

Detection Fingerprints

How We Detect Button Group

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/button-group/dist/style.css/wp-content/plugins/button-group/dist/index.js/wp-content/plugins/button-group/assets/js/eb-animation-load.js/wp-content/plugins/button-group/assets/css/animate.min.css/wp-content/plugins/button-group/lib/resources/css/font-awesome5.css/wp-content/plugins/button-group/lib/resources/css/fonticonpicker.base-theme.react.css/wp-content/plugins/button-group/lib/resources/css/fonticonpicker.material-theme.react.css

Script Paths

/wp-content/plugins/button-group/dist/index.js/wp-content/plugins/button-group/assets/js/eb-animation-load.js

Version Parameters

button-group/1.2.6button-group/style.css?ver=button-group/dist/index.js?ver=

HTML / DOM Fingerprints

CSS Classes

eb-button-group-wrapper

Data Attributes

data-block="essential-blocks/button-group"

JS Globals

BUTTONGROUP_BLOCK_VERSIONBUTTONGROUP_BLOCK_ADMIN_URLBUTTONGROUP_BLOCK_ADMIN_PATH

FAQ