Read More Button – Expand Content Without Refresh Security & Risk Analysis
wordpress.org/plugins/click-to-read-more-buttonEasily add a customizable Read More button to expand long posts. Reveal hidden content automatically and smoothly without a page refresh.
Is Read More Button – Expand Content Without Refresh Safe to Use in 2026?
Generally Safe
Score 100/100Read More Button – Expand Content Without Refresh has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "click-to-read-more-button" v1.0.4 plugin exhibits a generally good security posture based on the static analysis. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests is commendable. The plugin also demonstrates good practices by implementing nonce checks for its entry points and a high percentage of properly escaped output. The vulnerability history being completely clean further reinforces this positive assessment, suggesting a well-maintained and secure codebase. There are no taint analysis findings, indicating no evident vulnerabilities related to unsanitized data flows.
However, a notable concern is the complete lack of capability checks for its AJAX handlers. While nonce checks are present, they primarily protect against CSRF attacks. Without capability checks, any authenticated user, regardless of their role or permissions, could potentially trigger these AJAX actions. This represents a significant potential risk if the functionality of these AJAX handlers could be abused by users who should not have access to it. The total number of AJAX handlers, although small, means this weakness affects all available entry points into the plugin's server-side logic.
Key Concerns
- AJAX handlers lack capability checks
Read More Button – Expand Content Without Refresh Security Vulnerabilities
Read More Button – Expand Content Without Refresh Release Timeline
Read More Button – Expand Content Without Refresh Code Analysis
Output Escaping
Read More Button – Expand Content Without Refresh Attack Surface
AJAX Handlers 2
WordPress Hooks 10
Maintenance & Trust
Read More Button – Expand Content Without Refresh Maintenance & Trust
Maintenance Signals
Community Trust
Read More Button – Expand Content Without Refresh Alternatives
FR Read More
fr-read-more
Create expandable content sections on WordPress. Let visitors reveal hidden content with a click.
Webspero Read More Toggle
webspero-read-more-toggle
Adds a simple "Read More / Read Less" toggle to long content using lightweight JavaScript. Ideal for blogs, FAQs, or excerpts.
Read More & Accordion
expand-maker
Easily hide or reveal long content with Read More buttons, accordions, and popups. Streamline your WordPress site's layout while enhancing user e …
Read More WP
read-more-wp
Create excerpts and hide text with an elegant toggle button to show more.
Simply Excerpts
simply-excerpts
A simple plugin for exceprts that allows you to change the word count and to replace the elipsis (...) with text. Not compatible with all themes.
Read More Button – Expand Content Without Refresh Developer Profile
11 plugins · 3K total installs
How We Detect Read More Button – Expand Content Without Refresh
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/click-to-read-more-button/assets/css/frontend.css/wp-content/plugins/click-to-read-more-button/assets/js/frontend.js/wp-content/plugins/click-to-read-more-button/assets/js/frontend.jsclick-to-read-more-button/assets/css/frontend.css?ver=click-to-read-more-button/assets/js/frontend.js?ver=HTML / DOM Fingerprints
click-to-read-more-button-containerclick-to-read-more-button-wrapperclick-to-read-more-button-btnPlugin initialization code hereInitialize deactivation feedbackRead More Button Settingsenable/disable+8 moredata-ctrmb-enableddata-ctrmb-line-countdata-ctrmb-button-textdata-ctrmb-button-colordata-ctrmb-button-hover-colordata-ctrmb-text-color+1 moreclick_to_read_more_button_params