Does CodePen oEmbed have any unpatched vulnerabilities?

No. All known vulnerabilities in CodePen oEmbed have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is CodePen oEmbed compatible with WordPress 4.1.42?

According to WordPress.org data, CodePen oEmbed 1.0 has been tested up to WordPress 4.1.42. Check the plugin's changelog for the latest compatibility information.

How often is CodePen oEmbed updated?

CodePen oEmbed was last updated on Dec 17, 2014. Frequent updates are generally a positive security signal.

What is CodePen oEmbed's security score?

CodePen oEmbed has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

CodePen oEmbed Security & Risk Analysis

wordpress.org/plugins/codepen-oembed

Add CodePen to the available oEmbed providers

40 active installs v1.0 PHP + WP 3.7+ Updated Dec 17, 2014

codepencodepen-iooembed

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is CodePen oEmbed Safe to Use in 2026?

Generally Safe

Score 85/100

CodePen oEmbed has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The "codepen-oembed" v1.0 plugin exhibits a strong security posture based on the provided static analysis. The absence of any dangerous functions, SQL queries without prepared statements, unsanitized output, file operations, or external HTTP requests is highly commendable. Furthermore, the plugin appears to have no known vulnerabilities in its history, indicating a consistent focus on security by its developers. The zero attack surface through common entry points like AJAX, REST API, shortcodes, and cron events, especially with no unprotected entry points, is a significant strength.

Vulnerabilities

None known

CodePen oEmbed Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

CodePen oEmbed Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

CodePen oEmbed Attack Surface

Entry Points0

Unprotected0

Maintenance & Trust

CodePen oEmbed Maintenance & Trust

Maintenance Signals

WordPress version tested4.1.42

Last updatedDec 17, 2014

PHP min version

Downloads7K

Community Trust

Rating100/100

Number of ratings1

Active installs40

Alternatives

CodePen oEmbed Alternatives

Embed PDF Viewer

embed-pdf-viewer

Embed a PDF from the Media Library or elsewhere via oEmbed or as a block into an iframe tag.

20K 2 CVEs

Disable Embeds

disable-embeds

100

Don’t like the enhanced embeds in WordPress 4.4? Easily disable the feature using this plugin.

10K No CVEs

Embed Privacy

embed-privacy

100

Embed Privacy prevents the loading of embedded external content and allows your site visitors to opt-in.

10K 1 CVE

oEmbed Plus

oembed-plus

Adds support for embedding Facebook and Instagram posts in Block Editor (Gutenberg) and Classic Editor.

4K No CVEs

Embedly

embedly

100

The Embedly Plugin extends WordPress's auto-embed feature to give your blog more media types and style options.

2K No CVEs

Developer Profile

CodePen oEmbed Developer Profile

Pippin Williamson

19 plugins · 920 total installs

trust score

Avg Security Score

87/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect CodePen oEmbed

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ