Does Conversions Extensions have any unpatched vulnerabilities?

No. All known vulnerabilities in Conversions Extensions have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Conversions Extensions compatible with WordPress 6.8.5?

According to WordPress.org data, Conversions Extensions 2.2.4 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Conversions Extensions compatible with PHP 5.6+?

Conversions Extensions requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Conversions Extensions updated?

Conversions Extensions was last updated on Jun 13, 2025. Frequent updates are generally a positive security signal.

What is Conversions Extensions's security score?

Conversions Extensions has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Conversions Extensions Security & Risk Analysis

wordpress.org/plugins/conversions-extensions

Adds homepage sections, one click demo imports, social icons, and other features to Conversions theme for WordPress.

90 active installs v2.2.4 PHP 5.6+ WP 4.7+ Updated Jun 13, 2025

extensionshomepageshortcodessocial-iconstheme-demos

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Conversions Extensions Safe to Use in 2026?

Generally Safe

Score 100/100

Conversions Extensions has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago

Risk Assessment

The 'conversions-extensions' v2.2.4 plugin presents a generally good security posture based on the static analysis. The absence of dangerous functions, raw SQL queries, external HTTP requests, and the utilization of prepared statements for all SQL queries are strong indicators of secure coding practices. The high percentage of properly escaped output further mitigates risks related to cross-site scripting (XSS). The plugin also has no recorded vulnerability history, which is a positive sign of its stability and the developer's attention to security.

However, several areas warrant attention. The presence of 12 shortcodes represents a significant attack surface, and while the static analysis indicates no unprotected entry points, the absence of explicit nonce checks and capability checks on these shortcodes, alongside the single file operation, introduces potential avenues for exploitation if not handled with extreme care within the shortcode logic itself. The lack of taint analysis data is also a weakness, as it prevents a deeper understanding of how data flows through the plugin and whether sensitive information could be mishandled.

In conclusion, while the plugin benefits from robust SQL handling and output escaping, and has a clean vulnerability history, the large number of shortcodes without explicit security checks (like nonces or capability checks) is a notable concern. The absence of taint analysis data means there's a blind spot in assessing potential data manipulation vulnerabilities. The plugin is likely secure against many common web vulnerabilities, but further manual review of shortcode implementations would be prudent to confirm the security of these entry points.

Key Concerns

No nonce checks detected
No capability checks detected
No taint analysis data available
File operations present

Vulnerabilities

None known

Conversions Extensions Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Conversions Extensions Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

312 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

89% escaped352 total outputs

Attack Surface

Conversions Extensions Attack Surface

Entry Points12

Unprotected0

Shortcodes 12

[conversions_clients] shortcodes\Shortcodes.php:28

[conversions_counter] shortcodes\Shortcodes.php:29

[conversions_faq] shortcodes\Shortcodes.php:30

[conversions_gallery] shortcodes\Shortcodes.php:31

[conversions_google_map] shortcodes\Shortcodes.php:32

[conversions_icon_features] shortcodes\Shortcodes.php:33

[conversions_img_features] shortcodes\Shortcodes.php:34

[conversions_single_feature] shortcodes\Shortcodes.php:35

[conversions_pricing] shortcodes\Shortcodes.php:36

[conversions_social] shortcodes\Shortcodes.php:37

[conversions_team] shortcodes\Shortcodes.php:38

[conversions_testimonials] shortcodes\Shortcodes.php:39

WordPress Hooks 24

actionconversions_customize_registerconversions-extensions.php:42

actionwp_headconversions-extensions.php:43

actioninitconversions-extensions.php:44

actionwp_enqueue_scriptsconversions-extensions.php:45

actioncustomize_controls_enqueue_scriptsconversions-extensions.php:46

filterwp_kses_allowed_htmlconversions-extensions.php:47

filterconversions_repeater_labels_filterconversions-extensions.php:650

actionget_headerhomepage\Homepage.php:122

filtercustomize_registerhomepage\Homepage.php:123

actionhomepagehomepage\Homepage.php:142

filterconversions_nav_open_wrappernavbar\Navbar_Variants.php:28

filterconversions_nav_close_wrappernavbar\Navbar_Variants.php:29

filterconversions_nav_branding_outputnavbar\Navbar_Variants.php:30

filterconversions_navbar_menunavbar\Navbar_Variants.php:31

actionplugins_loadedocdi\OCDI.php:22

filterpt-ocdi/plugin_page_setupocdi\OCDI.php:23

filterpt-ocdi/disable_pt_brandingocdi\OCDI.php:24

filterpt-ocdi/plugin_intro_textocdi\OCDI.php:25

filterpt-ocdi/import_filesocdi\OCDI.php:26

actionpt-ocdi/before_content_importocdi\OCDI.php:27

actionpt-ocdi/before_widgets_importocdi\OCDI.php:28

actionpt-ocdi/after_importocdi\OCDI.php:29

filtergettextocdi\OCDI.php:30

actionconversions_footer_infosocial\Social.php:28

Maintenance & Trust

Conversions Extensions Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJun 13, 2025

PHP min version5.6

Downloads10K

Community Trust

Rating0/100

Number of ratings0

Active installs90

Alternatives

Conversions Extensions Alternatives

Social Icons Widget & Block – Social Media Icons & Share Buttons

social-icons-widget-by-wpzoom

Social media icons plugin for WordPress - Add 400+ social icons and share buttons. Gutenberg block, widget & Elementor support. GDPR compliant.

100K 3 CVEs

Simple Author Box

simple-author-box

Add a responsive author box or guest author box with social icons to any post. Great author box for any site!

80K 2 CVEs

Starter Templates & Sites Pack by ThemeGrill

themegrill-demo-importer

Premium starter sites and website templates by ThemeGrill. Import demo content, widgets, and theme settings with one click.

80K 1 CVE

Redirect 404 to Homepage

404-to-homepage

100

Redirect 404 missing pages to the homepage using SEO 301 redirection. Super lightweight!

70K No CVEs

Column Shortcodes

column-shortcodes

Adds shortcodes to easily create columns in your posts or pages.

60K No CVEs

Developer Profile

Conversions Extensions Developer Profile

uniquelylost

4 plugins · 2K total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Conversions Extensions

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/conversions-extensions/assets/css/conversions-extensions.css/wp-content/plugins/conversions-extensions/assets/js/conversions-extensions.js/wp-content/plugins/conversions-extensions/homepage/assets/css/homepage.css/wp-content/plugins/conversions-extensions/homepage/assets/js/homepage.js/wp-content/plugins/conversions-extensions/social/assets/css/social.css/wp-content/plugins/conversions-extensions/social/assets/js/social.js/wp-content/plugins/conversions-extensions/navbar/assets/css/navbar-variants.css/wp-content/plugins/conversions-extensions/navbar/assets/js/navbar-variants.js

Script Paths

/wp-content/plugins/conversions-extensions/homepage/customizer/homepage.js/wp-content/plugins/conversions-extensions/social/customizer/social-customizer.js/wp-content/plugins/conversions-extensions/navbar/customizer/navbar-variants-customizer.js

Version Parameters

conversions-extensions/assets/css/conversions-extensions.css?ver=conversions-extensions/assets/js/conversions-extensions.js?ver=conversions-extensions/homepage/assets/css/homepage.css?ver=conversions-extensions/homepage/assets/js/homepage.js?ver=conversions-extensions/social/assets/css/social.css?ver=conversions-extensions/social/assets/js/social.js?ver=conversions-extensions/navbar/assets/css/navbar-variants.css?ver=conversions-extensions/navbar/assets/js/navbar-variants.js?ver=

HTML / DOM Fingerprints

CSS Classes

conversions-social-iconconversions-social-barconversions-navbar-variant-wrapconversions-homepage-sectionconversions-hero-sectionconversions-clients-sectionconversions-counter-sectionconversions-faq-section+13 more

HTML Comments

+13 more

Data Attributes

data-conversions-social-icon-sizedata-conversions-social-colordata-conversions-navbar-heightdata-conversions-social-open-in-new-tabdata-conversions-social-icon-colordata-conversions-social-icon-hover-color

JS Globals

conversions_extensions_paramsconversions_homepage_paramsconversions_social_paramsconversions_navbar_variants_params

Shortcode Output

[conversions_hero[conversions_clients[conversions_counter[conversions_faq

FAQ