Does Current Post Shortcode have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Current Post Shortcode compatible with WordPress 6.9.4?

According to WordPress.org data, Current Post Shortcode 3.1.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Current Post Shortcode compatible with PHP 7.4+?

Current Post Shortcode requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Current Post Shortcode updated?

Current Post Shortcode was last updated on Jan 13, 2026. Frequent updates are generally a positive security signal.

What is Current Post Shortcode's security score?

Current Post Shortcode has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Current Post Shortcode Security & Risk Analysis

wordpress.org/plugins/current-post-shortcode

The Current Post Shortcode plugin allows you to display the current post's title and metadata using simple shortcodes.

30 active installs v3.1.0 PHP 7.4+ WP 6.7+ Updated Jan 13, 2026

current-postcustom-fieldpost-metapost-titleshortcode

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Current Post Shortcode Safe to Use in 2026?

Generally Safe

Score 100/100

Current Post Shortcode has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The 'current-post-shortcode' v3.1.0 plugin exhibits a strong security posture based on the provided static analysis. The absence of dangerous functions, reliance on prepared statements for all SQL queries, and proper output escaping are excellent security practices. Furthermore, the plugin has no recorded vulnerabilities, which suggests a history of secure development and maintenance. The attack surface is minimal, consisting solely of a single shortcode, and critically, there are no unprotected entry points. Taint analysis also reveals no critical or high severity flows, reinforcing the impression of a secure plugin.

While the plugin demonstrates good security hygiene, the lack of nonce checks and capability checks on its shortcode, even with a small attack surface and no immediate vulnerabilities, represents a potential, albeit low, risk. If the shortcode's functionality were to be extended or manipulated in the future, the absence of these checks could become a vector for privilege escalation or unwanted actions. However, given the current analysis and vulnerability history, the overall risk is very low. The plugin is well-coded and appears to be actively maintained with security in mind.

Key Concerns

Missing nonce checks on shortcode
Missing capability checks on shortcode

Vulnerabilities

None known

Current Post Shortcode Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Current Post Shortcode Release Timeline

v3.1.0Current

v3.0.0

v2.0.0

v1.2.2

v1.2.0

v1.0.2

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

Current Post Shortcode Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped2 total outputs

Attack Surface

Current Post Shortcode Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[current_post] includes/frontend/shortcode.php:18

WordPress Hooks 2

actionplugins_loadedcurrent-post-shortcode.php:58

filterplugin_row_metaincludes/admin/plugin-link.php:17

Maintenance & Trust

Current Post Shortcode Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 13, 2026

PHP min version7.4

Downloads604

Community Trust

Rating0/100

Number of ratings0

Active installs30

Alternatives

Current Post Shortcode Alternatives

Custom Shortcodes

custom-shortcodes

Manage custom fields using the insert shortcodes or HTML comment in text of post.

6K No CVEs

Get Custom Field Values

get-custom-field-values

Use widgets, shortcodes, and/or template tags to easily retrieve and display custom field values for posts or pages.

1K 4 CVEs

Ultimate Fields

ultimate-fields

Easy and powerful custom fields management: Post Meta, Options Pages, Repeaters and many field types!

900 No CVEs

WP-Admin Search Post Meta

wp-admin-search-meta

100

Search WordPress admin posts by custom fields (post meta) directly from the default search.

300 No CVEs

Advanced Custom Field: Shortcode Field

advanced-custom-fields-shortcode-field

When you enter a shortcode, it will be executed and outputted, by using the_field('FIELD_NAME_HERE') in your theme.

200 No CVEs

Developer Profile

Current Post Shortcode Developer Profile

Md Forid Uddin

1 plugin · 30 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Current Post Shortcode

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

HTML Comments

Shortcode Output

[current_post][current_post meta=""][current_post id=""][current_post default=""]

FAQ