Does Cykelpartner XML Products Viewer have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Cykelpartner XML Products Viewer compatible with WordPress 3.9.40?

According to WordPress.org data, Cykelpartner XML Products Viewer 1.0.8 has been tested up to WordPress 3.9.40. Check the plugin's changelog for the latest compatibility information.

How often is Cykelpartner XML Products Viewer updated?

Cykelpartner XML Products Viewer was last updated on Apr 23, 2014. Frequent updates are generally a positive security signal.

What is Cykelpartner XML Products Viewer's security score?

Cykelpartner XML Products Viewer has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Cykelpartner XML Products Viewer Security & Risk Analysis

wordpress.org/plugins/cykelpartner-xml-products-viewer

Get produkt from Cykelpartner.dk via affiliate network Partner Ads. A plugin for showing affiliate products.

10 active installs v1.0.8 PHP + WP 3.3+ Updated Apr 23, 2014

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Cykelpartner XML Products Viewer Safe to Use in 2026?

Generally Safe

Score 85/100

Cykelpartner XML Products Viewer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The "cykelpartner-xml-products-viewer" v1.0.8 plugin presents a mixed security picture. On the positive side, the static analysis reveals no identified dangerous functions, no SQL queries that are not prepared, no file operations, no external HTTP requests, and no bundled libraries. The attack surface is also reported as zero for AJAX handlers, REST API routes, shortcodes, and cron events, with zero unprotected entry points. This suggests a plugin that, at first glance, adheres to several secure coding practices and has a minimal exposed attack surface.

However, a significant concern arises from the output escaping analysis. With 3 total outputs and 0% properly escaped, this indicates a high likelihood of Cross-Site Scripting (XSS) vulnerabilities. Any data processed by the plugin and then displayed to users without proper sanitization or escaping is a prime target for malicious script injection. The absence of any taint analysis flows with unsanitized paths is somewhat reassuring, but this could be an artifact of the analysis tools or the limited scope of the plugin's functionality.

The plugin's vulnerability history is exceptionally clean, with zero known CVEs, unpatched vulnerabilities, or recorded common vulnerability types. This is a strong indicator of consistent security over time, or potentially a lack of past scrutiny. Despite the lack of historical vulnerabilities and a seemingly small attack surface, the critical deficiency in output escaping means the plugin should not be considered entirely secure. The primary risk lies in the potential for XSS attacks due to unescaped output.

Key Concerns

Output escaping: 0% properly escaped

Vulnerabilities

None known

Cykelpartner XML Products Viewer Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Cykelpartner XML Products Viewer Release Timeline

v0.8

v0.7

v0.6

v0.5

v0.4

v0.3

v0.2

Code Analysis

Analyzed Mar 16, 2026

Cykelpartner XML Products Viewer Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped3 total outputs

Attack Surface

Cykelpartner XML Products Viewer Attack Surface

Entry Points0

Unprotected0

Maintenance & Trust

Cykelpartner XML Products Viewer Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40

Last updatedApr 23, 2014

PHP min version

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Cykelpartner XML Products Viewer Alternatives

No alternatives data available yet.

Developer Profile

Cykelpartner XML Products Viewer Developer Profile

cykelpartner

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Cykelpartner XML Products Viewer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cykelpartner-xml-products-viewer/style.css

HTML / DOM Fingerprints

CSS Classes

wrap

HTML Comments

/*
 * @package Cykelpartner produktfremviser
 * @Author: Cykelpartner.dk - Dennis Drejer
 * @version 1.0.8
 */

/*
Plugin Name: Cykelpartner produktfremviser
Plugin URI: http://www.cykelpartner.dk/
Description: Get produkt from Cykelpartner.dk via affiliate network Partner Ads. A plugin for showing affiliate products. Go to the plugin options page to see usage.
Author: Cykelpartner.dk - Dennis Drejer
Version: 1.0.8
Author URI: http://www.cykelpartner.dk/

*/

<!--
Tradedoubler Affiliate ID

<!--
network

+1 more

Data Attributes

name="cp_td"name="cp_pa"name="cp_cache_timeout"name="action"value="update"name="page_options"+69 more

Shortcode Output

[CPxml[CPxml [CPxml

FAQ