Does Decode Reply Tool have any unpatched vulnerabilities?

No. All known vulnerabilities in Decode Reply Tool have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Decode Reply Tool compatible with WordPress 4.0.38?

According to WordPress.org data, Decode Reply Tool 1.1.9 has been tested up to WordPress 4.0.38. Check the plugin's changelog for the latest compatibility information.

How often is Decode Reply Tool updated?

Decode Reply Tool was last updated on Sep 4, 2014. Frequent updates are generally a positive security signal.

What is Decode Reply Tool's security score?

Decode Reply Tool has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Decode Reply Tool Security & Risk Analysis

wordpress.org/plugins/decode-reply-tool

This plugin allows your readership to reply to your posts via Twitter and App.net using a beautiful, simple reply tool.

10 active installs v1.1.9 PHP + WP 2.7+ Updated Sep 4, 2014

decodediscussionreplysocialtwitter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Decode Reply Tool Safe to Use in 2026?

Generally Safe

Score 85/100

Decode Reply Tool has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The decode-reply-tool v1.1.9 plugin exhibits a strong security posture based on the provided static analysis. There is no identified attack surface, no dangerous functions, and all SQL queries utilize prepared statements. Furthermore, the plugin has no recorded vulnerability history, suggesting a history of secure development and maintenance.

However, a notable concern is the low percentage of properly escaped output (40%). This indicates a risk of Cross-Site Scripting (XSS) vulnerabilities, particularly if user-supplied data is directly outputted without adequate sanitization. While taint analysis did not reveal any immediate critical or high severity issues, the lack of comprehensive output escaping is a significant weakness that could be exploited. The absence of nonce and capability checks on potential entry points, though currently non-existent in terms of attack surface, also represents a missed opportunity for robust security practices that would protect against future vulnerabilities should the attack surface expand.

In conclusion, the plugin's lack of known vulnerabilities and secure coding practices in areas like SQL handling are commendable. Nevertheless, the significant proportion of unescaped output presents a tangible risk that warrants attention and remediation to ensure the overall security of sites using this plugin.

Key Concerns

Low percentage of properly escaped output
No nonce checks on potential entry points
No capability checks on potential entry points

Vulnerabilities

None known

Decode Reply Tool Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Decode Reply Tool Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

40% escaped15 total outputs

Attack Surface

Decode Reply Tool Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 7

actionadmin_menureply-tool-loader.php:29

actionadmin_initreply-tool-loader.php:51

actioninitreply-tool-loader.php:108

filterthe_contentreply-tool-loader.php:136

filterget_the_excerptreply-tool-loader.php:143

actionwp_headreply-tool-loader.php:221

actionwp_enqueue_scriptsreply-tool-loader.php:227

Maintenance & Trust

Decode Reply Tool Maintenance & Trust

Maintenance Signals

WordPress version tested4.0.38

Last updatedSep 4, 2014

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Decode Reply Tool Alternatives

Nextend Social Login and Register

nextend-facebook-connect

One click registration & login plugin for Facebook, Google, X (formerly Twitter) and more. Quick setup and easy configuration.

200K 6 CVEs

Open Graph and Twitter Card Tags

wonderm00ns-simple-facebook-open-graph-tags

Improve social media sharing by inserting Facebook Open Graph, Twitter Card, and SEO Meta Tags on your WordPress website pages, posts, WooCommerce pro …

60K 2 CVEs

Social Media Widget

social-media-widget

Adds links to all of your social media and sharing site profiles. Tons of icons come in 3 sizes, 4 icon styles, and 4 animations.

30K 3 CVEs

Professional Social Sharing Buttons, Icons & Related Posts – Shareaholic

shareaholic

Boost Audience Engagement with Award Winning Speed Optimized Social Tools: Share Buttons, Related Posts, Monetization & Google Analytics.

20K 4 CVEs

miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn)

miniorange-login-openid

Social Login with Discord, Facebook, Google, Twitter, LinkedIn and 40+ apps. Social login with social share and comments. Free, fast & easy! WooCo …

10K 1 unpatched

Developer Profile

Decode Reply Tool Developer Profile

Scott Smith

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Decode Reply Tool

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/decode-reply-tool/reply-tool-insert.php

HTML / DOM Fingerprints

CSS Classes

decode-reply-tool-pluginreplylinkreplytrigger

HTML Comments

/* =Reply Tool Style
----------------------------------------------- */

FAQ