Does Dynamic Shortcode have any unpatched vulnerabilities?

No. All known vulnerabilities in Dynamic Shortcode have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Dynamic Shortcode compatible with WordPress 5.4.19?

According to WordPress.org data, Dynamic Shortcode 1.0 has been tested up to WordPress 5.4.19. Check the plugin's changelog for the latest compatibility information.

Is Dynamic Shortcode compatible with PHP 5.3+?

Dynamic Shortcode requires PHP 5.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Dynamic Shortcode updated?

Dynamic Shortcode was last updated on Apr 24, 2020. Frequent updates are generally a positive security signal.

What is Dynamic Shortcode's security score?

Dynamic Shortcode has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Dynamic Shortcode Security & Risk Analysis

wordpress.org/plugins/dynamic-shortcode

A small plugin which allows you to use shortcodes as the attribute of other shortcode, shortcode inside shortcode, dynamic shortcode.

40 active installs v1.0 PHP 5.3+ WP 4.5+ Updated Apr 24, 2020

dynamic-shortcodenestednested-shortcodeshortcode-inside-shortcodeshortcodes

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Dynamic Shortcode Safe to Use in 2026?

Generally Safe

Score 85/100

Dynamic Shortcode has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The "dynamic-shortcode" v1.0 plugin exhibits a strong security posture based on the provided static analysis. The code demonstrates excellent practices by utilizing prepared statements for all SQL queries and ensuring proper output escaping. The absence of dangerous functions, file operations, external HTTP requests, and vulnerability history further strengthens its security profile. The limited attack surface, consisting of a single shortcode with no explicit auth checks, is a potential area of concern, though the lack of any taint flows suggests this is not currently exploited.

While the plugin appears secure in its current state, the lack of explicit capability checks or nonce validation on the shortcode's entry point could pose a risk if the shortcode's functionality were to become more complex or handle sensitive data in future versions. The complete absence of known vulnerabilities and recent security issues is a positive indicator, suggesting either a well-developed plugin or one that has not been a target. However, it's important to acknowledge that zero vulnerabilities recorded does not guarantee future immunity.

In conclusion, "dynamic-shortcode" v1.0 is a well-coded plugin with a clean security record. Its adherence to secure coding practices like prepared statements and proper escaping is commendable. The primary area for potential improvement lies in bolstering the security of the shortcode's entry point with appropriate authorization checks, even if its current functionality is benign. This proactive approach will mitigate risks as the plugin evolves.

Key Concerns

Shortcode entry point lacks capability checks
Shortcode entry point lacks nonce checks

Vulnerabilities

None known

Dynamic Shortcode Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Dynamic Shortcode Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Dynamic Shortcode Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[dy_shortcode] dynamic-shortcode.php:23

WordPress Hooks 1

actioninitdynamic-shortcode.php:18

Maintenance & Trust

Dynamic Shortcode Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19

Last updatedApr 24, 2020

PHP min version5.3

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs40

Alternatives

Dynamic Shortcode Alternatives

ByTheWay Annotations for WordPress

bytheway

ByTheWay is a WordPress plugin providing shortcodes for collapsable annotations.

10 No CVEs

Nested Shortcodes by Outerbridge

nested-shortcodes

A small plugin which allows you to use nest shortcodes (i.e. a shortcode within an enclosing shortcode) by implementing a simple do_shortcode filter

1K No CVEs

Nested Pages

wp-nested-pages

Nested Pages provides a drag and drop interface for managing pages & posts in the WordPress admin, while maintaining quick edit functionality.

90K 10 CVEs

Easy Accordion – Responsive Accordion FAQ Builder and Product FAQ

easy-accordion-free

Easily create Accordions, FAQs, and Product FAQ for WooCommerce. Customizable drag & drop WordPress FAQ builder plugin.

80K 3 CVEs

Column Shortcodes

column-shortcodes

Adds shortcodes to easily create columns in your posts or pages.

60K No CVEs

Developer Profile

Dynamic Shortcode Developer Profile

Amir JM

2 plugins · 50 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Dynamic Shortcode

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output

[dy_shortcode]

FAQ