Does Feeds for Twitter – Embed Social Media Posts with Live Updates have any unpatched vulnerabilities?

No. All known vulnerabilities in Feeds for Twitter – Embed Social Media Posts with Live Updates have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Feeds for Twitter – Embed Social Media Posts with Live Updates compatible with WordPress 6.9.4?

According to WordPress.org data, Feeds for Twitter – Embed Social Media Posts with Live Updates 1.2.11 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Feeds for Twitter – Embed Social Media Posts with Live Updates compatible with PHP 7.1+?

Feeds for Twitter – Embed Social Media Posts with Live Updates requires PHP 7.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

Feeds for Twitter – Embed Social Media Posts with Live Updates Security & Risk Analysis

wordpress.org/plugins/easy-twitter-feeds

Embed Twitter Timeline/Feed, Post, Video, Hashtag, Follow Button, Tweet Button easily. This plugin is lightweight but super powerful.

2K active installs v1.2.11 PHP 7.1+ WP 6.5+ Updated Feb 26, 2026

embed-twitterfollow-buttontwitter-feedxx-post

A · Safe

CVEs total2

Unpatched0

Last CVENov 21, 2024

Plugin page Download

Safety Verdict

Is Feeds for Twitter – Embed Social Media Posts with Live Updates Safe to Use in 2026?

Generally Safe

Score 99/100

Feeds for Twitter – Embed Social Media Posts with Live Updates has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Nov 21, 2024Updated 1mo ago

Risk Assessment

The overall security posture of easy-twitter-feeds v1.2.11 appears to be generally good, with a strong emphasis on secure coding practices. The static analysis indicates a low attack surface and a remarkable absence of critical or high-severity issues within the analyzed code flows. Notably, all SQL queries utilize prepared statements, and output escaping is almost universally applied. The plugin also implements nonce and capability checks on its entry points, further contributing to its security. However, the plugin's history reveals two past medium-severity vulnerabilities, including Authorization Bypass and Cross-Site Scripting, which should not be overlooked. While these are reported as patched, their nature suggests potential areas for vigilance. The presence of the Freemius SDK, while common, can sometimes introduce its own dependencies and potential vulnerabilities if not managed carefully. In conclusion, while the current version shows significant improvements and good security practices, the historical vulnerabilities warrant a cautious approach, especially concerning user input validation and authorization checks in any future development.

Key Concerns

Two historical medium-severity CVEs
Bundled Freemius SDK

Vulnerabilities

Feeds for Twitter – Embed Social Media Posts with Live Updates Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2024-10666medium · 4.3Authorization Bypass Through User-Controlled Key

Easy Twitter Feed – Twitter feeds plugin for WP <= 1.2.6 - Authenticated (Contributor+) Post Exposure

Nov 21, 2024 Patched in 1.2.7 (246d)

CVE-2021-24413medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Easy Twitter Feed < 1.2 - Cross-Site Scripting

Sep 20, 2021 Patched in 1.2 (855d)

Code Analysis

Analyzed Mar 16, 2026

Feeds for Twitter – Embed Social Media Posts with Live Updates Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

62 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius

Output Escaping

97% escaped64 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

fs_init (freemius-lite\inc\Base\FSActivate.php:68)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Feeds for Twitter – Embed Social Media Posts with Live Updates Attack Surface

Entry Points4

Unprotected0

AJAX Handlers 1

authwp_ajax_fs_initfreemius-lite\inc\Base\FSActivate.php:42

Shortcodes 3

[etf] inc\CustomPost.php:8

[timeline] inc\ShortCode.php:6

[follow_button] inc\ShortCode.php:7

WordPress Hooks 20

actioniniteasy-twitter-feeds.php:83

actionenqueue_block_editor_assetseasy-twitter-feeds.php:84

actionadmin_enqueue_scriptseasy-twitter-feeds.php:85

actionadmin_headfreemius-lite\inc\Base\FSActivate.php:29

actionadmin_enqueue_scriptsfreemius-lite\inc\Base\FSActivate.php:30

actionadmin_menufreemius-lite\inc\Base\FSActivate.php:33

actionadmin_footerfreemius-lite\inc\Base\FSActivate.php:38

actionadmin_footerfreemius-lite\inc\Base\FSActivate.php:39

actionadmin_noticesfreemius-lite\inc\Base\FSActivate.php:44

actioninitfreemius-lite\inc\Base\FS_Lite.php:29

actionadmin_enqueue_scriptsinc\admin-menu-free.php:9

actionadmin_menuinc\admin-menu-free.php:10

actioninitinc\CustomPost.php:7

filtermanage_easy-twitter-feeds_posts_columnsinc\CustomPost.php:9

actionmanage_easy-twitter-feeds_posts_custom_columninc\CustomPost.php:10

actionuse_block_editor_for_postinc\CustomPost.php:11

actionpost_row_actionsinc\CustomPost.php:12

actionadmin_action_duplicate_postinc\CustomPost.php:13

actionadmin_enqueue_scriptsinc\ShortCode.php:4

actionwp_enqueue_scriptsinc\ShortCode.php:5

Maintenance & Trust

Feeds for Twitter – Embed Social Media Posts with Live Updates Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 26, 2026

PHP min version7.1

Downloads45K

Community Trust

Rating78/100

Number of ratings11

Active installs2K

Alternatives

Feeds for Twitter – Embed Social Media Posts with Live Updates Alternatives

Custom Twitter Feeds – A Tweets Widget or X Feed Widget

custom-twitter-feeds

Display X posts (Twitter tweets) from any public user account in a clean, attractive looking feed that updates weekly.

100K 7 CVEs

jQuery Post Splitter

jquery-post-splitter

100

This plugin will split your post and pages into multiple pages with a tag. A button to split the pages and posts is available in text editor icons.

100 No CVEs

Social Feeds for Elementor

social-feeds-for-elementor

Social Feeds for Elementor is a free plugin. You can display facebook likebox / page plugin & twitter feeds widget using it.

60 No CVEs

YM Twitter Feed

ym-twitter-feed

This plugin can be used to embed twitter feed to your website.

30 No CVEs

AJAX Load More By BKKER Theme

ajax-load-more-by-bkker-theme

Load the next page of posts with AJAX.

10 No CVEs

Developer Profile

Feeds for Twitter – Embed Social Media Posts with Live Updates Developer Profile

colorlibplugins

120 plugins · 738K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

140 days

View full developer profile

Detection Fingerprints

How We Detect Feeds for Twitter – Embed Social Media Posts with Live Updates

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/easy-twitter-feeds/assets/css/admin.css/wp-content/plugins/easy-twitter-feeds/assets/js/admin.js

Script Paths

/wp-content/plugins/easy-twitter-feeds/assets/js/admin.js

Version Parameters

easy-twitter-feeds/assets/css/admin.css?ver=easy-twitter-feeds/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

fs_notice_board

HTML Comments

ABS PATH Constants Init Freemius. Signal that SDK was initiated.+1 more

Data Attributes

data-noncedata-slugdata-notice

JS Globals

etfpipecheck

REST Endpoints

/wp-json/data/v1/accept-data/wp-json/freemius/v1/admin_notices/wp-json/freemius/v1/dismiss_notice/wp-json/freemius/v1/connect_user/wp-json/freemius/v1/pricing

FAQ