Does ESV CrossReference Tool have any unpatched vulnerabilities?

No. All known vulnerabilities in ESV CrossReference Tool have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ESV CrossReference Tool compatible with WordPress 6.9.4?

According to WordPress.org data, ESV CrossReference Tool 2.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is ESV CrossReference Tool compatible with PHP 5.2.4+?

ESV CrossReference Tool requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is ESV CrossReference Tool updated?

ESV CrossReference Tool was last updated on Dec 1, 2025. Frequent updates are generally a positive security signal.

What is ESV CrossReference Tool's security score?

ESV CrossReference Tool has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ESV CrossReference Tool Security & Risk Analysis

wordpress.org/plugins/esv-crossref

The ESV CrossReference Tool is a free resource created to make it easy to feature the text of the ESV Bible on your blog, personal website, or church …

500 active installs v2.1 PHP 5.2.4+ WP 2.1+ Updated Dec 1, 2025

biblecrossrefesvscripturetagging

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is ESV CrossReference Tool Safe to Use in 2026?

Generally Safe

Score 100/100

ESV CrossReference Tool has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The 'esv-crossref' v2.1 plugin exhibits an exceptionally strong security posture based on the provided static analysis and vulnerability history. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface, and crucially, there are no unprotected entry points. Furthermore, the code analysis reveals a complete absence of dangerous functions, file operations, external HTTP requests, and critically, all SQL queries are properly prepared, and all outputs are correctly escaped. The lack of any recorded vulnerabilities, including CVEs, further reinforces its secure design. However, the complete absence of nonce checks and capability checks, while not immediately leading to a vulnerability given the zero attack surface, represents a potential concern if functionality were to be added in the future without proper security controls. Despite this minor area for improvement in forward-proofing, the plugin's current implementation is highly secure and demonstrates a commitment to secure coding practices.

Key Concerns

No nonce checks implemented
No capability checks implemented

Vulnerabilities

None known

ESV CrossReference Tool Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

ESV CrossReference Tool Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

ESV CrossReference Tool Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actionwp_enqueue_scriptsesv-crossreference-tool.php:19

Maintenance & Trust

ESV CrossReference Tool Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 1, 2025

PHP min version5.2.4

Downloads14K

Community Trust

Rating80/100

Number of ratings6

Active installs500

Alternatives

ESV CrossReference Tool Alternatives

BibleUp

bibleup

BibleUp transforms Bible references on a webpage into links and makes the text accessible via a flexible and highly-customizable popover.

70 No CVEs

Logos Reftagger

reftagger

100

Logos Reftagger turns Bible references into links to the verse on Biblia.com and adds tooltips with the text of the verse.

10K No CVEs

BibleLink Multilingual

bible-link-multilingual

This lightweight plugin makes Bible references on your website interactive and supports multiple languages.

300 No CVEs

Truth

truth

Automatically links to Bible verses throughout your site.

90 No CVEs

WP-Bible

wp-bible

Plugin finds Bible references in your posts and changes them for the actual Bible text from any of 38 different translations in 14 languages.

40 No CVEs

Developer Profile

ESV CrossReference Tool Developer Profile

adamzapcrossway

1 plugin · 500 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ESV CrossReference Tool

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Script Paths

https://static.esvmedia.org/crossref/crossref.min.js

HTML / DOM Fingerprints

JS Globals

esv_crossreference_tool

FAQ