Does Ethne Favorites Button have any unpatched vulnerabilities?

No. All known vulnerabilities in Ethne Favorites Button have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Ethne Favorites Button compatible with WordPress 6.0.11?

According to WordPress.org data, Ethne Favorites Button 1.0.8 has been tested up to WordPress 6.0.11. Check the plugin's changelog for the latest compatibility information.

Is Ethne Favorites Button compatible with PHP 5.2+?

Ethne Favorites Button requires PHP 5.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Ethne Favorites Button updated?

Ethne Favorites Button was last updated on Oct 26, 2022. Frequent updates are generally a positive security signal.

What is Ethne Favorites Button's security score?

Ethne Favorites Button has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Ethne Favorites Button Security & Risk Analysis

wordpress.org/plugins/ethne-favourites

Favorite buttons for WordPress, Shortcodes to save and list favorite posts and pages for each user.

0 active installs v1.0.8 PHP 5.2+ WP + Updated Oct 26, 2022

cooked-pluginfavoritefavouritelike-postsave-post

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Ethne Favorites Button Safe to Use in 2026?

Generally Safe

Score 85/100

Ethne Favorites Button has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The 'ethne-favourites' plugin v1.0.8 exhibits a poor security posture due to a significant number of unprotected entry points. The static analysis reveals 5 total entry points, with a concerning 4 of them lacking authentication checks. This indicates a high likelihood of unauthorized access and potential manipulation of plugin functionalities. Furthermore, the complete absence of output escaping and the use of raw SQL queries without prepared statements are critical security flaws that can lead to cross-site scripting (XSS) and SQL injection vulnerabilities, respectively. The lack of nonce checks on AJAX handlers exacerbates the risk of CSRF attacks. Despite no recorded vulnerability history or critical taint flows, the observed coding practices present substantial inherent risks that could be exploited by attackers. While the plugin has no known vulnerabilities and a clean history, this is likely due to its current lack of rigorous security testing or the absence of widespread adoption, rather than robust security measures. Therefore, immediate remediation of the identified security weaknesses is strongly advised.

Key Concerns

4 AJAX handlers without auth checks
1 shortcode without auth checks
1 SQL query without prepared statements
5 outputs not properly escaped
0 Nonce checks
0 Capability checks

Vulnerabilities

None known

Ethne Favorites Button Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Ethne Favorites Button Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

0% escaped5 total outputs

Attack Surface

4 unprotected

Ethne Favorites Button Attack Surface

Entry Points5

Unprotected4

AJAX Handlers 4

noprivwp_ajax_add_favoriteethne-favourites.php:33

authwp_ajax_add_favoriteethne-favourites.php:34

noprivwp_ajax_remove_favoriteethne-favourites.php:36

authwp_ajax_remove_favoriteethne-favourites.php:37

Shortcodes 1

[ethne-favorites] ethne-favourites.php:50

WordPress Hooks 1

actioninitethne-favourites.php:31

Maintenance & Trust

Ethne Favorites Button Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11

Last updatedOct 26, 2022

PHP min version5.2

Downloads832

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Ethne Favorites Button Alternatives

WP Favorite Posts Extended

wp-favorite-posts-extended

wp-favorite-posts, reading list, post list, post lists, lists Requires at least: 3.5 Tested up to: 4.0 Stable tag: 0.1 Based on plugin "WP Favor …

20 No CVEs

Jiali User Bookmarks

jiali-user-bookmarks

100

Let your visitors easily bookmark, save, or favorite posts! Lightweight, AJAX-powered plugin to boost user engagement and interactivity. 📑✨

0 No CVEs

Techvoot Favourites for WooCommerce

techvoot-favourites-for-woocommerce

100

Lets WooCommerce customers save products as Favourites for quick reordering, with admin tools to manage each user's saved products.

0 No CVEs

Favorites

favorites

Favorites for any post type. Easily add favoriting/liking, wishlists, or any other similar functionality using the developer-friendly API.

10K 1 unpatched

HivePress Favorites

hivepress-favorites

100

Allow users to keep a list of favorite listings.

8K No CVEs

Developer Profile

Ethne Favorites Button Developer Profile

djrobertson

1 plugin · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Ethne Favorites Button

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ethne-favourites/ethne-base.css/wp-content/plugins/ethne-favourites/ethne.js

Script Paths

/wp-content/plugins/ethne-favourites/ethne.js

Version Parameters

ethne-favourites/ethne-base.css?ver=ethne-favourites/ethne.js?ver=

HTML / DOM Fingerprints

CSS Classes

favorites-buttonfavorites-remove-buttonfavorite-display

Data Attributes

data-id

JS Globals

ethne

Shortcode Output

<button class="favorites-button"<button class='favorites-remove-button'<div class="favorite-display"><a href='

FAQ