Does Favicon Extender have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Favicon Extender compatible with WordPress 6.4.8?

According to WordPress.org data, Favicon Extender 1.0.5 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

Is Favicon Extender compatible with PHP 7.0+?

Favicon Extender requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Favicon Extender updated?

Favicon Extender was last updated on Nov 5, 2023. Frequent updates are generally a positive security signal.

What is Favicon Extender's security score?

Favicon Extender has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Favicon Extender Security & Risk Analysis

wordpress.org/plugins/favicon-extender

Extend the native WordPress Site Icon functionality to use different icons for Android, iOS and Windows.

300 active installs v1.0.5 PHP 7.0+ WP 4.8+ Updated Nov 5, 2023

favicon

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Favicon Extender Safe to Use in 2026?

Generally Safe

Score 85/100

Favicon Extender has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

Based on the provided static analysis and vulnerability history, the "favicon-extender" plugin version 1.0.5 exhibits a strong security posture. The absence of any detected dangerous functions, raw SQL queries, file operations, or external HTTP requests is a significant positive. Furthermore, the proper escaping of all outputs and the use of prepared statements for any database interactions indicate good coding practices.

The attack surface is reported as zero, meaning there are no identified AJAX handlers, REST API routes, shortcodes, or cron events that could be exploited. The taint analysis also shows no critical or high-severity flows with unsanitized paths, further reinforcing the lack of immediately apparent vulnerabilities in the code's handling of user input.

The plugin's vulnerability history is clean, with no recorded CVEs of any severity. This suggests a history of stable and secure development. In conclusion, the "favicon-extender" plugin appears to be a well-secured piece of software, with no immediate security concerns identified in this analysis. The complete lack of identified vulnerabilities in both static analysis and historical data is commendable.

Vulnerabilities

None known

Favicon Extender Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Favicon Extender Release Timeline

v1.0.5Current

v1.0.4

v1.0.3

v1.0

Code Analysis

Analyzed Mar 16, 2026

Favicon Extender Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped6 total outputs

Attack Surface

Favicon Extender Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

actioncustomize_registerclasses\Customizer.class.php:13

filtersite_icon_meta_tagsclasses\Extender.class.php:19

actioninitfavicon-extender.php:18

actioncustomize_controls_enqueue_scriptsincludes\enqueues.php:14

Maintenance & Trust

Favicon Extender Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedNov 5, 2023

PHP min version7.0

Downloads6K

Community Trust

Rating100/100

Number of ratings1

Active installs300

Alternatives

Favicon Extender Alternatives

Favicon by RealFaviconGenerator

favicon-by-realfavicongenerator

Create and install your favicon for all platforms: PC/Mac, iPhone/iPad, Android devices, Windows 8 tablets...

200K 4 CVEs

All In One Favicon

all-in-one-favicon

Easily add a Favicon to your site and the WordPress admin pages. Complete with upload functionality. Supports all three Favicon types (ico,png,gif).

70K 2 CVEs

Favicon Rotator

favicon-rotator

Easily set site favicon and even rotate through multiple icons

20K 2 CVEs

WP Favicon Remover

wp-favicon-remover

100

This plugin adds the functionality to remove the WordPress default favicon since WordPress 5.4.

10K No CVEs

Heroic Favicon Generator

favhero-favicon-generator

Heroic Favicon Generator is your one-click favicon generator for WordPress.

7K No CVEs

Developer Profile

Favicon Extender Developer Profile

Giorgos Sarigiannidis

7 plugins · 10K total installs

trust score

Avg Security Score

87/100

Avg Patch Time

5 days

View full developer profile

Detection Fingerprints

How We Detect Favicon Extender

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/favicon-extender/js/custom.customize.js

Script Paths