Does Social Feeds have any unpatched vulnerabilities?

No. All known vulnerabilities in Social Feeds have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Social Feeds compatible with WordPress 6.3.8?

According to WordPress.org data, Social Feeds 1.5 has been tested up to WordPress 6.3.8. Check the plugin's changelog for the latest compatibility information.

How often is Social Feeds updated?

Social Feeds was last updated on Oct 28, 2023. Frequent updates are generally a positive security signal.

What is Social Feeds's security score?

Social Feeds has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Social Feeds Security & Risk Analysis

wordpress.org/plugins/fbtw-feeds

A powerful Facebook and Twitter integration that allows you to display Facebook, Twitter follow button and timeline for your wordpress website.

70 active installs v1.5 PHP + WP 3.0+ Updated Oct 28, 2023

facebookfacebook-like-boxtweettweetstwitter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Social Feeds Safe to Use in 2026?

Generally Safe

Score 85/100

Social Feeds has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The fbtw-feeds plugin v1.5 exhibits a generally good security posture based on the provided static analysis. There are no apparent critical or high severity vulnerabilities identified in the code signals or taint analysis. The absence of known CVEs and unpatched vulnerabilities in its history is a positive indicator, suggesting responsible development and maintenance. The plugin also demonstrates good practices in its use of prepared statements for SQL queries and a complete lack of external HTTP requests, which reduces the attack surface. However, a significant concern is the low percentage of properly escaped output (41%). This indicates a substantial risk of cross-site scripting (XSS) vulnerabilities, as unsanitized user input could be rendered directly in the browser. The presence of file operations without further details is also a potential area of concern. While the attack surface is reported as zero entry points, this might be a simplified view and the file operations could represent a hidden entry point.

Key Concerns

Low output escaping rate
File operations without details

Vulnerabilities

None known

Social Feeds Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Social Feeds Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

11 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

41% escaped27 total outputs

Attack Surface

Social Feeds Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionadmin_menuadmin-settings.php:25

actionadmin_initadmin-settings.php:26

actionwp_footerfrontend.php:24

actionwp_enqueue_scriptsindex.php:58

actionadmin_enqueue_scriptsindex.php:67

filterplugin_action_linksindex.php:86

Maintenance & Trust

Social Feeds Maintenance & Trust

Maintenance Signals

WordPress version tested6.3.8

Last updatedOct 28, 2023

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings6

Active installs70

Alternatives

Social Feeds Alternatives

BuddyStream

buddystream

!IMPORTANT!

10 1 CVE

Customize Feeds for Twitter

twitter-tweets

100

Customize Feeds for Twitter plugin for WordPress. You can use this to display real time Twitter feeds on any where on your website by using shortcode …

4K No CVEs

Slim Jetpack

slimjetpack

Slim version of Jetpack unlinked from WordPress.com :) Supercharge your self-hosted wp site even you're NOT WP.COM users.

2K No CVEs

Display Tweets

display-tweets-php

Display Tweets is an easy to use, future proof Twitter feed plugin that uses PHP to make requests to the v1.1 Twitter REST API.

1K No CVEs

Peadig's Twitter Feed: Embedded Timeline WordPress Plugin

wp-twitter-feed

A simple Twitter feed that outputs your latest tweets in HTML into any post, page, template or sidebar widget. Customisable and easy to install!

600 1 unpatched

Developer Profile

Social Feeds Developer Profile

Shahaji Deshmukh

2 plugins · 170 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Social Feeds

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/fbtw-feeds/css/sdft-front.css/wp-content/plugins/fbtw-feeds/js/sdft-main.js/wp-content/plugins/fbtw-feeds/css/sdft-admin.css/wp-content/plugins/fbtw-feeds/js/sdft-admin.js

Script Paths

//platform.twitter.com/widgets.js

Version Parameters

sdft-front.css?ver=sdft-main.js?ver=sdft-admin.css?ver=sdft-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

facebook_feedstwitter_feedsfacebook_twitter_commonfb-tw-iconsfacebook_boxtwitter_boxtwitter-follow-box

Data Attributes

data-hrefdata-tabsdata-widthdata-heightdata-small-headerdata-adapt-container-width+5 more

JS Globals

sdftvars

FAQ