Does WP Social Blogroll have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Social Blogroll have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Social Blogroll compatible with WordPress 3.6.1?

According to WordPress.org data, WP Social Blogroll 1.5.9.2 has been tested up to WordPress 3.6.1. Check the plugin's changelog for the latest compatibility information.

How often is WP Social Blogroll updated?

WP Social Blogroll was last updated on Oct 14, 2013. Frequent updates are generally a positive security signal.

What is WP Social Blogroll's security score?

WP Social Blogroll has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Social Blogroll Security & Risk Analysis

wordpress.org/plugins/feed-reading-blogroll

WP Social Blogroll adds a social blogroll to your blog. It will follow and display all updates of the sites in your blogroll.

200 active installs v1.5.9.2 PHP + WP 3.0+ Updated Oct 14, 2013

Is WP Social Blogroll Safe to Use in 2026?

Generally Safe

Score 85/100

WP Social Blogroll has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The 'feed-reading-blogroll' plugin version 1.5.9.2 exhibits a generally positive security posture based on the provided static analysis. The plugin has a minimal attack surface, with only one AJAX handler, and importantly, it appears to have no unprotected entry points. The absence of any known CVEs in its history further suggests a history of secure development and maintenance. However, there are significant concerns within the code itself. The use of the `create_function` is a critical red flag due to its inherent security risks, as it can lead to arbitrary code execution if user-supplied data is not meticulously sanitized. Furthermore, the complete lack of prepared statements for SQL queries is highly problematic, opening the door to SQL injection vulnerabilities. The extremely low percentage of properly escaped output also indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, where malicious scripts could be injected into the website's content. While the plugin has a clean vulnerability history, the internal code signals present a stark contrast, indicating significant potential for exploitation if user input is not handled with extreme care.

Key Concerns

Use of dangerous function create_function
SQL queries without prepared statements
Low percentage of properly escaped output
No capability checks on AJAX handler

Vulnerabilities

None known

WP Social Blogroll Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP Social Blogroll Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

398

7 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_functionadd_action('widgets_init', create_function('', 'return register_widget("FeedReadingBlogrollWidget");feedreading_blogroll.php:75

SQL Query Safety

0% prepared1 total queries

Output Escaping

2% escaped405 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<feedreading_blogroll> (feedreading_blogroll.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WP Social Blogroll Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_feedreading_blogroll_generate_javascript_lookupfeedreading_blogroll.php:85

WordPress Hooks 14

actionadmin_menufeedreading_blogroll.php:68

actionadmin_initfeedreading_blogroll.php:69

actionwidgets_initfeedreading_blogroll.php:70

actionadmin_enqueue_scriptsfeedreading_blogroll.php:73

actionwp_enqueue_scriptsfeedreading_blogroll.php:74

actionwidgets_initfeedreading_blogroll.php:75

filterozh_adminmenu_icon_feedreading_blogroll.phpfeedreading_blogroll.php:76

actionwp_print_scriptsfeedreading_blogroll.php:80

actionwp_print_stylesfeedreading_blogroll.php:81

actionadd_linkfeedreading_blogroll.php:86

actionedit_linkfeedreading_blogroll.php:87

actiondelete_linkfeedreading_blogroll.php:88

actionupdate_option_feedreading_blogroll_settingsfeedreading_blogroll.php:89

actionupdate_option_widget_feedreadingblogrollfeedreading_blogroll.php:90

Maintenance & Trust

WP Social Blogroll Maintenance & Trust

Maintenance Signals

WordPress version tested3.6.1

Last updatedOct 14, 2013

PHP min version

Downloads68K

Community Trust

Rating40/100

Number of ratings3

Active installs200

Alternatives

WP Social Blogroll Alternatives

The Social Links

the-social-links

The Social Links plugin adds a widget and shortcode to your WordPress website allowing you to display icons linking to your social profiles.

2K No CVEs

Developer Profile

WP Social Blogroll Developer Profile

Erunafailaro

5 plugins · 240 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Social Blogroll

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/feed-reading-blogroll/css/feedreading_blogroll.css/wp-content/plugins/feed-reading-blogroll/js/feedreading_blogroll.js

Script Paths

/wp-content/plugins/feed-reading-blogroll/js/feedreading_blogroll.js

Version Parameters

feed-reading-blogroll/style.css?ver=feedreading_blogroll.js?ver=

HTML / DOM Fingerprints

CSS Classes

widget_feedreading_blogroll

JS Globals

feedreading_blogroll_widget_id

FAQ