WP-Safety

Feed2Post – Import feeds as posts and users Security & Risk Analysis

wordpress.org/plugins/feed2post-ircf

Feed2Post provides a single interface to import multiple types of feeds into posts and/or users.

30 active installs v1.54 PHP 7.0+ WP 3.0.1+ Updated Dec 29, 2025
csv-importexcel-importimport-csvimport-excelxls-import
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Feed2Post – Import feeds as posts and users Safe to Use in 2026?

Generally Safe

Score 100/100

Feed2Post – Import feeds as posts and users has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The feed2post-ircf plugin v1.54 presents a mixed security posture. On the positive side, there are no recorded vulnerabilities or CVEs, and the code does not appear to use dangerous functions. The majority of SQL queries utilize prepared statements, and a good portion of output is properly escaped, indicating some attention to secure coding practices. However, significant concerns arise from the static analysis. The presence of one AJAX handler without any authentication check creates a direct entry point for potential unauthorized actions. Furthermore, while the total number of flows is low, the high percentage of flows with unsanitized paths is concerning, even without critical or high severity findings in the taint analysis. The absence of nonce checks on AJAX handlers, coupled with limited capability checks, amplifies the risk associated with the unprotected AJAX endpoint. The plugin's lack of a vulnerability history could indicate good security, or simply a lack of discovered issues, which can change over time.

Key Concerns

  • Unprotected AJAX handler
  • Flows with unsanitized paths (high percentage)
  • Missing nonce checks on AJAX
  • Low number of capability checks
  • SQL queries without prepared statements (36%)
  • Output escaping (61% proper)
Vulnerabilities
None known

Feed2Post – Import feeds as posts and users Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Feed2Post – Import feeds as posts and users Code Analysis

Dangerous Functions
0
Raw SQL Queries
5
9 prepared
Unescaped Output
119
185 escaped
Nonce Checks
0
Capability Checks
3
File Operations
6
External Requests
1
Bundled Libraries
0

SQL Query Safety

64% prepared14 total queries

Output Escaping

61% escaped304 total outputs
Data Flows
6 unsanitized

Data Flow Analysis

9 flows6 with unsanitized paths
feed2post_admin_notices (feed2post.php:712)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Feed2Post – Import feeds as posts and users Attack Surface

Entry Points2
Unprotected1

AJAX Handlers 1

authwp_ajax_feed2post_admin_noticesfeed2post.php:741

Shortcodes 1

[feed2post] feed2post.php:1360
WordPress Hooks 72
actioninitfeed2post.php:36
actionfeed2post_before_post_deletefeed2post.php:98
filterfeed2post_post_field_valuefeed2post.php:174
filterfeed2post_post_field_value_post_titlefeed2post.php:179
filterfeed2post_post_field_value_post_contentfeed2post.php:184
filterfeed2post_post_field_value_taxonomyfeed2post.php:189
filterfeed2post_post_field_template_post_titlefeed2post.php:197
filterfeed2post_post_field_template_post_contentfeed2post.php:207
filterfeed2post_post_field_template_thumbnailfeed2post.php:212
filterfeed2post_post_field_template_galleryfeed2post.php:219
filterfeed2post_post_field_template_mediafeed2post.php:220
filterfeed2post_post_field_template_slideshowfeed2post.php:231
filterfeed2post_post_field_template_fieldsetfeed2post.php:249
filterfeed2post_post_field_template_map_latitudefeed2post.php:262
filterfeed2post_post_field_template_taxonomyfeed2post.php:288
filterfeed2post_post_field_template_map_longitudefeed2post.php:300
filterfeed2post_post_field_template_defaultfeed2post.php:301
actioninitfeed2post.php:363
filtermanage_feed2post_feed_posts_columnsfeed2post.php:393
actionmanage_feed2post_feed_posts_custom_columnfeed2post.php:404
actionadmin_action_feed2post_feed_fields_updatefeed2post.php:556
actionadmin_action_feed2post_feed_fields_exportfeed2post.php:593
actionpost_edit_form_tagfeed2post.php:635
actionadmin_action_feed2post_feed_fields_importfeed2post.php:643
actionadmin_initfeed2post.php:698
actionadmin_noticesfeed2post.php:711
filterwp_insert_post_datafeed2post.php:749
actionsave_postfeed2post.php:766
actionadmin_action_feed2post_feed_posts_updatefeed2post.php:859
actionfeed2post_feed_posts_update_eventfeed2post.php:870
actionadmin_action_feed2post_feed_posts_deletefeed2post.php:884
actionadmin_action_feed2post_feed_trash_posts_deletefeed2post.php:912
actionadmin_action_feed2post_check_schedule_feedsfeed2post.php:938
filterpost_row_actionsfeed2post.php:964
actionadmin_action_feed2post_style_resetfeed2post.php:980
filterthe_contentfeed2post.php:1011
filtertemplate_includefeed2post.php:1015
actionparse_queryfeed2post.php:1046
actionadmin_menufeed2post.php:1134
actionwp_enqueue_scriptsfeed2post.php:1225
actionadmin_enqueue_scriptsfeed2post.php:1233
actionfeed2post_after_post_updatefeed2post.php:1403
actionupgrader_process_completefeed2post.php:1568
actionfeed2post_hourlyfeed2post.php:1584
actionadmin_action_feed2post_upgradefeed2post.php:1593
actionadmin_action_feed2post_oauth_loginfeed2post.php:1601
actionadmin_action_feed2post_oauth_callbackfeed2post.php:1609
actionfeed2post_after_importfeed2post.php:1618
filterfeed2post_feed_typesincludes\feed\feed2post-ac3.php:129
filterfeed2post_get_field_valueincludes\feed\feed2post-ac3.php:149
filterfeed2post_feed_typesincludes\feed\feed2post-csv.php:117
filterfeed2post_feed_typesincludes\feed\feed2post-excel.php:93
filterfeed2post_options_meta_box_fieldincludes\feed\feed2post-facebook.php:24
actionfeed2post_options_meta_box_before_fieldincludes\feed\feed2post-facebook.php:25
filterfeed2post_feed_typesincludes\feed\feed2post-facebook.php:178
actionfeed2post_options_meta_box_before_fieldincludes\feed\feed2post-google-reviews.php:18
filterfeed2post_feed_typesincludes\feed\feed2post-google-reviews.php:83
filterfeed2post_feed_typesincludes\feed\feed2post-infolocale.php:157
filterfeed2post_feed_typesincludes\feed\feed2post-json.php:167
filterfeed2post_options_meta_box_fieldincludes\feed\feed2post-linkedin.php:24
actionfeed2post_options_meta_box_before_fieldincludes\feed\feed2post-linkedin.php:25
filterfeed2post_feed_typesincludes\feed\feed2post-linkedin.php:191
filterfeed2post_feed_typesincludes\feed\feed2post-none.php:19
filterfeed2post_options_meta_box_fieldincludes\feed\feed2post-openai.php:23
filterfeed2post_feed_typesincludes\feed\feed2post-openai.php:116
filterfeed2post_feed_typesincludes\feed\feed2post-pdo.php:71
filterfeed2post_feed_typesincludes\feed\feed2post-rss.php:63
filterfeed2post_feed_typesincludes\feed\feed2post-sirtaqui-v3.php:85
actionfeed2post_options_meta_box_before_fieldincludes\feed\feed2post-sirtaqui-v3.php:95
filterfeed2post_feed_typesincludes\feed\feed2post-sirtaqui.php:116
filterfeed2post_post_medias_mediaincludes\feed\feed2post-sirtaqui.php:125
filterfeed2post_feed_typesincludes\feed\feed2post-xml.php:157

Scheduled Events 4

feed2post_feed_posts_update_event
feed2post_hourly
feed2post_hourly
feed2post_feed_posts_update_event
Maintenance & Trust

Feed2Post – Import feeds as posts and users Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedDec 29, 2025
PHP min version7.0
Downloads4K

Community Trust

Rating0/100
Number of ratings0
Active installs30
Alternatives

Feed2Post – Import feeds as posts and users Alternatives

Importe CSV

Importe CSV

importe-csv

A
85

Import CSV

10 No CVEs
WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets

WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets

wp-all-import

B
75

Easily import any file of any size into any plugin, post type, custom field, or taxonomy. Supports WooCommerce, ACF, images, galleries, users, real es …

100K 22 CVEs
Product Import Export for WooCommerce – Import Export Product CSV Suite

Product Import Export for WooCommerce – Import Export Product CSV Suite

product-import-export-for-woo

A
94

Easily import/export WooCommerce products (simple, grouped, external/affiliate) via CSV. Transfer product data, including images, reviews, categories, …

90K 7 CVEs
WP All Import – Import Add-On for ACF

WP All Import – Import Add-On for ACF

csv-xml-import-for-acf

A
100

Drag & drop to import any CSV, Excel, XML, or Google Sheets file into Advanced Custom Fields. Supports repeaters, flexible content, galleries, and …

40K No CVEs
Import Users from CSV

Import Users from CSV

import-users-from-csv

A
98

Import users from a CSV into WordPress

20K 1 CVE
Developer Profile

Feed2Post – Import feeds as posts and users Developer Profile

ircf

5 plugins · 310 total installs

75
trust score
Avg Security Score
94/100
Avg Patch Time
282 days
View full developer profile
Detection Fingerprints

How We Detect Feed2Post – Import feeds as posts and users

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/feed2post-ircf/assets/css/style.css/wp-content/plugins/feed2post-ircf/assets/js/script.js
Script Paths
/wp-content/plugins/feed2post-ircf/assets/js/script.js
Version Parameters
feed2post-ircf/assets/css/style.css?ver=feed2post-ircf/assets/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
feed2post-archivefeed2post-postfield-post_titlefield-post_contentfield-thumbnail
Data Attributes
data-feed2post-id
JS Globals
feed2post
Shortcode Output
[feed2post get="post_title"][feed2post get="posts_count"][feed2post get="posts_admin_url"]
FAQ

Frequently Asked Questions about Feed2Post – Import feeds as posts and users