Does Feedburner Right Now Stats have any unpatched vulnerabilities?

No. All known vulnerabilities in Feedburner Right Now Stats have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Feedburner Right Now Stats compatible with WordPress 2.8.4?

According to WordPress.org data, Feedburner Right Now Stats 0.2 has been tested up to WordPress 2.8.4. Check the plugin's changelog for the latest compatibility information.

How often is Feedburner Right Now Stats updated?

Feedburner Right Now Stats was last updated on Aug 31, 2009. Frequent updates are generally a positive security signal.

What is Feedburner Right Now Stats's security score?

Feedburner Right Now Stats has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Feedburner Right Now Stats Security & Risk Analysis

wordpress.org/plugins/feedburner-right-now-stats

Feedburner Right Now Stats is a plugin that will simply add your feedburner subsriber count to your Right Now box in your dashboard.

10 active installs v0.2 PHP + WP 2.7+ Updated Aug 31, 2009

adminblogfeedburnerstatssubscriber

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Feedburner Right Now Stats Safe to Use in 2026?

Generally Safe

Score 85/100

Feedburner Right Now Stats has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 16yr ago

Risk Assessment

The "feedburner-right-now-stats" v0.2 plugin exhibits a mixed security posture. On the positive side, the plugin has no known historical vulnerabilities (CVEs) and appears to have a very small attack surface with zero AJAX handlers, REST API routes, shortcodes, or cron events. All identified SQL queries utilize prepared statements, which is a strong security practice.

However, significant concerns arise from the static analysis. The plugin has zero capability checks and zero nonce checks. Furthermore, a critical finding is that 100% of the identified outputs are not properly escaped. The taint analysis reveals two flows with unsanitized paths, and although they are not categorized as critical or high severity in this report, unsanitized paths are inherently risky. The presence of external HTTP requests without further context also warrants caution.

Given the lack of historical vulnerabilities and the small attack surface, the plugin's current threat level might seem low. However, the identified code signals, particularly the complete lack of output escaping and capability checks, alongside the taint analysis findings, create substantial potential for vulnerabilities. Any future exploit vector targeting these weaknesses could be severe, especially if an attacker can inject data that is then rendered without sanitization. The plugin should be updated to include proper output escaping and capability checks.

Key Concerns

Unescaped output (3 total)
Flows with unsanitized paths (2 total)
No nonce checks
No capability checks

Vulnerabilities

None known

Feedburner Right Now Stats Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Feedburner Right Now Stats Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped3 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

fb_rns_show_stats (fb-rns.php:48)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Feedburner Right Now Stats Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actionadmin_menufb-rns.php:33

actionadmin_headfb-rns.php:34

Maintenance & Trust

Feedburner Right Now Stats Maintenance & Trust

Maintenance Signals

WordPress version tested2.8.4

Last updatedAug 31, 2009

PHP min version

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Feedburner Right Now Stats Alternatives

All In One Favicon

all-in-one-favicon

Easily add a Favicon to your site and the WordPress admin pages. Complete with upload functionality. Supports all three Favicon types (ico,png,gif).

70K 2 CVEs

WPS Visitor Counter

wps-visitor-counter

Display website visitor statistics with widget, shortcode, and Gutenberg block support.

10K 1 unpatched

Mechanic Visitor Counter

mechanic-visitor-counter

Mechanic Visitor Counter is a widgets which will display the Visitor counter and traffic statistics on WordPress. Some of the features offered include …

8K No CVEs

XT Visitor Counter

xt-visitor-counter

XT Visitor Counter is a widgets which will display the Visitor counter and traffic statistics on WordPress. Some of the features offered include Today …

7K No CVEs

Simple Blog Stats

simple-blog-stats

Displays a wealth of useful statistics about your site. Display total number of posts, pages, categories, tags, and much more.

4K 1 CVE

Developer Profile

Feedburner Right Now Stats Developer Profile

Gilbert Pellegrom

6 plugins · 260 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Feedburner Right Now Stats

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

b-feedfeed

Data Attributes

id="feeduri"id="old"

JS Globals

jQuery

FAQ