Does Flat Twitter have any unpatched vulnerabilities?

No. All known vulnerabilities in Flat Twitter have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Flat Twitter compatible with WordPress 4.3.34?

According to WordPress.org data, Flat Twitter 1.0 has been tested up to WordPress 4.3.34. Check the plugin's changelog for the latest compatibility information.

How often is Flat Twitter updated?

Flat Twitter was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Flat Twitter's security score?

Flat Twitter has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Flat Twitter Security & Risk Analysis

wordpress.org/plugins/flat-twitter

Flat Twitter plugin gives you two widgets that will let you showcase your Twitter Profile or your Feeds with flat design graphics.

10 active installs v1.0 PHP + WP 4.2.2+ Updated Unknown

feedssharesocialtweetstwitter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Flat Twitter Safe to Use in 2026?

Generally Safe

Score 100/100

Flat Twitter has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "flat-twitter" plugin v1.0 exhibits a mixed security posture. While it has no recorded vulnerability history and avoids dangerous functions or file operations, its static analysis reveals significant concerns regarding its attack surface and input sanitization. Specifically, two of the three AJAX handlers lack authentication checks, presenting a direct pathway for unauthorized actions. Furthermore, the complete absence of prepared statements for all SQL queries is a critical weakness, highly susceptible to SQL injection vulnerabilities. The plugin also has a limited number of nonce checks, which, when combined with the unprotected AJAX endpoints, further increases the risk of CSRF attacks. Despite a relatively high percentage of properly escaped output, the presence of critical vulnerabilities in how AJAX requests and SQL queries are handled overshadows this positive aspect. The lack of taint analysis results may simply indicate that the tools used did not find any (or the analysis was incomplete), but the direct evidence of unprotected entry points and raw SQL queries warrants serious attention.

Key Concerns

AJAX handlers without auth checks
SQL queries without prepared statements
Limited nonce checks
No capability checks

Vulnerabilities

None known

Flat Twitter Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Flat Twitter Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

172 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared3 total queries

Output Escaping

79% escaped217 total outputs

Attack Surface

2 unprotected

Flat Twitter Attack Surface

Entry Points3

Unprotected2

AJAX Handlers 3

authwp_ajax_lmb_flat_twitter_adminadmin\lmb-flat-twitter-admin.php:214

noprivwp_ajax_lmb_flat_twitter_request_new_feedsinc\lmb-flat-twitter-feed-update.php:344

authwp_ajax_lmb_flat_twitter_request_new_feedsinc\lmb-flat-twitter-feed-update.php:346

WordPress Hooks 7

actionadmin_menuadmin\lmb-flat-twitter-admin.php:149

actionadmin_enqueue_scriptsadmin\lmb-flat-twitter-admin.php:177

actionwp_enqueue_scriptslmb-flat-twitter.php:187

actionwp_enqueue_scriptslmb-flat-twitter.php:224

actionwidgets_initlmb-flat-twitter.php:243

actionplugins_loadedlmb-flat-twitter.php:260

actionload-widgets.phplmb-flat-twitter.php:287

Maintenance & Trust

Flat Twitter Maintenance & Trust

Maintenance Signals

WordPress version tested4.3.34

Last updatedUnknown

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Flat Twitter Alternatives

Curator Studio – Twitter – Show tweets, mentions and more

curator-studio-twitter

Curate Twitter content like never before.

0 No CVEs

Buttonizer – Social Media Share Buttons, Social Icons, & Social Feeds

facebook-pagelike-widget

Floating Social Media Icons, Sticky Share Buttons, Facebook Feeds, & Popup builder. Also, create Call, Email, SMS, & Contact buttons to increa …

50K 2 CVEs

Seed Social

seed-social

Minimal Social Sharing WordPress Plugin (Just Facebook, Twitter and Line)

7K 1 CVE

Autopost for X (formerly Autoshare for Twitter)

autoshare-for-twitter

Automatically shares the post title or custom message and a link to the post to X/Twitter.

6K 2 CVEs

Custom Share Buttons with Floating Sidebar

custom-share-buttons-with-floating-sidebar

Share buttons with extra features to sharing your website posts/pages on Facebook, Twitter, Instagram, Whatsapp, Pinterest etc.

5K 1 CVE

Developer Profile

Flat Twitter Developer Profile

lambertmb

1 plugin · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Flat Twitter

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/flat-twitter/css/lmb-flat-twitter.css/wp-content/plugins/flat-twitter/lib/twitter-intents/widget.js/wp-content/plugins/flat-twitter/js/lmb-flat-twitter.js

Script Paths

/wp-content/plugins/flat-twitter/lib/twitter-intents/widget.js/wp-content/plugins/flat-twitter/js/lmb-flat-twitter.js

Version Parameters

lmb-flat-twitter.css?ver=lmb-flat-twitter.js?ver=

HTML / DOM Fingerprints

CSS Classes

flat-twitter-profileflat-twitter-profile-countersflat-twitter-profile-coverflat-twitter-profile-avatarflat-twitter-profile-follow-buttonflat-twitter-feeds-feed-avatarflat-twitter-feeds

Data Attributes

id="lmb-flat-twitter-profile-widget-id="lmb-flat-twitter-feeds-widget-

JS Globals

lmb_flat_twitter_script_url

FAQ