Floating Social Media Popout Buttons Security & Risk Analysis
wordpress.org/plugins/floatingsocialmediapopoutFloating Social Media popout allows your webpage to show a face book like box and Googleplus badge widget when a visitor mouse hovers the floating face book icon or Googleplus icon located on right side of webpage.
Is Floating Social Media Popout Buttons Safe to Use in 2026?
Generally Safe
Score 85/100Floating Social Media Popout Buttons has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "floatingsocialmediapopout" v1.0 plugin presents a generally concerning security posture despite a clean vulnerability history. The static analysis reveals a complete lack of security checks for all identified entry points, including AJAX handlers, REST API routes, and shortcodes. This means that any function exposed through these channels is entirely unprotected, creating a significant attack surface. Furthermore, the complete absence of output escaping on all three identified outputs is a critical flaw, as it leaves the plugin vulnerable to cross-site scripting (XSS) attacks. While the plugin doesn't use dangerous functions, raw SQL, file operations, external requests, or bundle libraries, the absence of basic security measures like nonce and capability checks, coupled with the unescaped output, paints a worrying picture. The lack of any recorded vulnerability history could indicate either genuine good security practices or, more likely given the code analysis findings, a lack of targeted security research or exploitation attempts so far. However, relying on this lack of history without addressing the clear code-level vulnerabilities would be irresponsible. The plugin has significant weaknesses in input validation and output sanitization, making it a potential target for attacks.
Key Concerns
- All entry points lack authentication checks
- Output is not properly escaped
- No nonce checks implemented
- No capability checks implemented
Floating Social Media Popout Buttons Security Vulnerabilities
Floating Social Media Popout Buttons Code Analysis
Output Escaping
Floating Social Media Popout Buttons Attack Surface
WordPress Hooks 3
Maintenance & Trust
Floating Social Media Popout Buttons Maintenance & Trust
Maintenance Signals
Community Trust
Floating Social Media Popout Buttons Alternatives
Social Sharing Plugin – Sassy Social Share
sassy-social-share
The Simplest and Optimized Social Share buttons. Facebook, X, Reddit, Pinterest, Whatsapp, Grok, ChatGPT, Gab, Gettr and over 100 more.
Wp Social Login and Register Social Counter
wp-social
Wp social lets you add social login, social counter, and social share buttons of different styles to your WordPress website.
Ocean Social Sharing
ocean-social-sharing
Website: https://oceanwp.org/ Support: https://oceanwp.org/support/ Documentation: https://docs.oceanwp.org/ Extensions: https://oceanwp.
Hubbub Lite – Fast, free social sharing and follow buttons
social-pug
Your content is worth sharing. Let's makes it easier!
Easy Social Icons
easy-social-icons
Upload your own social media icons or choose from font-awesome. Use widget|shortcode to place icons anywhere(sidebar, header, footer, page) in theme.
Floating Social Media Popout Buttons Developer Profile
2 plugins · 40 total installs
How We Detect Floating Social Media Popout Buttons
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/floatingsocialmediapopout/fsb_style.cssHTML / DOM Fingerprints
FSPMainFSPfacebookFSPfacebookDivFSPImageFSPgoogleplusFSPGplusDivFSPgoogleplusimgg-plus<!-- Place this tag where you want the badge to render. --><!-- Place this tag after the last badge tag. -->data-hrefdata-relFFB_facebook_share_initFFB_FaceBook_Float_LoadFFB_FaceBook_Floatget_plugin_directoryFFB_facebook_installFFB_facebook_remove+2 more