Does Flurry have any unpatched vulnerabilities?

No. All known vulnerabilities in Flurry have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Flurry compatible with WordPress 4.9.29?

According to WordPress.org data, Flurry 1.1.1 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is Flurry updated?

Flurry was last updated on Sep 7, 2018. Frequent updates are generally a positive security signal.

What is Flurry's security score?

Flurry has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Flurry Security & Risk Analysis

wordpress.org/plugins/flurry

Adds falling snow to your site using the Flurry plugin for jQuery.

60 active installs v1.1.1 PHP + WP 4.5+ Updated Sep 7, 2018

falling-snowflurryjquerysnowsnowing

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Flurry Safe to Use in 2026?

Generally Safe

Score 85/100

Flurry has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The static analysis of the 'flurry' plugin v1.1.1 indicates a generally strong security posture. The absence of any identified dangerous functions, external HTTP requests, file operations, or SQL queries executed without prepared statements is highly positive. Furthermore, the high percentage of properly escaped output suggests good practices in preventing cross-site scripting (XSS) vulnerabilities. The plugin also shows no signs of taint flows or known vulnerabilities in its history, which are excellent indicators of a secure codebase.

However, the complete lack of nonce checks and capability checks across all entry points (AJAX, REST API, shortcodes, cron events) presents a significant concern. While the current static analysis shows zero unprotected entry points, this is likely due to the absence of these entry points altogether. If any functionality were to be added or exposed in the future, the lack of these fundamental security mechanisms would immediately create vulnerabilities. The plugin's vulnerability history is clean, which is reassuring, but it doesn't mitigate the inherent risk posed by the absence of authorization checks on any potential future entry points.

In conclusion, 'flurry' v1.1.1 demonstrates excellent development practices concerning data sanitization and SQL execution. The lack of historical vulnerabilities is a significant strength. The primary weakness lies in the complete absence of authorization and nonce checks, which, while not currently exposing any flaws due to a zero attack surface, represents a critical oversight for future maintainability and potential feature additions.

Key Concerns

No nonce checks on entry points
No capability checks on entry points
Low percentage of properly escaped output (91%)

Vulnerabilities

None known

Flurry Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Flurry Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

40 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

91% escaped44 total outputs

Attack Surface

Flurry Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionadmin_initflurry.php:96

actionadmin_menuflurry.php:111

actionafter_setup_themeflurry.php:129

actionadmin_enqueue_scriptsflurry.php:720

actionwp_enqueue_scriptsflurry.php:792

Maintenance & Trust

Flurry Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedSep 7, 2018

PHP min version

Downloads7K

Community Trust

Rating100/100

Number of ratings7

Active installs60

Alternatives

Flurry Alternatives

Simply Snow

simply-snow

A WordPress plugin that, when activated, will add a snowing effect on your site.

10 No CVEs

DB Falling Snowflakes

db-falling-snowflakes

Snow falling animation. Personal customization of snowflakes and their movement. The script runs only during the period of time you want.

700 No CVEs

Snow Storm

snow-storm

Display falling snow flakes on the front of your WordPress website for a festive presentation.

500 2 CVEs

Snow

snow

Professional snow plugin with highly customizable options, no coding knowledge required.

200 No CVEs

Rs Christmas Trees

rs-christmas-trees

Add nice looking animation effect of falling snow and header and footer trees banner to your Wordpress site and enjoy winter with RS Christmas.

100 No CVEs

Developer Profile

Flurry Developer Profile

joshmccarty

1 plugin · 60 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Flurry

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/flurry/js/flurry.js/wp-content/plugins/flurry/css/flurry.css

Script Paths

/wp-content/plugins/flurry/js/flurry.js

Version Parameters

flurry/js/flurry.js?ver=flurry/css/flurry.css?ver=

HTML / DOM Fingerprints

CSS Classes

flurry-settings-wrap

Data Attributes

data-flurry-characterdata-flurry-customCharactersdata-flurry-colordata-flurry-color2data-flurry-color3data-flurry-color4+6 more

JS Globals

flurrySettings

FAQ