Does FunnelFLARE have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is FunnelFLARE compatible with WordPress 5.8.13?

According to WordPress.org data, FunnelFLARE 1.0.2 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

How often is FunnelFLARE updated?

FunnelFLARE was last updated on Sep 10, 2021. Frequent updates are generally a positive security signal.

What is FunnelFLARE's security score?

FunnelFLARE has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

FunnelFLARE Security & Risk Analysis

wordpress.org/plugins/funnelflare

The easy way to integrate FunnelFLARE with your website.

10 active installs v1.0.2 PHP + WP 2.8+ Updated Sep 10, 2021

tracking-script

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is FunnelFLARE Safe to Use in 2026?

Generally Safe

Score 85/100

FunnelFLARE has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The 'funnelflare' v1.0.2 plugin exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of any identified CVEs, dangerous functions, raw SQL queries, or significant attack surface points (AJAX, REST API, shortcodes, cron) suggests a well-developed and secure codebase in these areas. The fact that SQL queries are 100% prepared is a significant strength. However, a critical concern arises from the output escaping. With 3 total outputs and 0% properly escaped, this indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the output rendered by the plugin.

The lack of explicit capability checks or nonce checks on any potential entry points, though currently there are none identified, could become a vulnerability if new entry points are added without proper security measures. The single external HTTP request also warrants consideration, as it could be a vector for other types of attacks if not handled securely. The vulnerability history being completely clear is a positive indicator of past development practices, but the identified output escaping issue needs immediate attention to maintain this record.

Key Concerns

Output escaping is not implemented (0%)
No capability checks on potential entry points
No nonce checks on potential entry points

Vulnerabilities

None known

FunnelFLARE Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

FunnelFLARE Release Timeline

v1.0.2Current

v1.0.1

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

FunnelFLARE Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped3 total outputs

Attack Surface

FunnelFLARE Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionadmin_initfunnelflare.php:21

actionwp_enqueue_scriptsfunnelflare.php:226

filterclean_urlfunnelflare.php:228

actionadmin_menufunnelflare.php:229

filterplugin_action_linksfunnelflare.php:230

Maintenance & Trust

FunnelFLARE Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedSep 10, 2021

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

FunnelFLARE Alternatives

ActiveDEMAND

activedemand

ActiveDEMAND, the easy way to add Web Forms, Dynamic Content, and Popups to your WordPress site.

1K 4 CVEs

Walnut.Marketing Portal

walnutmarketing

Adds the Walnut.Marketing Portal tracking script to your website

10 No CVEs

POD Marketing Analytics

pod-marketing-analytics

The easy way to integrate the Pod Marketing Analytics Portal to your website.

0 No CVEs

Developer Profile

FunnelFLARE Developer Profile

jumpdemand

2 plugins · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect FunnelFLARE

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/funnelflare/images/funnelflare.png/wp-content/plugins/funnelflare/images/screenshot.png

Script Paths

https://data.staticfiles.io/public/javascript/ad.collect.min.js.jgz#fftoken

Version Parameters

funnelflare/funnelflare.php?ver=funnelflare/ad.collect.min.js.jgz?ver=

HTML / DOM Fingerprints

Data Attributes

funnelflare_appkey

JS Globals