Does GentleSource Short URL have any unpatched vulnerabilities?

No. All known vulnerabilities in GentleSource Short URL have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is GentleSource Short URL compatible with WordPress 3.4.2?

According to WordPress.org data, GentleSource Short URL 1.2.0 has been tested up to WordPress 3.4.2. Check the plugin's changelog for the latest compatibility information.

How often is GentleSource Short URL updated?

GentleSource Short URL was last updated on Jun 21, 2012. Frequent updates are generally a positive security signal.

What is GentleSource Short URL's security score?

GentleSource Short URL has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

GentleSource Short URL Security & Risk Analysis

wordpress.org/plugins/gentlesource-short-url

Automatically shortens the blog post URL.

10 active installs v1.2.0 PHP + WP 2.5+ Updated Jun 21, 2012

shortshort-urlshortenerurlurl-shortener

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is GentleSource Short URL Safe to Use in 2026?

Generally Safe

Score 85/100

GentleSource Short URL has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago

Risk Assessment

The "gentlesource-short-url" plugin version 1.2.0 exhibits a mixed security posture. While it boasts a zero attack surface via AJAX, REST API, shortcodes, and cron events, and all SQL queries utilize prepared statements, significant concerns arise from its output escaping and lack of authorization checks. The complete absence of proper output escaping (0% properly escaped) across all 19 output points presents a high risk of Cross-Site Scripting (XSS) vulnerabilities, as attacker-controlled data could be rendered directly in the browser. Furthermore, the presence of two taint flows with unsanitized paths, although not flagged as critical or high severity, indicates potential for insecure handling of user input, which could lead to unintended behavior or information disclosure depending on the context of the file operations and external HTTP requests.

Key Concerns

Missing output escaping
Unsanitized paths in taint flows
No nonce checks
No capability checks

Vulnerabilities

None known

GentleSource Short URL Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

GentleSource Short URL Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped19 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

settings (gentlesource_shorturl.php:142)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

GentleSource Short URL Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionedit_postgentlesource_shorturl.php:211

actionsave_postgentlesource_shorturl.php:212

actionpublish_postgentlesource_shorturl.php:213

actionadmin_menugentlesource_shorturl.php:214

filterthe_contentgentlesource_shorturl.php:216

Maintenance & Trust

GentleSource Short URL Maintenance & Trust

Maintenance Signals

WordPress version tested3.4.2

Last updatedJun 21, 2012

PHP min version

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

GentleSource Short URL Alternatives

Bitly URL Shortener

codehaveli-bitly-url-shortener

Bitly URL Shortener uses the functionality of Bitly API to generate Bitly short link without leaving your WordPress site.

600 1 CVE

URL Shortener

url-shortener

This plugin allows you to generate shortlinks for post/pages using URL Shorteners (e.g. Bit.ly, Su.pr, YOURLS, Goo.gl and many others).

100 No CVEs

Short URL Generator

shortcode-shorturl

This plugin automatically generates a Short URL for your article. You can choose your favorite provider and get multiple options.

10 No CVEs

S.EE URL Shortener, Text & File Sharing

sdotee

100

Integrate S.EE URL shortener, text sharing, and file hosting into WordPress.

0 No CVEs

Short.bg URL Shortener

short-bg-url-shortener

100

Shorten post URLs via Short.bg API directly from the WordPress editor.

0 No CVEs

Developer Profile

GentleSource Short URL Developer Profile

gentlesource

2 plugins · 110 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

5 days

View full developer profile

Detection Fingerprints

How We Detect GentleSource Short URL

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gentlesource-short-url/template/public.tpl.php

HTML / DOM Fingerprints

Shortcode Output

The Short URL of this blog posting isTwitter this blog posting

FAQ