Does Get Post List With Thumbnails have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Get Post List With Thumbnails compatible with WordPress 3.5.2?

According to WordPress.org data, Get Post List With Thumbnails 10.0.2 has been tested up to WordPress 3.5.2. Check the plugin's changelog for the latest compatibility information.

How often is Get Post List With Thumbnails updated?

Get Post List With Thumbnails was last updated on Aug 9, 2013. Frequent updates are generally a positive security signal.

What is Get Post List With Thumbnails's security score?

Get Post List With Thumbnails has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Get Post List With Thumbnails Security & Risk Analysis

wordpress.org/plugins/get-post-list-with-thumbnails

Description:Displays a list with posts and custom size thumbnails(for the first attached or featured image), linked to each post permalink.

200 active installs v10.0.2 PHP + WP 3.1.3+ Updated Aug 9, 2013

listlist-postposts-listthumbnails

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Get Post List With Thumbnails Safe to Use in 2026?

Generally Safe

Score 85/100

Get Post List With Thumbnails has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The 'get-post-list-with-thumbnails' v10.0.2 plugin exhibits a generally good security posture in several key areas. The static analysis shows no dangerous functions, all SQL queries utilize prepared statements, and there are no external HTTP requests or file operations that could be exploited. The absence of known CVEs and a clean vulnerability history further contribute to this positive outlook, suggesting a mature and well-maintained codebase.

However, a significant concern arises from the complete lack of output escaping for all 182 identified output points. This is a critical weakness that leaves the plugin highly susceptible to Cross-Site Scripting (XSS) vulnerabilities. Any dynamic data displayed to users, if not properly sanitized before output, could be manipulated by attackers to inject malicious scripts. While the attack surface is small and appears to have no unprotected entry points, the severity of unescaped output cannot be overstated. Therefore, while the plugin avoids common pitfalls like unpatched vulnerabilities and raw SQL, the lack of output escaping presents a substantial risk that requires immediate attention.

Key Concerns

All outputs are unescaped

Vulnerabilities

None known

Get Post List With Thumbnails Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Get Post List With Thumbnails Release Timeline

v10.0.1

v10.0.0

v9.0.1

v9.0.0

v8.0.4

v8.0.3

v8.0.2

v8.0.1

v8.0.0

v7.0.0

v6.2.0

v6.1.0

v6.0.0

v5.0.0

v4.0.0

v3.0.2

v3.0.1

v3.0.0

v2.0.0

v1.0.0

Code Analysis

Analyzed Mar 16, 2026

Get Post List With Thumbnails Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

182

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped182 total outputs

Attack Surface

Get Post List With Thumbnails Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[gplt] get_post_list_with_thumbs.php:68

WordPress Hooks 3

actionwp_headget_post_list_with_thumbs.php:36

filterplugin_row_metaget_post_list_with_thumbs.php:117

actionwidgets_initget_post_list_with_thumbs.php:938

Maintenance & Trust

Get Post List With Thumbnails Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2

Last updatedAug 9, 2013

PHP min version

Downloads35K

Community Trust

Rating96/100

Number of ratings5

Active installs200

Alternatives

Get Post List With Thumbnails Alternatives

WAD Recent Posts

wad-recent-posts

Simple and clean widget for showing recent posts list. It also has shortcode feature.

0 No CVEs

Unlist Posts & Pages

unlist-posts

100

Hide posts, pages or custom items from your site and make them accessible only with the direct link.

10K No CVEs

Latest Posts Block – Dynamic Posts Grid, Posts List, Posts Tile with Stunning Layouts for WordPress Blogs & Pages

latest-posts-block-lite

100

Dynamic Posts Grid, Posts List, Posts Tile with Stunning Layouts for WordPress Blogs & Pages

7K No CVEs

Flex Posts – Widget and Gutenberg Block

flex-posts

100

A widget to display posts with thumbnails in various layouts. Fits nicely in any widget area size.

3K No CVEs

Developer Profile

Get Post List With Thumbnails Developer Profile

alvaron

4 plugins · 250 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Get Post List With Thumbnails

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/get-post-list-with-thumbnails/ajaxhandler.js/wp-content/plugins/get-post-list-with-thumbnails/ajaxhandlergplwt.js

HTML / DOM Fingerprints

HTML Comments

Copyright 2013 Alvaro Neto (email : wpworking@wpworking.com This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or+8 more

JS Globals

goprocess_gplwtconsulta_gplwt

Shortcode Output

[gplt]

FAQ