Does Google Plusone(+1) Button have any unpatched vulnerabilities?

No. All known vulnerabilities in Google Plusone(+1) Button have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Google Plusone(+1) Button compatible with WordPress 3.2.1?

According to WordPress.org data, Google Plusone(+1) Button 1.2 has been tested up to WordPress 3.2.1. Check the plugin's changelog for the latest compatibility information.

How often is Google Plusone(+1) Button updated?

Google Plusone(+1) Button was last updated on Jul 8, 2011. Frequent updates are generally a positive security signal.

What is Google Plusone(+1) Button's security score?

Google Plusone(+1) Button has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Google Plusone(+1) Button Security & Risk Analysis

wordpress.org/plugins/googleplusone-button

Author Site|

10 active installs v1.2 PHP + WP 3.0+ Updated Jul 8, 2011

google-1google-1-buttongoogle-plus-onegoogle-plus-one-buttongoogle-plusone1-button

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Google Plusone(+1) Button Safe to Use in 2026?

Generally Safe

Score 85/100

Google Plusone(+1) Button has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 14yr ago

Risk Assessment

The "googleplusone-button" v1.2 plugin exhibits a generally positive security posture in several key areas. It demonstrates an absence of known vulnerabilities (CVEs), no recorded critical or high-severity issues, and no direct SQL queries that are not prepared. The plugin also avoids file operations and external HTTP requests, further reducing its attack surface. However, a significant concern arises from the static analysis revealing that 100% of its 19 output points are not properly escaped. This lack of output sanitization presents a substantial risk of Cross-Site Scripting (XSS) vulnerabilities, where malicious scripts could be injected and executed within the user's browser.

Key Concerns

100% of output is not properly escaped
No nonce checks on any entry points
Only one capability check found

Vulnerabilities

None known

Google Plusone(+1) Button Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Google Plusone(+1) Button Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped19 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

gpo_admin_page (googleplusone-button-admin.php:60)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Google Plusone(+1) Button Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[twg_gpo_button] googleplusone-button-shortcode.php:10

WordPress Hooks 6

actionwp_print_scriptsgoogleplusone-button-display.php:9

actionadmin_menugoogleplusone-button.php:33

actionadmin_initgoogleplusone-button.php:34

actioninitgoogleplusone-button.php:38

filterthe_contentgoogleplusone-button.php:39

filterthe_excerptgoogleplusone-button.php:40

Maintenance & Trust

Google Plusone(+1) Button Maintenance & Trust

Maintenance Signals

WordPress version tested3.2.1

Last updatedJul 8, 2011

PHP min version

Downloads7K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Google Plusone(+1) Button Alternatives

Google Plus One Bottom

google-plus-one-bottom

Promotion your pr in google +1 with the google plus one bottom plugin. With google plus one bottom, your users can promote your content by sharing goo …

20 No CVEs

Like to Unlock lite

jcwp-like-to-unlock-lite

100

This plugin gives you control to initially hide part of your article from user. Content is displayed correctly once user Facebook Like or +1 your page

10 No CVEs

WP PlusOne This

wp-plusone-this

100

The WP PlusOne This plugin, automatically adds the Google Plus One ( +1 ) Button to your WordPress posts and pages.

10 No CVEs

Sharekoube

sharekoube

Add to Sharedaddy support service.

30 No CVEs

Add Google PlusOne

add-google-plusone

It features template tag (both fully customizable on top or bottom of content) allowing you to place as many Google +1 buttons on your site as you wan …

10 No CVEs

Developer Profile

Google Plusone(+1) Button Developer Profile

webgig

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Google Plusone(+1) Button

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/googleplusone-button/css/googleplusone-button.css/wp-content/plugins/googleplusone-button/js/googleplusone-button.js

Script Paths

https://apis.google.com/js/plusone.js

HTML / DOM Fingerprints

CSS Classes

wrapupdatedmessageelement

Data Attributes

twg_gpo_button_sizetwg_gpo_include_counttwg_gpo_button_locationtwg_gpo_button_languagetwg_gpo_button_display_in

FAQ

Google Plusone(+1) Button Security & Risk Analysis

Is Google Plusone(+1) Button Safe to Use in 2026?

Generally Safe

Key Concerns

Google Plusone(+1) Button Security Vulnerabilities

Google Plusone(+1) Button Code Analysis

Output Escaping

Data Flow Analysis

Google Plusone(+1) Button Attack Surface

Shortcodes 1

Google Plusone(+1) Button Maintenance & Trust

Maintenance Signals

Community Trust

Google Plusone(+1) Button Alternatives

Google Plus One Bottom

Like to Unlock lite

WP PlusOne This

Sharekoube

Add Google PlusOne

Google Plusone(+1) Button Developer Profile

How We Detect Google Plusone(+1) Button

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Google Plusone(+1) Button