Does Guest Author have any unpatched vulnerabilities?

No. All known vulnerabilities in Guest Author have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Guest Author compatible with WordPress 6.9.4?

According to WordPress.org data, Guest Author 2.61 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Guest Author compatible with PHP 5.2.4+?

Guest Author requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Guest Author updated?

Guest Author was last updated on Dec 3, 2025. Frequent updates are generally a positive security signal.

What is Guest Author's security score?

Guest Author has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Guest Author Security & Risk Analysis

wordpress.org/plugins/guest-author

Add a guest author to any post without needing to register the guest author as a user on your site.

5K active installs v2.61 PHP 5.2.4+ WP 4.6+ Updated Dec 3, 2025

authorguestguest-authorguest-postpost-author

A · Safe

CVEs total2

Unpatched0

Last CVEDec 4, 2023

Plugin page Download

Safety Verdict

Is Guest Author Safe to Use in 2026?

Generally Safe

Score 99/100

Guest Author has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Dec 4, 2023Updated 4mo ago

Risk Assessment

The "guest-author" plugin v2.61 exhibits a generally strong security posture, with a minimal attack surface and excellent adherence to secure coding practices. The static analysis reveals no dangerous functions, all SQL queries are prepared, and output escaping is near-perfect. Taint analysis also shows no identified vulnerabilities. The plugin also implements nonce checks and capability checks on its entry points.

However, the plugin's vulnerability history is a significant concern. Two medium severity vulnerabilities have been recorded, both related to Cross-Site Scripting (XSS). While none are currently unpatched, the recurrence of XSS issues indicates a potential weakness in input validation or output sanitization within specific scenarios or across different versions. The presence of past vulnerabilities, even if patched, warrants caution and suggests that ongoing vigilance and potential future audits are advisable.

In conclusion, while the current code version appears to be well-secured based on static analysis, the historical vulnerability data suggests a need for continued monitoring and potentially a deeper review of past exploit vectors to ensure future resilience against similar attack types.

Key Concerns

Past medium severity XSS vulnerabilities

Vulnerabilities

Guest Author Security Vulnerabilities

CVEs by Year

2 CVEs in 2023

2023

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2023-49747medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Guest Author <= 2.3 - Authenticated (Author+) Stored Cross-Site Scripting

Dec 4, 2023 Patched in 2.4 (50d)

WF-0b7d7b64-8194-4b81-83f5-1f3b23109455-guest-authormedium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Guest Author <= 2.3 - Authenticated Stored Cross-Site Scripting

Dec 1, 2023 Patched in 2.4 (53d)

Code Analysis

Analyzed Mar 16, 2026

Guest Author Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

39 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

95% escaped41 total outputs

Attack Surface

Guest Author Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_BS_get_imageguest-author.php:82

WordPress Hooks 28

actionwp_headguest-author.php:41

filterbody_classguest-author.php:42

actionpre_get_postsguest-author.php:44

actionthe_postguest-author.php:45

filterthe_authorguest-author.php:47

filterget_the_author_display_nameguest-author.php:48

filterget_the_author_user_nicenameguest-author.php:49

filterget_the_author_nicknameguest-author.php:50

filterget_the_author_IDguest-author.php:51

filterauthor_linkguest-author.php:52

filterget_the_author_linkguest-author.php:53

filterget_the_author_urlguest-author.php:54

filterauthor_descriptionguest-author.php:56

filterget_the_author_descriptionguest-author.php:57

filterget_the_author_user_emailguest-author.php:59

filterpre_get_avatar_dataguest-author.php:60

actionsave_postguest-author.php:72

actionadmin_enqueue_scriptsguest-author.php:74

actioncurrent_screenguest-author.php:75

actionadd_meta_boxesguest-author.php:76

filtermanage_posts_columnsguest-author.php:78

actionmanage_posts_custom_columnguest-author.php:79

filtersafe_style_cssguest-author.php:757

filtersafe_style_cssguest-author.php:989

actioninitindex.php:32

actionwp_loadedsettings.php:16

actionadmin_menusettings.php:18

actionadmin_initsettings.php:19

Maintenance & Trust

Guest Author Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 3, 2025

PHP min version5.2.4

Downloads72K

Community Trust

Rating84/100

Number of ratings14

Active installs5K

Alternatives

Guest Author Alternatives

BigIdeas

bigideas

Allows a user to post an idea to an Ideas page at /Ideas/. A BuddyPress group with bbPress forum are automatically created when this post is published …

0 No CVEs

Guest Posting

guest-posting

Allows users to submit guest posts.

0 No CVEs

Simple Author Box

simple-author-box

Add a responsive author box or guest author box with social icons to any post. Great author box for any site!

80K 2 CVEs

Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors

publishpress-authors

PublishPress Authors is the best plugin for adding authors, co-authors, multiple authors and guest authors to WordPress posts.

20K 3 CVEs

Molongui Authorship – Author Boxes, Guest Authors & Co-Authors for WordPress

molongui-authorship

All-in-One Authorship Solution: Seamless Author Box, Guest Authors, and Co-Authors to enhance your site's authority, credibility, engagement, and SEO.

10K 6 CVEs

Developer Profile

Guest Author Developer Profile

WebFactory

28 plugins · 3.5M total installs

trust score

Avg Security Score

98/100

Avg Patch Time

699 days

View full developer profile

Detection Fingerprints

How We Detect Guest Author

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/guest-author/css/style.css/wp-content/plugins/guest-author/js/script.js

Script Paths

/wp-content/plugins/guest-author/js/script.js

Version Parameters

guest-author/css/style.css?ver=guest-author/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

guest-author-guest-author-

Data Attributes

data-bs-post-iddata-bs-post-author-iddata-bs-post-author-type

JS Globals

bs_guest_author

Shortcode Output

[guest_author][guest_author_bio][guest_author_avatar][guest_author_posts]

FAQ