Does Guest Posting have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Guest Posting compatible with WordPress 6.7.5?

According to WordPress.org data, Guest Posting 1.0.0 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is Guest Posting updated?

Guest Posting was last updated on Jan 24, 2025. Frequent updates are generally a positive security signal.

What is Guest Posting's security score?

Guest Posting has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Guest Posting Security & Risk Analysis

wordpress.org/plugins/guest-posting

Allows users to submit guest posts.

0 active installs v1.0.0 PHP + WP 5.0+ Updated Jan 24, 2025

blogcontent-submissionguest-authorguest-postingsubmissions

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Guest Posting Safe to Use in 2026?

Generally Safe

Score 92/100

Guest Posting has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The 'guest-posting' plugin version 1.0.0 demonstrates a strong security posture based on the provided static analysis. There are no identified dangerous functions, SQL queries are all prepared, and output is properly escaped. The plugin also implements nonce checks, which is a positive security practice. The lack of file operations and external HTTP requests further reduces potential attack vectors. The absence of any recorded vulnerabilities in its history suggests a history of secure development or minimal exposure to attack.

While the static analysis reveals no immediate critical flaws, the 'capability checks: 0' is a significant concern. This means that even though there are entry points (specifically a shortcode), there are no checks to ensure that only authorized users can trigger them. This could lead to privilege escalation or unauthorized actions if the shortcode's functionality is sensitive. The vulnerability history being completely clean is a positive indicator, but it does not negate the potential risk identified by the missing capability checks.

In conclusion, the plugin has several good security practices in place. However, the complete absence of capability checks on its entry points presents a notable weakness that could be exploited. A clean vulnerability history is encouraging, but the current analysis indicates a specific area for improvement to ensure robust security.

Key Concerns

Missing capability checks on entry points

Vulnerabilities

None known

Guest Posting Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Guest Posting Release Timeline

No version history available.

Code Analysis

Analyzed Mar 17, 2026

Guest Posting Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

8 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped8 total outputs

Attack Surface

Guest Posting Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[bdp_guest_posting_form] guest-posting.php:89

WordPress Hooks 2

actionadmin_post_nopriv_bdp_guest_posting_submissionguest-posting.php:50

actionadmin_post_bdp_guest_posting_submissionguest-posting.php:51

Maintenance & Trust

Guest Posting Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 24, 2025

PHP min version

Downloads509

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Guest Posting Alternatives

TT Guest Post Submit

tt-guest-post-submit

Submit your post as guest user. Add featured image and other media to the post. Easy to use but very usefull.

60 No CVEs

vWriter Guest Post

vwriter-guest-post

This guest post plugin turns guest posting on its head, giving you an easy and hassle-free way to use the powerful content marketing strategy.

10 No CVEs

SiteOrigin Widgets Bundle

so-widgets-bundle

Essential elements for modern websites. Add buttons, sliders, heroes, maps, images, carousels, features, icons, more. Create dynamic pages easily.

400K 11 CVEs

Metricool

metricool

100

Metricool is the first tool designed to measure #Blog impact and #SocialMedia activity.

80K 1 CVE

Simple Author Box

simple-author-box

Add a responsive author box or guest author box with social icons to any post. Great author box for any site!

80K 2 CVEs

Developer Profile

Guest Posting Developer Profile

Keven

1 plugin · 0 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Guest Posting

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Data Attributes

name="bdp_guest_posting_nonce"value="bdp_guest_posting_form"name="action"value="bdp_guest_posting_submission"name="post_title"name="post_content"+1 more

Shortcode Output

<p>Thank you for your submission! Your post is under review.</p><p>There was an error with your submission. Please try again.</p><form method="post" action="<label for="post_title">Post Title:</label>

FAQ