Does HivePress Favorites have any unpatched vulnerabilities?

No. All known vulnerabilities in HivePress Favorites have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is HivePress Favorites compatible with WordPress 6.9.4?

According to WordPress.org data, HivePress Favorites 1.2.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is HivePress Favorites compatible with PHP 7.4+?

HivePress Favorites requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is HivePress Favorites updated?

HivePress Favorites was last updated on Feb 12, 2026. Frequent updates are generally a positive security signal.

What is HivePress Favorites's security score?

HivePress Favorites has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

HivePress Favorites Security & Risk Analysis

wordpress.org/plugins/hivepress-favorites

Allow users to keep a list of favorite listings.

8K active installs v1.2.2 PHP 7.4+ WP 5.0+ Updated Feb 12, 2026

classifiedsdirectoryfavoriteshivepresslistings

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is HivePress Favorites Safe to Use in 2026?

Generally Safe

Score 100/100

HivePress Favorites has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The static analysis of the hivepress-favorites plugin version 1.2.2 reveals a remarkably clean code base with no identified dangerous functions, SQL injection risks, or file operations. All SQL queries utilize prepared statements, and all outputs are properly escaped, indicating strong adherence to secure coding practices in these areas. The absence of external HTTP requests and the lack of bundled libraries further reduce potential attack vectors. Furthermore, the plugin's vulnerability history is clear, with no recorded CVEs, suggesting a history of security diligence or a lack of past exploitation. However, the complete lack of identified entry points (AJAX handlers, REST API routes, shortcodes, cron events) is unusual and could indicate a very limited plugin functionality or potentially an incomplete analysis scope. If the plugin genuinely has no interaction points, this is a strength. If the analysis missed potential entry points, that would be a significant concern not reflected here.

Vulnerabilities

None known

HivePress Favorites Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

HivePress Favorites Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

HivePress Favorites Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

filterhivepress/v1/extensionshivepress-favorites.php:18

actionhivepress/v1/models/user/deleteincludes\components\class-favorite.php:31

actioninitincludes\components\class-favorite.php:36

filterhivepress/v1/menus/user_accountincludes\components\class-favorite.php:39

filterhivepress/v1/templates/listing_view_blockincludes\components\class-favorite.php:42

filterhivepress/v1/templates/listing_view_pageincludes\components\class-favorite.php:43

Maintenance & Trust

HivePress Favorites Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 12, 2026

PHP min version7.4

Downloads77K

Community Trust

Rating100/100

Number of ratings4

Active installs8K

Alternatives

HivePress Favorites Alternatives

HivePress Messages

hivepress-messages

100

Allow users to send private messages.

8K No CVEs

HivePress Reviews

hivepress-reviews

100

Allow users to rate and review listings.

8K No CVEs

HivePress Geolocation

hivepress-geolocation

100

Allow users to search listings by location.

7K No CVEs

HivePress Paid Listings

hivepress-paid-listings

100

Charge users for adding, featuring and renewing listings.

6K No CVEs

HivePress Claim Listings

hivepress-claim-listings

Charge users for claiming listings.

3K 1 unpatched

Developer Profile

HivePress Favorites Developer Profile

HivePress

9 plugins · 60K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

154 days

View full developer profile

Detection Fingerprints

How We Detect HivePress Favorites

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Version Parameters

hivepress-favorites/assets/css/favorites.css?ver=hivepress-favorites/assets/js/favorites.js?ver=

HTML / DOM Fingerprints

CSS Classes

hp-favoriteshp-favorite-buttonhp-favorite-added

Data Attributes

data-favorite-iddata-favorite-actiondata-favorite-nonce

JS Globals

hivepressFavorites

REST Endpoints

/wp-json/hivepress/v1/favorites

Shortcode Output

[hivepress_favorites_button][hivepress_favorites_list]

FAQ