HTML5 Swiffy Insert Security & Risk Analysis

wordpress.org/plugins/html5-swiffy-insert

HTML5 Swiffy Insert lets you to insert HTML5 animations generated with Google Swiffy.

30 active installs v1.2 PHP + WP 3.0+ Updated Apr 6, 2013
animationhtml5insertshortcodeswiffy
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is HTML5 Swiffy Insert Safe to Use in 2026?

Generally Safe

Score 85/100

HTML5 Swiffy Insert has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago
Risk Assessment

The "html5-swiffy-insert" v1.2 plugin exhibits a strong security posture based on the provided static analysis. The absence of any detected AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface. Furthermore, the code signals indicate a clean codebase with no dangerous functions, SQL queries utilizing prepared statements, file operations, or external HTTP requests. The lack of identified taint flows and vulnerability history also contributes to a positive security assessment. However, a significant concern is the 100% rate of unescaped output, with one total output identified. This could potentially lead to cross-site scripting (XSS) vulnerabilities if the output is not properly sanitized before being displayed to users. While the plugin has no recorded vulnerabilities, the unescaped output represents a notable weakness that should be addressed.

Key Concerns

  • All outputs are unescaped
Vulnerabilities
None known

HTML5 Swiffy Insert Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

HTML5 Swiffy Insert Release Timeline

No version history available.
Code Analysis
Analyzed Apr 16, 2026

HTML5 Swiffy Insert Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

0% escaped1 total outputs
Attack Surface

HTML5 Swiffy Insert Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 3
actionwp_enqueue_scriptshtml5-swiffy-insert.php:17
actionwp_headhtml5-swiffy-insert.php:18
actionwp_footerhtml5-swiffy-insert.php:33
Maintenance & Trust

HTML5 Swiffy Insert Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2
Last updatedApr 6, 2013
PHP min version
Downloads6K

Community Trust

Rating100/100
Number of ratings1
Active installs30
Developer Profile

HTML5 Swiffy Insert Developer Profile

yuanga

1 plugin · 30 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect HTML5 Swiffy Insert

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Script Paths
https://www.gstatic.com/swiffy/v5.0/runtime.js

HTML / DOM Fingerprints

JS Globals
swiffyobject_
Shortcode Output
<div id='swiffycontainer_
FAQ

Frequently Asked Questions about HTML5 Swiffy Insert