Does iG:Twitter Cards have any unpatched vulnerabilities?

No. All known vulnerabilities in iG:Twitter Cards have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is iG:Twitter Cards compatible with WordPress 3.7.41?

According to WordPress.org data, iG:Twitter Cards 1.3 has been tested up to WordPress 3.7.41. Check the plugin's changelog for the latest compatibility information.

How often is iG:Twitter Cards updated?

iG:Twitter Cards was last updated on Nov 24, 2013. Frequent updates are generally a positive security signal.

What is iG:Twitter Cards's security score?

iG:Twitter Cards has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

iG:Twitter Cards Security & Risk Analysis

wordpress.org/plugins/ig-twitter-cards

A plugin to enable Twitter Cards for your WordPress website.

10 active installs v1.3 PHP + WP 3.4+ Updated Nov 24, 2013

metaplayer-cardsummary-cardtwittertwitter-cards

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is iG:Twitter Cards Safe to Use in 2026?

Generally Safe

Score 85/100

iG:Twitter Cards has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The "ig-twitter-cards" v1.3 plugin exhibits a strong security posture based on the provided static analysis. It demonstrates excellent adherence to best practices by having no unescaped outputs, no dangerous functions, all SQL queries utilizing prepared statements, and no file operations or external HTTP requests. The presence of nonce and capability checks on its single AJAX handler further strengthens its defenses, indicating a conscious effort to protect its entry points. The complete absence of any reported vulnerabilities, critical taint flows, or known CVEs throughout its history is highly reassuring, suggesting consistent security awareness and maintenance by the developers.

While the plugin's current security is impressive, the attack surface, though small, consists entirely of an AJAX handler. Although it appears to have checks in place, a comprehensive audit of these checks would be beneficial for absolute certainty. The lack of any taint analysis results is unusual and could indicate either no complex data flows were analyzed or that the analysis tool had limitations. Nevertheless, given the positive code signals and vulnerability history, the overall risk associated with this plugin is very low. Its strengths significantly outweigh any minor potential concerns.

Vulnerabilities

None known

iG:Twitter Cards Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

iG:Twitter Cards Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

42 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

93% escaped45 total outputs

Attack Surface

iG:Twitter Cards Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_ig-tc-save-optsclass-ig-twitter-cards-admin.php:34

WordPress Hooks 14

actionadmin_menuclass-ig-twitter-cards-admin.php:30

actionadmin_enqueue_scriptsclass-ig-twitter-cards-admin.php:32

actionshow_user_profileclass-ig-twitter-cards-admin.php:37

actionedit_user_profileclass-ig-twitter-cards-admin.php:38

actionpersonal_options_updateclass-ig-twitter-cards-admin.php:40

actionedit_user_profile_updateclass-ig-twitter-cards-admin.php:41

actionadd_meta_boxesclass-ig-twitter-cards-admin.php:45

actionsave_postclass-ig-twitter-cards-admin.php:47

actionadmin_noticesclass-ig-twitter-cards-admin.php:50

actionadmin_footerclass-ig-twitter-cards-admin.php:52

actionshutdownclass-ig-twitter-cards-admin.php:54

filterjetpack_open_graph_tagsclass-ig-twitter-cards-frontend.php:25

actionwp_headclass-ig-twitter-cards-frontend.php:27

actioninitig-twitter-cards.php:16

Maintenance & Trust

iG:Twitter Cards Maintenance & Trust

Maintenance Signals

WordPress version tested3.7.41

Last updatedNov 24, 2013

PHP min version

Downloads3K

Community Trust

Rating60/100

Number of ratings2

Active installs10

Alternatives

iG:Twitter Cards Alternatives

Optimize Social Share

heateor-open-graph-meta-tags

100

Optimizes social share by inserting Facebook Open Graph Meta Tags, General Meta Tags, Schema.org Meta Tags, Twitter Cards and Other Meta Tags in HTML …

3K No CVEs

Theme Powerkit

theme-powerkit

Theme Powerkit is WordPress free plugin with multiple feature. Plugin have 5 useful widget like Author, Category, Recent Posts, Social Icon and Tab Po …

50 No CVEs

WP Smart SEO

wp-smart-seo

100

Improve your WordPress SEO: Enter your title, description and featured image for better visibility in the search engine

30 No CVEs

Social Header Meta

social-header-meta

Setup meta tags in the header for Facebook and Twitter.

10 No CVEs

Unfurl – One Click To Post

unfurl-one-click-to-post

Make new post from a link in one click, like on Twitter

10 No CVEs

Developer Profile

iG:Twitter Cards Developer Profile

Namith Jawahar

59 plugins · 50K total installs

trust score

Avg Security Score

89/100

Avg Patch Time

405 days

View full developer profile

Detection Fingerprints

How We Detect iG:Twitter Cards

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ig-twitter-cards/css/style.css/wp-content/plugins/ig-twitter-cards/js/admin.js

Script Paths

/wp-content/plugins/ig-twitter-cards/js/admin.js

Version Parameters

ig-twitter-cards/css/style.css?ver=ig-twitter-cards/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

ig-tc-mb-player-uiig-tc-required

HTML Comments

Data Attributes

ig_tc_nonce

JS Globals

ig_twitter_cards_admin

FAQ