Does Inavii Social Feed have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Inavii Social Feed compatible with WordPress 6.9.4?

According to WordPress.org data, Inavii Social Feed 3.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Inavii Social Feed compatible with PHP 7.4+?

Inavii Social Feed requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Inavii Social Feed updated?

Inavii Social Feed was last updated on Mar 30, 2026. Frequent updates are generally a positive security signal.

What is Inavii Social Feed's security score?

Inavii Social Feed has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Inavii Social Feed Security & Risk Analysis

wordpress.org/plugins/inavii-social-feed-for-elementor

Create beautiful Instagram feeds for your website in minutes with the Block Editor, shortcode, or Elementor widget.

9K active installs v3.0.0 PHP 7.4+ WP 5.6+ Updated Mar 30, 2026

instagraminstagram-feedinstagram-galleryinstagram-widget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Inavii Social Feed Safe to Use in 2026?

Generally Safe

Score 100/100

Inavii Social Feed has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "inavii-social-feed-for-elementor" plugin, version 2.7.12, exhibits a strong security posture based on the provided static analysis. The complete absence of dangerous functions, SQL queries without prepared statements, and properly escaped output are significant strengths. File operations and external HTTP requests are present, which are common for feed plugins, but are not immediately flagged as risky without further context. The plugin also includes capability checks and a bundled library, Freemius v1.0. The lack of any recorded vulnerabilities in its history further bolsters confidence in its security. However, the absence of nonce checks on any identified entry points (though there are none in this analysis) and the presence of file operations warrant a degree of caution, as these could theoretically become vectors for attack if specific conditions were met or if more complex interactions were present. Overall, the plugin demonstrates good security practices, with no immediate critical or high-severity issues apparent from the static analysis.

Key Concerns

No nonce checks found on potential entry points
Bundled outdated library (Freemius v1.0)

Vulnerabilities

None known

Inavii Social Feed Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Inavii Social Feed Release Timeline

v3.0.0Current

v2.7.12

v2.7.11

v2.7.10

v2.7.9

v2.7.8

v2.7.7

v2.7.6

v2.7.5

v2.7.4

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.9

v2.6.8

v2.6.7

v2.6.6

v2.6.5

v2.6.4

Code Analysis

Analyzed Mar 16, 2026

Inavii Social Feed Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

10 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

Output Escaping

100% escaped10 total outputs

Attack Surface

Inavii Social Feed Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 27

actioninitapp.php:19

actionrest_api_initapp.php:25

actionadmin_menucore\Admin\SettingsPage.php:19

actionadmin_menucore\Admin\SettingsPage.php:20

actionadmin_initcore\Admin\SettingsPage.php:22

actioninavii_social_feed_update_mediacore\Cron\Schedule.php:20

actioninavii_social_feed_refresh_tokencore\Cron\Schedule.php:21

actioninavii_instagram_import_hookcore\Wp\ImportMediaBackgroundProcess.php:12

filterplugin_iconfreemius.php:59

actionafter_uninstallfreemius.php:60

filtershow_first_trial_after_n_secfreemius.php:61

filterfreemius_pricing_js_pathfreemius.php:62

actionplugins_loadedinavii-social-feed-for-elementor.php:151

actionadmin_initinavii-social-feed-for-elementor.php:152

actionadmin_noticesincludes\Dependence\AdminNotice.php:17

actionadmin_noticesincludes\Dependence\AdminNotice.php:24

actionadmin_noticesincludes\Dependence\AdminNotice.php:31

actionadmin_noticesincludes\Dependence\AdminNotice.php:36

actionadmin_noticesincludes\Dependence\AdminNotice.php:37

actionelementor/frontend/before_enqueue_stylesincludes\Dependence\RegisterAssets.php:9

actionelementor/frontend/before_enqueue_scriptsincludes\Dependence\RegisterAssets.php:10

actionelementor/editor/after_enqueue_scriptsincludes\Dependence\RegisterAssets.php:11

actionelementor/editor/after_enqueue_stylesincludes\Dependence\RegisterAssets.php:12

actionadmin_enqueue_scriptsincludes\Dependence\RegisterAssets.php:13

actionelementor/elements/categories_registeredincludes\Integration\WidgetsManager.php:16

actionelementor/widgets/widgets_registeredincludes\Integration\WidgetsManager.php:19

actionelementor/widgets/registerincludes\Integration\WidgetsManager.php:21

Scheduled Events 3

inavii_instagram_import_hook

inavii_social_feed_update_media

inavii_social_feed_refresh_token

Maintenance & Trust

Inavii Social Feed Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 30, 2026

PHP min version7.4

Downloads114K

Community Trust

Rating100/100

Number of ratings15

Active installs9K

Alternatives

Inavii Social Feed Alternatives

Smash Balloon Social Photo Feed – Easy Social Feeds Plugin

instagram-feed

Formerly "Instagram Feed". Display clean, customizable, and responsive Instagram feeds from multiple accounts. Supports Instagram oEmbeds.

1.0M 4 CVEs

Social Feed Gallery

insta-gallery

Formerly known as "Instagram Feed", this is the best plugin for displaying Instagram feeds on WordPress. It also supports Instagram reels.

80K 3 CVEs

WPZOOM Social Feed Widget & Block

instagram-widget-by-wpzoom

100

Instagram feed plugin for WordPress: Display your Instagram photos, videos & reels. Easy setup with Gutenberg block, widget, shortcode & Elementor

60K 1 CVE

Meks Easy Photo Feed Widget

meks-easy-instagram-widget

Easily display Instagram photos as a widget that looks good in (almost) any WordPress theme.

20K 1 CVE

Widgets for Social Photo Feed

social-photo-feed-widget

Instagram Feed Widgets. Display your Instagram feed on your website to increase engagement, sales and SEO.

10K 1 unpatched

Developer Profile

Inavii Social Feed Developer Profile

Inavii

1 plugin · 9K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Inavii Social Feed

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/inavii-social-feed-for-elementor/assets/dist/js/add-body-class-editor.js/wp-content/plugins/inavii-social-feed-for-elementor/assets/templates/dist/bundle.js/wp-content/plugins/inavii-social-feed-for-elementor/assets/vendors/slider/swiper.css/wp-content/plugins/inavii-social-feed-for-elementor/assets/dist/css/inavii-style.min.css

Script Paths

assets/dist/js/add-body-class-editor.jsassets/templates/dist/bundle.jsassets/vendors/slider/swiper.css

Version Parameters

inavii-social-feed-for-elementorinavii-widget-handlersinavii-add-body-class-editorinavii-social-feed-template-libraryinavii-styles

HTML / DOM Fingerprints

CSS Classes

inavii-social-feed-elementinavii-instagram-feed

Data Attributes

data-inavii-feed-iddata-inavii-settings

JS Globals

InaviiRestApiInaviiPredefinedTemplates

REST Endpoints

/inavii/v1/

Shortcode Output

[inavii_social_feed

FAQ