Instant Breaking News Security & Risk Analysis
wordpress.org/plugins/instant-breaking-newsThis plugin will allow you to pin posts and feature them as "Breaking News" at the header of your website.
Is Instant Breaking News Safe to Use in 2026?
Generally Safe
Score 99/100Instant Breaking News has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.
The "instant-breaking-news" plugin, version 1.0.1, exhibits a generally positive security posture based on the static analysis. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests, coupled with the consistent use of prepared statements for SQL, demonstrates good coding practices. The presence of nonce and capability checks on its two AJAX entry points is also a strong indicator of security awareness. The taint analysis shows no high-severity issues, further reinforcing this positive outlook. However, the plugin is not without potential risks. The vulnerability history indicates a past medium-severity vulnerability related to Cross-Site Request Forgery (CSRF), and while currently unpatched CVEs are zero, this past issue highlights a potential area of weakness. Furthermore, while 77% of output escaping is good, it's not 100%, leaving a small percentage of outputs potentially vulnerable to cross-site scripting (XSS) if they contain user-supplied data.
Key Concerns
- Past medium severity CSRF vulnerability
- 23% of output is not properly escaped
Instant Breaking News Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
Instant Breaking News <= 1.0 - Cross-Site Request Forgery
Instant Breaking News Code Analysis
Output Escaping
Data Flow Analysis
Instant Breaking News Attack Surface
AJAX Handlers 2
WordPress Hooks 8
Maintenance & Trust
Instant Breaking News Maintenance & Trust
Maintenance Signals
Community Trust
Instant Breaking News Alternatives
Flexible SSL for CloudFlare
cloudflare-flexible-ssl
Fix For Redirect Loops on WordPress with CloudFlare's Flexible/Universal SSL.
T4B News Ticker – Responsive News Scroller, Slider, and Animations
t4b-news-ticker
T4B News Ticker is a flexible and user-friendly news ticker plugin for WordPress, designed to create horizontal news tickers with 4 unique animations.
Analytics Cat – Google Analytics Made Easy
analytics-cat
Analytics Cat - Google Analytics Lets You Add Your Google Analytics / Universal Analytics Tracking Code To Your Site With Ease.
Live News – Responsive News Ticker
live-news-lite
Generate a news ticker to communicate the latest updates, including financial news, weather warnings, election results, sports scores, and more.
Amazon Link Engine
amazon-link-engine
Automatically localize and affiliate Amazon product links to improve user experience, increase conversions and earn global commissions.
Instant Breaking News Developer Profile
10 plugins · 220 total installs
How We Detect Instant Breaking News
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/instant-breaking-news/assets/styles/admin.css/wp-content/plugins/instant-breaking-news/assets/scripts/admin.js/wp-content/plugins/instant-breaking-news/assets/scripts/admin.jsplugins/instant-breaking-news/assets/styles/admin.css?ver=plugins/instant-breaking-news/assets/scripts/admin.js?ver=HTML / DOM Fingerprints
ibn-breaking-newsdata-ibn-pinibnDefaults[instant-breaking-news]