Does iTunes Charts have any unpatched vulnerabilities?

No. All known vulnerabilities in iTunes Charts have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is iTunes Charts compatible with WordPress 4.2.39?

According to WordPress.org data, iTunes Charts 1.0 has been tested up to WordPress 4.2.39. Check the plugin's changelog for the latest compatibility information.

How often is iTunes Charts updated?

iTunes Charts was last updated on Unknown. Frequent updates are generally a positive security signal.

What is iTunes Charts's security score?

iTunes Charts has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

iTunes Charts Security & Risk Analysis

wordpress.org/plugins/itunes-charts

iTunes widget that automatically updates to reflect the latest charts.

10 active installs v1.0 PHP + WP 3.0.1+ Updated Unknown

chartsitunesitunes-chartmusicmusic-chart

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is iTunes Charts Safe to Use in 2026?

Generally Safe

Score 100/100

iTunes Charts has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "itunes-charts" v1.0 plugin exhibits a mixed security posture. On the positive side, the absence of any recorded vulnerabilities, CVEs, or identified taint flows suggests a generally secure development history and limited exposure. The use of prepared statements for SQL queries is also a strong indicator of good practice in handling database interactions. However, several concerning aspects arise from the static analysis. The presence of `create_function`, a deprecated and often exploited function, is a significant red flag. Furthermore, the plugin's output escaping is notably weak, with only 19% of outputs properly escaped, indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities. The lack of any nonce or capability checks across its attack surface, which is currently zeroed out but could grow, represents a potential blind spot for future development. The absence of AJAX handlers, REST API routes, shortcodes, and cron events is currently a strength by limiting the attack surface, but the lack of built-in security checks means any future additions will be inherently vulnerable if not carefully implemented.

Key Concerns

Use of dangerous function create_function
Low percentage of properly escaped output
No nonce checks
No capability checks

Vulnerabilities

None known

iTunes Charts Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

iTunes Charts Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

5 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_functionadd_action('widgets_init', create_function('', 'return register_widget("itunes_plugin");'));itunes.php:349

Output Escaping

19% escaped27 total outputs

Attack Surface

iTunes Charts Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actionwp_enqueue_scriptsitunes.php:18

actionwidgets_inititunes.php:349

Maintenance & Trust

iTunes Charts Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39

Last updatedUnknown

PHP min version

Downloads3K

Community Trust

Rating80/100

Number of ratings4

Active installs10

Alternatives

iTunes Charts Alternatives

iTunes Preview Widget

itunes-preview-widget

100

Embeds an interactive iTunes Preview for an artist as a sidebar widget

40 No CVEs

Top Music Charts Widget

top-music-charts-widget

100

Displays a widget listing the top iTunes charts of your choosing.

30 No CVEs

iTunes-Data

itunes-data

Displays data from an itunes xml file as a sidebar widget.

10 No CVEs

Podcast Searcher by Clarify

podcast-searcher-by-clarify

The Clarify plugin allows you to make any audio or video embedded in your posts, pages, etc searchable via the standard WordPress search box.

10 No CVEs

Top Songs

top-songs

Plugin - widget that will show top songs every day - set this to your sidebar and you will have amazing content.

10 No CVEs

Developer Profile

iTunes Charts Developer Profile

Ollie

1 plugin · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect iTunes Charts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/itunes-charts/lib/css/main.css/wp-content/plugins/itunes-charts/lib/js/player.js

Script Paths

/wp-content/plugins/itunes-charts/lib/js/player.js

Version Parameters

itunes-charts/lib/css/main.css?ver=itunes-charts/lib/js/player.js?ver=

HTML / DOM Fingerprints

CSS Classes

iTunes-widget

Data Attributes

data-countrydata-genredata-limitdata-typedata-explicit

Shortcode Output

<div class="itunes-chart"></div>

FAQ

iTunes Charts Security & Risk Analysis

Is iTunes Charts Safe to Use in 2026?

Generally Safe

Key Concerns

iTunes Charts Security Vulnerabilities

iTunes Charts Code Analysis

Dangerous Functions Found

Output Escaping

iTunes Charts Attack Surface

iTunes Charts Maintenance & Trust

Maintenance Signals

Community Trust

iTunes Charts Alternatives

iTunes Preview Widget

Top Music Charts Widget

iTunes-Data

Podcast Searcher by Clarify

Top Songs

iTunes Charts Developer Profile

How We Detect iTunes Charts

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about iTunes Charts