Does Kaskus Emoticons have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Kaskus Emoticons compatible with WordPress 3.5.2?

According to WordPress.org data, Kaskus Emoticons 3.1.3 has been tested up to WordPress 3.5.2. Check the plugin's changelog for the latest compatibility information.

How often is Kaskus Emoticons updated?

Kaskus Emoticons was last updated on Dec 19, 2012. Frequent updates are generally a positive security signal.

What is Kaskus Emoticons's security score?

Kaskus Emoticons has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Kaskus Emoticons Security & Risk Analysis

wordpress.org/plugins/kaskus-emoticons

Kaskus Emoticons is an emoticon set inspired by Kaskus, the Largest Indonesian Community

20 active installs v3.1.3 PHP + WP 2.7.1+ Updated Dec 19, 2012

commentemoticonkaskuspostsmiley

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Kaskus Emoticons Safe to Use in 2026?

Generally Safe

Score 85/100

Kaskus Emoticons has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago

Risk Assessment

The kaskus-emoticons plugin v3.1.3 exhibits a concerning security posture primarily due to a complete lack of output escaping. While the plugin shows no external dependencies, file operations, or external HTTP requests, and its SQL queries are properly prepared, the absence of output escaping across all 11 identified output points presents a significant risk. This deficiency means that any data displayed to users could potentially be manipulated, leading to cross-site scripting (XSS) vulnerabilities.

Furthermore, the static analysis reveals a complete absence of nonce checks and capability checks. Coupled with zero AJAX handlers, REST API routes, shortcodes, or cron events that are exposed without authentication, this might initially seem secure. However, this lack of security controls on any potential future entry points leaves the plugin vulnerable should its functionality evolve or if other plugins interact with it in unexpected ways. The plugin's history is clean, with no known CVEs, which is a positive indicator of past security. However, the current code quality, specifically the lack of output escaping, overshadows this historical record and requires immediate attention.

Key Concerns

0% of outputs properly escaped
0 nonce checks present
0 capability checks present

Vulnerabilities

None known

Kaskus Emoticons Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Kaskus Emoticons Release Timeline

v3.1.3Current

v3.1.2

v3.1.1

v3.1.0

v3.0.1

v3.0

v2.5

v2.4

v2.3

v2.2.2

v2.2.1

v2.2

v2.1

v2.0

v1.0.1

v1.0

Code Analysis

Analyzed Mar 16, 2026

Kaskus Emoticons Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped11 total outputs

Attack Surface

Kaskus Emoticons Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 7

filterthe_contentkaskus-emoticons.php:28

filtercomment_textkaskus-emoticons.php:29

actioncomment_formkaskus-emoticons.php:30

actionwp_headkaskus-emoticons.php:31

actionadmin_menukaskus-emoticons.php:32

filterplugin_action_linkskaskus-emoticons.php:33

actionmedia_buttonskaskus-emoticons.php:34

Maintenance & Trust

Kaskus Emoticons Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2

Last updatedDec 19, 2012

PHP min version

Downloads28K

Community Trust

Rating80/100

Number of ratings3

Active installs20

Alternatives

Kaskus Emoticons Alternatives

Locco Emoticons

locco-emoticons

Locco Emoticons is an emoticon set inspired by Andrei Sebastian.

10 No CVEs

wp-Monalisa

wp-monalisa

wp-monalisa is the plugin that smiles at you like monalisa does. place the smilies of your choice in posts, pages or comments.

700 2 CVEs

WP Dark Emoticons Comment Smiley

wp-dark-emoticons-comment-smiley

This plugin will display a dark emoticons smiley icon in wordpress comment system.by replacing the familiar string such as :),: (,:p,:D etc.

10 No CVEs

No Page Comment

no-page-comment

An admin interface to control the default comment and trackback settings on new posts, pages and custom post types.

10K 2 CVEs

Post Date Randomizer

post-date-randomizer

Simple plugin that bulk changes the publication date of published posts and/or approved comments to random dates within a specified time range.

10K No CVEs

Developer Profile

Kaskus Emoticons Developer Profile

nartzco

2 plugins · 30 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Kaskus Emoticons

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/kaskus-emoticons/kaskus-emoticons.php/wp-content/plugins/kaskus-emoticons/kaskus-emoticons-list.php

Version Parameters

kaskus-emoticons/style.css?ver=kaskus-emoticons/kaskus-emoticons.js?ver=

HTML / DOM Fingerprints

CSS Classes

codelistcode-rowcode-row-checkedcode-row-hovercode-check0code-check1

Data Attributes

kaskus_emoticons_actionkaskus_emoticons_statkaskus_emoticons_backlinkkaskus_emoticons_submit

JS Globals

KaskusEmoticonsKEReplace2KEEUrl

FAQ