Does Kattene have any unpatched vulnerabilities?

No. All known vulnerabilities in Kattene have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Kattene compatible with WordPress 6.7.5?

According to WordPress.org data, Kattene 2.2 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Kattene compatible with PHP 5.5+?

Kattene requires PHP 5.5 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Kattene updated?

Kattene was last updated on Jan 9, 2025. Frequent updates are generally a positive security signal.

What is Kattene's security score?

Kattene has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Kattene Security & Risk Analysis

wordpress.org/plugins/kattene

You can create a blog part which has multiple links to pages about a single product you want to introduce to your readers by putting a simple shortcod …

1K active installs v2.2 PHP 5.5+ WP 5.2.2+ Updated Jan 9, 2025

csscustomstyle-css

A · Safe

CVEs total1

Unpatched0

Last CVEApr 9, 2024

Plugin page Download

Safety Verdict

Is Kattene Safe to Use in 2026?

Generally Safe

Score 91/100

Kattene has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Apr 9, 2024Updated 1yr ago

Risk Assessment

The "kattene" v2.2 plugin exhibits a mixed security posture. On the positive side, the static analysis reveals a very small attack surface, consisting solely of one shortcode. Importantly, there are no identified AJAX handlers or REST API routes, and crucially, no unprotected entry points were found in this static scan. The code also demonstrates good practices regarding SQL queries, with 100% utilizing prepared statements, and no dangerous functions, file operations, or external HTTP requests were detected.

However, several concerns warrant attention. The plugin lacks nonce checks and capability checks entirely, which can be a significant oversight for any form of user input processing, even if the static analysis didn't uncover direct vulnerabilities stemming from this. Furthermore, 50% of the output in the plugin is not properly escaped, posing a potential Cross-Site Scripting (XSS) risk, especially given that the plugin has a history of medium-severity XSS vulnerabilities. The presence of a past medium-severity XSS vulnerability, though currently patched, highlights a recurring pattern that necessitates careful monitoring.

In conclusion, while "kattene" v2.2 has a limited attack surface and employs secure practices for database interactions, the absence of robust authentication/authorization checks (nonces, capabilities) and the significant proportion of unescaped output present notable risks. The past vulnerability history, specifically for XSS, should be a strong indicator for users to ensure they are always running the latest version of the plugin and to exercise caution with user-generated content.

Key Concerns

Unescaped output (50%)
Missing nonce checks
Missing capability checks
Previous medium severity XSS vulnerability

Vulnerabilities

Kattene Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-32590medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Kattene <= 1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting

Apr 9, 2024 Patched in 1.8 (16d)

Code Analysis

Analyzed Mar 16, 2026

Kattene Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

50% escaped2 total outputs

Attack Surface

Kattene Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[kattene] plugin.php:131

WordPress Hooks 2

actionwp_footerplugin.php:127

filterstyle_loader_tagplugin.php:162

Maintenance & Trust

Kattene Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 9, 2025

PHP min version5.5

Downloads21K

Community Trust

Rating0/100

Number of ratings0

Active installs1K

Alternatives

Kattene Alternatives

Dessky Custom CSS

dessky-custom-css

100

Lightweight plugin for adding Custom CSS to your WordPress site.

10 No CVEs

MyCustomStyleCssManager

my-custom-style-css-manager

Manage custom CSS for adding to style.css without any hassles.name:MyCustomStyleCssManager

10 No CVEs

Simple Custom CSS and JS

custom-css-js

100

Easily add Custom CSS or JS to your website with an awesome editor.

700K 1 CVE

Insert Headers And Footers

wp-headers-and-footers

Include inline javascript, stylesheets, CSS code or anything you want in Header and Footer areas of your WordPress with ease.

300K 1 CVE

Simple Custom CSS Plugin

simple-custom-css

Add Custom CSS to your WordPress site without any hassles.

100K No CVEs

Developer Profile

Kattene Developer Profile

webfood

1 plugin · 1K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

16 days

View full developer profile

Detection Fingerprints

How We Detect Kattene

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/kattene/style.css

Version Parameters

kattene/style.css?ver=

HTML / DOM Fingerprints

CSS Classes

kattenekattene__imgpartkattene__infopartkattene__titlekattene__descriptionkattene__btnskattene__shadowkattene__btn

Data Attributes

kattene__shadow__one__two__three__four__five+1 more

JS Globals

loadDeferredStylesraf

Shortcode Output

<div class="kattene"><div class="kattene__imgpart"><div class="kattene__infopart"><div class="kattene__title">

FAQ