Keyring Social Importers Security & Risk Analysis
wordpress.org/plugins/keyring-social-importersImport your posts/images/etc from Twitter, Instagram, Strava, and more, into your WordPress install. Own your content.
Is Keyring Social Importers Safe to Use in 2026?
Generally Safe
Score 85/100Keyring Social Importers has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "keyring-social-importers" v2.0 plugin presents a generally positive security posture based on the provided static analysis. The absence of any known CVEs and a clean vulnerability history are strong indicators of the developers' commitment to security. Furthermore, the code demonstrates good practices by utilizing prepared statements for all SQL queries and implementing capability checks in key areas. The limited number of file operations and external HTTP requests also reduce the potential attack surface. However, there are some areas for improvement. The taint analysis revealing two flows with unsanitized paths, even if not reaching critical or high severity, warrants attention. Additionally, the complete absence of nonce checks across all entry points is a significant concern, as it leaves the plugin vulnerable to Cross-Site Request Forgery (CSRF) attacks, especially if any of the entry points could be triggered by user interaction or external data. While the plugin's attack surface is currently reported as zero unprotected entry points, this could change if new features are added without proper nonce implementation.
Key Concerns
- Taint flows with unsanitized paths
- No nonce checks on entry points
Keyring Social Importers Security Vulnerabilities
Keyring Social Importers Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Keyring Social Importers Attack Surface
WordPress Hooks 48
Maintenance & Trust
Keyring Social Importers Maintenance & Trust
Maintenance Signals
Community Trust
Keyring Social Importers Alternatives
ActivityPub
activitypub
Connect your site to the Open Social Web and let millions of users follow, share, and interact with your content from Mastodon, Pixelfed, and more.
Auto YouTube Importer
auto-youtube-importer
A simple YouTube video importer plugin. Import YouTube videos automatically to your WordPress site.
WSW – Shopify WooCommerce / WordPress Integration and Migration
wsw-import-export-ecommerce-integration
It links and imports products,categories,tags from Shopify and converts them into WooCommerce items automatically with the same metadata.
CSV to HTML
csv-to-html
Easily display, edit, and synchronize CSV files as dynamic HTML tables using a simple shortcode—no coding required.
Import Meetup Events – Meetup Sync & Event Aggregator for WordPress
import-meetup-events
Automatically import and sync Meetup.com events into WordPress without a Meetup Pro account. Works with The Events Calendar, Events Manager, EventON, …
Keyring Social Importers Developer Profile
2 plugins · 1K total installs
How We Detect Keyring Social Importers
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/keyring-social-importers/js//wp-content/plugins/keyring-social-importers/css//wp-content/plugins/keyring-social-importers/js/keyring-social-importers.js/wp-content/plugins/keyring-social-importers/js/keyring-social-importers-admin.jskeyring-social-importers/js/keyring-social-importers.js?ver=keyring-social-importers/css/keyring-social-importers.css?ver=HTML / DOM Fingerprints
keyring-importer-settings<!-- Extend this class to write an importer, using Keyring for authentication/requests. --><!-- Make sure you set all of the constants within the class to appropriate versions! --><!-- ::handle_request_options() should be used to validate/save/etc options --><!-- ::full_custom_greet() can be used for an entirely custom "Greet" page [optional] -->+11 moredata-servicedata-slugkeyring_importer_settings