Does Korea SNS have any unpatched vulnerabilities?

No. All known vulnerabilities in Korea SNS have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Korea SNS compatible with WordPress 6.5.8?

According to WordPress.org data, Korea SNS 1.7.0 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

How often is Korea SNS updated?

Korea SNS was last updated on May 15, 2024. Frequent updates are generally a positive security signal.

What is Korea SNS's security score?

Korea SNS has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Korea SNS Security & Risk Analysis

wordpress.org/plugins/korea-sns

Puts Korea social share buttons in post and page. support kakaotalk, naver (line, band, cafe), facebook, twitter, telegram

4K active installs v1.7.0 PHP + WP 5.0+ Updated May 15, 2024

kakaokakao-talkkakaostorypostshare

A · Safe

CVEs total1

Unpatched0

Last CVENov 8, 2023

Plugin page Download

Safety Verdict

Is Korea SNS Safe to Use in 2026?

Generally Safe

Score 92/100

Korea SNS has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Nov 8, 2023Updated 1yr ago

Risk Assessment

The korea-sns plugin v1.7.0 exhibits a generally good security posture, with a low attack surface and a strong adherence to best practices regarding SQL queries and nonce checks. The static analysis shows no critical or high-severity taint flows and a robust use of prepared statements for SQL. However, a significant concern lies in the output escaping, where a large majority of outputs are not properly escaped, indicating a potential for Cross-Site Scripting (XSS) vulnerabilities. Furthermore, the plugin has a history of known vulnerabilities, specifically a medium-severity Cross-Site Request Forgery (CSRF) in its past. While currently unpatched vulnerabilities are zero, this history suggests a pattern that, when combined with the output escaping issues, warrants careful consideration.

In conclusion, while the plugin demonstrates strengths in areas like SQL security and input validation (via nonces and capabilities), the prevalent lack of proper output escaping presents a clear and present danger for XSS attacks. The past CSRF vulnerability, though resolved, also highlights the need for vigilance. Users should be aware that despite the current lack of critical issues in static analysis, the unescaped output is a significant weakness that could be exploited. The plugin's overall security is thus weakened by this oversight, despite otherwise positive indicators.

Key Concerns

Poor output escaping
Past medium severity CVEs

Vulnerabilities

Korea SNS Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2023-47670medium · 4.3Cross-Site Request Forgery (CSRF)

Korea SNS <= 1.6.4 - Cross-Site Request Forgery via kon_tergos_options

Nov 8, 2023 Patched in 1.6.5 (139d)

Code Analysis

Analyzed Mar 16, 2026

Korea SNS Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

7 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

26% escaped27 total outputs

Attack Surface

Korea SNS Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[korea_sns_button] korea_sns.php:30

WordPress Hooks 6

actioninitkorea_sns.php:25

filterthe_contentkorea_sns.php:26

filterthe_excerptkorea_sns.php:27

filterplugin_action_linkskorea_sns.php:28

actionadmin_menukorea_sns.php:29

filterthe_contentkorea_sns.php:77

Maintenance & Trust

Korea SNS Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedMay 15, 2024

PHP min version

Downloads73K

Community Trust

Rating100/100

Number of ratings5

Active installs4K

Alternatives

Korea SNS Alternatives

Kakao Talk Link

kakao-talk-link

Puts Kakao Talk Link Button of below your posts.

10 No CVEs

SchedulePress – Auto Post & Publish, Auto Social Share, Schedule Posts with Editorial Calendar & Missed Schedule Post Publisher

wp-scheduled-posts

Automate your WordPress content scheduling with a visual calendar, auto/manual schedulers, missed‑post handler, social sharing options & templates.

10K 3 CVEs

Booster Extension

booster-extension

Booster Extension is a free WordPress plugin that supercharges your site with awesome powerful features. There’re numerous plugins in the official Wor …

8K 1 CVE

Bit Social – Social Media Auto Poster and Scheduler

bit-social

100

Schedule WordPress posts to social media and auto share content across Facebook, Twitter (X), Instagram, Pinterest, TikTok, and LinkedIn.

6K No CVEs

Sociality

sociality

Social features for the theme authors.

1K No CVEs

Developer Profile

Korea SNS Developer Profile

Jongmyoung Kim

3 plugins · 4K total installs

trust score

Avg Security Score

87/100

Avg Patch Time

139 days

View full developer profile

Detection Fingerprints

How We Detect Korea SNS

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/korea-sns/korea_sns.css/wp-content/plugins/korea-sns/korea_sns.js

Script Paths

https://developers.kakao.com/sdk/js/kakao.min.js/wp-content/plugins/korea-sns/korea_sns.js

Version Parameters

korea_sns.css?ver=korea_sns.js?ver=

HTML / DOM Fingerprints

CSS Classes

korea-snskorea-sns-buttonkorea-sns-facebookkorea-sns-twitterkorea-sns-telegramkorea-sns-naverlinekorea-sns-naverbandkorea-sns-naverblog+8 more

Data Attributes

OnClick

JS Globals

SendSNS

Shortcode Output

<div class="korea-sns-shortcode">

FAQ