Does Latest News Widget have any unpatched vulnerabilities?

No. All known vulnerabilities in Latest News Widget have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Latest News Widget compatible with WordPress 3.0.5?

According to WordPress.org data, Latest News Widget 1.0.1 has been tested up to WordPress 3.0.5. Check the plugin's changelog for the latest compatibility information.

How often is Latest News Widget updated?

Latest News Widget was last updated on Jan 30, 2011. Frequent updates are generally a positive security signal.

What is Latest News Widget's security score?

Latest News Widget has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Latest News Widget Security & Risk Analysis

wordpress.org/plugins/latest-news-widget

A customizable latest news widget.

200 active installs v1.0.1 PHP + WP 2.8.1+ Updated Jan 30, 2011

featured-posts-widgetlatest-news-widgetlatest-posts-widgetnew-posts-widgetposts-widget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Latest News Widget Safe to Use in 2026?

Generally Safe

Score 85/100

Latest News Widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 15yr ago

Risk Assessment

The "latest-news-widget" v1.0.1 plugin exhibits a mixed security posture. While it has no recorded vulnerabilities (CVEs) and appears to have a minimal attack surface with no exposed AJAX handlers, REST API routes, or shortcodes, several concerning code signals raise flags. The presence of two instances of the dangerous `create_function` construct is a significant concern, as this function is deprecated and can lead to insecure code execution if not handled with extreme care. Furthermore, the taint analysis reveals two flows with unsanitized paths, indicating potential for attackers to inject malicious data that is not properly validated or cleaned before being processed.

Key Concerns

Dangerous function used (create_function)
Flows with unsanitized paths found
Low output escaping percentage
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Latest News Widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Latest News Widget Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

22 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_functionadd_action('widgets_init', create_function('', 'register_widget("TL_Latest_News_Widget");'));latest-news-widget.php:37

create_functionadd_action('admin_menu', create_function('', "add_options_page(__('Latest News Widget', 'latest-newslatest-news-widget.php:48

Output Escaping

30% escaped73 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

TL_Latest_News_Widget_Settings_Page (class.settings_page.php:11)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Latest News Widget Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionwidgets_initlatest-news-widget.php:37

actionadmin_print_styleslatest-news-widget.php:44

actionwp_dashboard_setuplatest-news-widget.php:45

filterplugin_action_linkslatest-news-widget.php:47

actionadmin_menulatest-news-widget.php:48

actionadmin_print_styleslatest-news-widget.php:49

Maintenance & Trust

Latest News Widget Maintenance & Trust

Maintenance Signals

WordPress version tested3.0.5

Last updatedJan 30, 2011

PHP min version

Downloads23K

Community Trust

Rating0/100

Number of ratings0

Active installs200

Alternatives

Latest News Widget Alternatives

Newest Posts Widget

newest-posts

A widget that display the new posts of your site with Thumbnail, Excerpt, Date etc options.

10 No CVEs

Latest Posts

latest-posts

Latest posts widget to display recent posts from category.

5K No CVEs

Widget Post Slider

widget-post-slider

Widget Post Slider to display posts image in a slider from category.

1K 1 CVE

Latest Posts Widget

latest-posts-widget

Adds a widget that shows the most recent posts of your site with excerpt, featured image, date by sorting & ordering feature

300 No CVEs

CCR Featured Posts

ccr-featured-posts

Featured Posts Widget shows by selected categories

10 No CVEs

Developer Profile

Latest News Widget Developer Profile

Taylor Lovett

9 plugins · 8K total installs

trust score

Avg Security Score

88/100

Avg Patch Time

3845 days

View full developer profile

Detection Fingerprints

How We Detect Latest News Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/latest-news-widget/css/latest-news-widget-admin.css

HTML / DOM Fingerprints

CSS Classes

latest-news-widget-adminlnw-adminaction-completeblog-horizontal-formgenesis

Data Attributes

name="settings[enable_dashboard_widget]"name="name"name="email"name="listname"name="redirect"name="meta_web_form_id"+4 more

FAQ