Does LCS HTTPS have any unpatched vulnerabilities?

No. All known vulnerabilities in LCS HTTPS have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is LCS HTTPS compatible with WordPress 5.2.24?

According to WordPress.org data, LCS HTTPS 1.0 has been tested up to WordPress 5.2.24. Check the plugin's changelog for the latest compatibility information.

How often is LCS HTTPS updated?

LCS HTTPS was last updated on May 5, 2019. Frequent updates are generally a positive security signal.

What is LCS HTTPS's security score?

LCS HTTPS has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

LCS HTTPS Security & Risk Analysis

wordpress.org/plugins/lcs-https

This plugin redirects specific pages to HTTPS. All other pages will remain HTTP.

10 active installs v1.0 PHP + WP 3.0+ Updated May 5, 2019

httphttpspageredirectssl

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is LCS HTTPS Safe to Use in 2026?

Generally Safe

Score 85/100

LCS HTTPS has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The LCS-HTTPS plugin v1.0 exhibits a generally positive security posture based on the static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits its attack surface. Furthermore, the code demonstrates good practices by avoiding dangerous functions, performing all SQL queries using prepared statements, and having no recorded vulnerability history. This suggests a well-developed and secure plugin with respect to these common attack vectors.

However, a critical concern arises from the output escaping analysis. With two total outputs and 0% properly escaped, there is a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any dynamic data rendered by this plugin without proper sanitization or escaping could be exploited by attackers to inject malicious scripts into the user's browser. While the plugin currently has no known CVEs, the lack of output escaping represents a significant, inherent security weakness that should be addressed immediately. The absence of nonces and capability checks, while less concerning given the limited attack surface, still indicates areas where security could be further hardened, especially if the plugin's functionality were to expand.

Key Concerns

All output escaping is missing

Vulnerabilities

None known

LCS HTTPS Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

LCS HTTPS Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped2 total outputs

Attack Surface

LCS HTTPS Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actiontemplate_redirectlcs-https.php:123

actionwp_footerlcs-https.php:124

actioninitlcs-https.php:125

actionadmin_initlcs-https.php:126

actionadmin_menulcs-https.php:127

Maintenance & Trust

LCS HTTPS Maintenance & Trust

Maintenance Signals

WordPress version tested5.2.24

Last updatedMay 5, 2019

PHP min version

Downloads2K

Community Trust

Rating60/100

Number of ratings2

Active installs10

Alternatives

LCS HTTPS Alternatives

Easy HTTPS Redirection (SSL)

https-redirection

100

The plugin allows an automatic redirection to the "HTTPS" version/URL of the site. Make your site SSL compatible easily.

100K No CVEs

WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan

wp-letsencrypt-ssl

Lifetime SSL solution - Free SSL certificate & HTTPS redirect, resolve insecure site, fix SSL errors, SSL score, SSL monitoring, really simple setup.

50K 1 CVE

One Click SSL

one-click-ssl

Enable SSL/TLS (https://) to redirect all pages to SSL/TLS and load all resources over SSL/TLS.

10K 1 CVE

Auto-Install Free SSL – Generate & Install Free SSL Certificates

auto-install-free-ssl

100

Generate & install Free SSL Certificates for WordPress, HTTPS redirect, get PADLOCK in the browser, get automatic Renewal Reminders from plugin.

9K No CVEs

Cloudflare SSL by Weslink

ctw-ssl-for-cloudflare

Plugin to enable CloudFlare Flexible SSL for Wordpress and to prevent the Redirect Loop

3K No CVEs

Developer Profile

LCS HTTPS Developer Profile

latcomsystems

3 plugins · 20 total installs

trust score

Avg Security Score

90/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect LCS HTTPS

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output

<textarea name="lcs_https_options[https_pages]" rows="5" cols="100" type='textarea'>

FAQ