Does List Post Tags Shortcode have any unpatched vulnerabilities?

No. All known vulnerabilities in List Post Tags Shortcode have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is List Post Tags Shortcode compatible with WordPress 6.9.4?

According to WordPress.org data, List Post Tags Shortcode 1.0.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is List Post Tags Shortcode compatible with PHP 7.4+?

List Post Tags Shortcode requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is List Post Tags Shortcode updated?

List Post Tags Shortcode was last updated on Jan 1, 2026. Frequent updates are generally a positive security signal.

What is List Post Tags Shortcode's security score?

List Post Tags Shortcode has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

List Post Tags Shortcode Security & Risk Analysis

wordpress.org/plugins/list-post-tags-shortcode

Display all post tags on your site using a simple shortcode with customizable format, sorting, and caching options.

0 active installs v1.0.1 PHP 7.4+ WP 4.6+ Updated Jan 1, 2026

list-tagspost-tagsshortcodetagstaxonomy

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is List Post Tags Shortcode Safe to Use in 2026?

Generally Safe

Score 100/100

List Post Tags Shortcode has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The 'list-post-tags-shortcode' plugin v1.0.1 presents a generally good security posture, as indicated by the static analysis. All identified entry points, including the single shortcode, are not explicitly flagged as unprotected. The code demonstrates strong output escaping practices, with 100% of outputs being properly escaped, which is a significant strength and mitigates risks of cross-site scripting (XSS) vulnerabilities. Furthermore, there are no recorded vulnerabilities (CVEs) or critical/high severity taint flows, suggesting a well-maintained and secure codebase historically.

However, a notable concern arises from the presence of a SQL query that does not utilize prepared statements. While the total number of SQL queries is low (one), this absence of prepared statements introduces a potential risk of SQL injection. Although no taint flows were detected, this is a known weakness that could be exploited if malicious input were to reach the query. The plugin also lacks nonce checks, which, while not a direct vulnerability in itself given the limited attack surface, represents a missed opportunity for reinforcing security on its shortcode functionality.

Key Concerns

SQL query not using prepared statements
Missing nonce checks

Vulnerabilities

None known

List Post Tags Shortcode Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

List Post Tags Shortcode Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

28 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

100% escaped28 total outputs

Attack Surface

List Post Tags Shortcode Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[list_post_tags] list-post-tags-shortcode.php:144

WordPress Hooks 6

actionplugins_loadedlist-post-tags-shortcode.php:27

actioncreate_post_taglist-post-tags-shortcode.php:153

actionedited_post_taglist-post-tags-shortcode.php:154

actiondelete_post_taglist-post-tags-shortcode.php:155

actionadmin_menulist-post-tags-shortcode.php:186

actionadmin_enqueue_scriptslist-post-tags-shortcode.php:187

Maintenance & Trust

List Post Tags Shortcode Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 1, 2026

PHP min version7.4

Downloads140

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

List Post Tags Shortcode Alternatives

xili-tidy-tags

xili-tidy-tags is a tool for grouping tags by semantic groups or by language and for creating tidy tag clouds.

1K 2 unpatched

Tags All In One

tags-all-in-one

Display a customizable tag cloud from selected taxonomies with various sorting and styling options.

100 No CVEs

Set Tag Order

set-tag-order

100

Allows a user to set a specific post tag order in either the classic or block editor.

20 No CVEs

Posts in Page

posts-in-page

Easily add one or more posts to any page using simple shortcodes.

10K 1 CVE

Tag Groups is the Advanced Way to Display Your Taxonomy Terms

tag-groups

Tag Groups allows you to organize your WordPress taxonomy terms and show them in clouds, tabs, accordions, tables, lists and much more.

3K 2 CVEs

Developer Profile

List Post Tags Shortcode Developer Profile

Andre Moura

2 plugins · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect List Post Tags Shortcode

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/list-post-tags-shortcode/assets/admin-style.css

Version Parameters

list-post-tags-shortcode/assets/admin-style.css?ver=1.0.1

HTML / DOM Fingerprints

CSS Classes

wlpt-tagswlpt-countwlpt-admin-wrapwlpt-tabswlpt-tab-contentwlpt-tab-content.activewlpt-settings-blockwlpt-plugins-list+12 more

Data Attributes

data-tab

Shortcode Output

<div class="wlpt-tags<span class="wlpt-count"><ul class="wlpt-tags<li>

FAQ