Does Live Blogging Plus have any unpatched vulnerabilities?

No. All known vulnerabilities in Live Blogging Plus have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Live Blogging Plus compatible with WordPress 4.9.29?

According to WordPress.org data, Live Blogging Plus 1.3 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is Live Blogging Plus updated?

Live Blogging Plus was last updated on Apr 11, 2018. Frequent updates are generally a positive security signal.

What is Live Blogging Plus's security score?

Live Blogging Plus has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Live Blogging Plus Security & Risk Analysis

wordpress.org/plugins/live-blogging-plus

Live Blogging is a plugin that allows you to insert micro/live blogs into posts with automatic updating of the content.

60 active installs v1.3 PHP + WP 4.4+ Updated Apr 11, 2018

bloggingeventjavascriptlivemicro

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Live Blogging Plus Safe to Use in 2026?

Generally Safe

Score 85/100

Live Blogging Plus has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The "live-blogging-plus" v1.3 plugin exhibits a mixed security posture. While it has a clean vulnerability history with no known CVEs, the static analysis reveals significant concerns regarding its attack surface and data handling. A notable portion of its entry points, specifically three out of four, lack authentication checks, creating potential pathways for unauthorized actions. Furthermore, the taint analysis highlights three flows with unsanitized paths, indicating a risk of sensitive data being processed or exposed without proper validation, although no critical or high-severity issues were flagged here. The presence of raw SQL queries and a moderate percentage of unescaped output also contribute to potential vulnerabilities.

The lack of authentication on AJAX handlers is a primary concern, as it directly exposes critical functionalities. The taint analysis, while not indicating severe vulnerabilities, suggests a need for more rigorous input sanitization. The plugin's strengths lie in its absence of known vulnerabilities and the use of prepared statements for half of its SQL queries. However, the uncovered weaknesses in authentication and data sanitization, coupled with the attack surface, necessitate caution.

Key Concerns

AJAX handlers without auth checks
Flows with unsanitized paths
SQL queries without prepared statements
Output not properly escaped

Vulnerabilities

None known

Live Blogging Plus Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Live Blogging Plus Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

27 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

50% prepared8 total queries

Output Escaping

56% escaped48 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

4 flows3 with unsanitized paths

live_blogging_chatbox (live-blogging-plus.php:892)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

Live Blogging Plus Attack Surface

Entry Points4

Unprotected3

AJAX Handlers 3

authwp_ajax_live_blogging_polllive-blogging-plus.php:87

noprivwp_ajax_live_blogging_polllive-blogging-plus.php:88

authwp_ajax_live_blogging_update_chatboxlive-blogging-plus.php:944

Shortcodes 1

[liveblog] live-blogging-plus.php:1125

WordPress Hooks 32

actioninitlive-blogging-plus.php:41

actionadmin_initlive-blogging-plus.php:107

actionadmin_menulive-blogging-plus.php:190

actionsave_postlive-blogging-plus.php:562

actionsave_pagelive-blogging-plus.php:563

actionmedia_buttons_contextlive-blogging-plus.php:607

actionadmin_headlive-blogging-plus.php:618

actionsave_postlive-blogging-plus.php:697

actionadmin_headlive-blogging-plus.php:792

filterpost_updated_messageslive-blogging-plus.php:805

filterwp_insert_post_datalive-blogging-plus.php:831

filterwp_insert_post_datalive-blogging-plus.php:890

filterredirect_post_locationlive-blogging-plus.php:950

filterthe_titlelive-blogging-plus.php:972

actionmanage_posts_custom_columnlive-blogging-plus.php:1007

filtermanage_liveblog_entry_posts_columnslive-blogging-plus.php:1022

filterthe_contentlive-blogging-plus.php:1111

actioninitlive-blogging-plus.php:1223

actionpublish_liveblog_entrylive-blogging-plus.php:1246

actiondelete_postlive-blogging-plus.php:1280

actiontrash_postlive-blogging-plus.php:1281

actionedit_commentlive-blogging-plus.php:1313

actioncomment_postlive-blogging-plus.php:1314

actionwp_set_comment_statuslive-blogging-plus.php:1315

actionpublish_liveblog_entrylive-blogging-plus.php:1358

actiondelete_postlive-blogging-plus.php:1409

actiontrash_postlive-blogging-plus.php:1410

actionlive_blogging_check_twitterlive-blogging-plus.php:1430

filtercron_scheduleslive-blogging-plus.php:1492

actiondelete_postlive-blogging-plus.php:1557

actiontrash_postlive-blogging-plus.php:1558

actionpublish_liveblog_entrylive-blogging-plus.php:1572

Scheduled Events 1

live_blogging_check_twitter

Maintenance & Trust

Live Blogging Plus Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedApr 11, 2018

PHP min version

Downloads9K

Community Trust

Rating84/100

Number of ratings5

Active installs60

Alternatives

Live Blogging Plus Alternatives

Live Blogging

live-blogging

Live Blogging is a plugin that allows you to insert micro/live blogs into posts with automatic updating of the content.

100 No CVEs

Events Search For The Events Calendar

events-search-addon-for-the-events-calendar

100

Adds an AJAX-based events search bar on any page via shortcode to quickly find any upcoming event created with The Events Calendar plugin.

3K No CVEs

24liveblog – live blog tool

24liveblog

24liveblog is the most popular live blog tool, trusted by thousands of publishers.

700 No CVEs

Arena.IM – Live Blogging for real-time events

arena-liveblog-and-chat-tool

Arena.im is a powerful FREE live blogging platform for real-time events. Cover sports, news, tech, etc. SEO optimized and mobile ready.

200 2 unpatched

Share on Bluesky

share-on-bluesky

A simple Crossposter for Bluesky (AT Protocol)

200 No CVEs

Developer Profile

Live Blogging Plus Developer Profile

Vidyut

1 plugin · 60 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Live Blogging Plus

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/live-blogging-plus/live-blogging.min.js

Script Paths