LS Social Feed Security & Risk Analysis
wordpress.org/plugins/ls-social-feedShortcodes to display social feeds from Facebook, Google+ and Twitter. You can also aggregate these social networks to one feed.
Is LS Social Feed Safe to Use in 2026?
Generally Safe
Score 85/100LS Social Feed has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "ls-social-feed" plugin v0.6.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices with 100% of its SQL queries using prepared statements and a decent number of nonce checks. The absence of known CVEs and recorded historical vulnerabilities is a strong indicator of a generally well-maintained codebase in the past. However, several concerning aspects significantly elevate its risk profile.
The static analysis reveals a critical vulnerability with an unprotected AJAX handler, representing a direct entry point for attackers. Furthermore, the presence of the `unserialize()` function is a major red flag, as it can lead to remote code execution if used with untrusted user input. The taint analysis confirms this concern, with two high-severity flows indicating unsanitized paths that could potentially be exploited through the `unserialize()` function or other input vectors.
While the plugin's vulnerability history is currently clean, the static analysis findings, particularly the unprotected AJAX handler and the use of `unserialize()`, present immediate and serious risks. The limited number of capability checks and a significant portion of improperly escaped output also contribute to potential security weaknesses. Overall, the plugin has some robust security implementations but is marred by critical flaws that require urgent attention.
Key Concerns
- Unprotected AJAX handler
- Dangerous unserialize() function
- High severity unsanitized flows (2)
- Low number of capability checks
- Significant portion of unescaped output
LS Social Feed Security Vulnerabilities
LS Social Feed Code Analysis
Dangerous Functions Found
Bundled Libraries
Output Escaping
Data Flow Analysis
LS Social Feed Attack Surface
AJAX Handlers 5
Shortcodes 4
WordPress Hooks 10
Maintenance & Trust
LS Social Feed Maintenance & Trust
Maintenance Signals
Community Trust
LS Social Feed Alternatives
Insert Headers And Footers
wp-headers-and-footers
Include inline javascript, stylesheets, CSS code or anything you want in Header and Footer areas of your WordPress with ease.
Nextend Social Login and Register
nextend-facebook-connect
One click registration & login plugin for Facebook, Google, X (formerly Twitter) and more. Quick setup and easy configuration.
EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more
embedpress
EmbedPress lets you embed videos, pages, social feeds, embed PDF 3D flipbooks & other content on WordPress without coding & enhance storytelling.
VK All in One Expansion Unit
vk-all-in-one-expansion-unit
This plug-in is an integrated plug-in with a variety of features that make it powerful your web site.
Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce
woo-product-feed-pro
Most popular WooCommerce product feed plugin supporting Google shopping feed, meta/facebook feed, bing product feed & more.
LS Social Feed Developer Profile
4 plugins · 1K total installs
How We Detect LS Social Feed
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/ls-social-feed/css/ls-social-feed.css/wp-content/plugins/ls-social-feed/js/ls-social-feed.js/wp-content/plugins/ls-social-feed/js/ls-social-feed.jsls-social-feed/style.css?ver=ls-social-feed/script.js?ver=HTML / DOM Fingerprints
ls-social-feed<!-- LS Social Feed -->ls_social_feed_ajaxurlls_social_feed_params[ls_social_feed]