WP-Safety

MassPost – Post, Share, Send to Several Websites Security & Risk Analysis

wordpress.org/plugins/masspost

Publish once, distribute everywhere. MassPost securely pushes WordPress posts, all formats, images, categories etc to multiple sites.

10 active installs v1.1.1 PHP 7.4+ WP 6.0+ Updated Jan 18, 2026
content-distributioncross-postingmasspostmulti-sitepublish
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is MassPost – Post, Share, Send to Several Websites Safe to Use in 2026?

Generally Safe

Score 100/100

MassPost – Post, Share, Send to Several Websites has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "masspost" v1.1.1 plugin demonstrates a generally strong security posture, characterized by its diligent use of prepared statements for all SQL queries and a high percentage of properly escaped output. The absence of any recorded vulnerabilities in its history further suggests a commitment to security by the developers. The code analysis reveals a moderate attack surface with several entry points, but importantly, only one of these entry points lacks explicit authentication checks. This single unprotected REST API route presents a potential, albeit isolated, risk that could be leveraged if an attacker can trigger it without proper authorization. The taint analysis also indicates no critical or high-severity issues related to unsanitized data flows, reinforcing the idea that the plugin handles user-supplied data with a good degree of safety.

Key Concerns

  • REST API route without permission callback
Vulnerabilities
None known

MassPost – Post, Share, Send to Several Websites Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

MassPost – Post, Share, Send to Several Websites Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
16 prepared
Unescaped Output
27
128 escaped
Nonce Checks
10
Capability Checks
11
File Operations
5
External Requests
6
Bundled Libraries
0

SQL Query Safety

100% prepared16 total queries

Output Escaping

83% escaped155 total outputs
Data Flows
All sanitized

Data Flow Analysis

4 flows
masspost_ajax_get_errors (masspost.php:336)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

MassPost – Post, Share, Send to Several Websites Attack Surface

Entry Points9
Unprotected1

AJAX Handlers 5

authwp_ajax_masspost_start_authorizationincludes\class-masspost-admin-activation.php:42
authwp_ajax_masspost_check_authorizationincludes\class-masspost-admin-activation.php:43
authwp_ajax_masspost_get_errorsmasspost.php:375
authwp_ajax_masspost_import_configmasspost.php:774
authwp_ajax_masspost_save_settingsmasspost.php:828

REST API Routes 3

GET/wp-json/masspost/v1/authorization/revokeincludes\class-masspost-license.php:72
POST/wp-json/masspost/v1/post/masspost.php:1380
GET/wp-json/masspost/v1/post/(?P<source_post_id>\d+)masspost.php:1386

Shortcodes 1

[share_post_to] masspost.php:2168
WordPress Hooks 31
actionadmin_post_masspost_revoke_licenseincludes\class-masspost-admin-activation.php:44
actionadmin_initincludes\class-masspost-admin-activation.php:47
actionadmin_noticesincludes\class-masspost-admin-activation.php:50
actionrest_api_initincludes\class-masspost-license.php:49
filterrest_request_before_callbacksmasspost-diagnostics.php:76
actionrest_api_initmasspost-diagnostics.php:119
filterrest_pre_dispatchmasspost-diagnostics.php:123
filterhttp_request_argsmasspost-diagnostics.php:152
actionhttp_api_debugmasspost-diagnostics.php:170
actionadmin_menumasspost-diagnostics.php:198
actioninitmasspost.php:29
actioninitmasspost.php:66
actionadd_meta_boxesmasspost.php:78
actionadmin_menumasspost.php:225
actionadmin_enqueue_scriptsmasspost.php:333
actionadmin_enqueue_scriptsmasspost.php:399
actionadmin_initmasspost.php:685
actionadd_meta_boxesmasspost.php:842
actionsave_postmasspost.php:928
filterwp_insert_post_datamasspost.php:978
filterrest_pre_insert_postmasspost.php:1031
actionsave_postmasspost.php:1199
actionsave_postmasspost.php:1208
actionrest_after_insert_postmasspost.php:1211
filterrest_request_after_callbacksmasspost.php:1272
actionadmin_noticesmasspost.php:1302
actionquick_edit_custom_boxmasspost.php:1353
actionbulk_edit_custom_boxmasspost.php:1354
filterpost_row_actionsmasspost.php:1357
actionrest_api_initmasspost.php:1392
actiontrashed_postmasspost.php:1455
Maintenance & Trust

MassPost – Post, Share, Send to Several Websites Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 18, 2026
PHP min version7.4
Downloads216

Community Trust

Rating74/100
Number of ratings3
Active installs10
Alternatives

MassPost – Post, Share, Send to Several Websites Alternatives

InfiniteWP Client

InfiniteWP Client

iwp-client

A
90

Install this plugin on unlimited sites and manage them all from a central dashboard. This plugin communicates with your InfiniteWP Admin Panel.

200K 7 CVEs
Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories

Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories

post-expirator

A
95

PublishPress Future can make scheduled changes to your content. You can unpublish posts, move posts to a new status, update the categories, and more.

100K 5 CVEs
Blog2Social: Social Media Auto Post & Scheduler

Blog2Social: Social Media Auto Post & Scheduler

blog2social

B
76

Automatically share and schedule your WordPress content on top social platforms like Facebook, Instagram, LinkedIn, TikTok, and more.

50K 22 CVEs
PowerPress Podcasting plugin by Blubrry

PowerPress Podcasting plugin by Blubrry

powerpress

A
88

No. 1 Podcasting plugin for WordPress.

30K 19 CVEs
CDN Enabler

CDN Enabler

cdn-enabler

A
100

A content delivery network (CDN) integration plugin for WordPress that rewrites URLs, like for CSS, JavaScript, and images, to be served by a CDN.

10K No CVEs
Developer Profile

MassPost – Post, Share, Send to Several Websites Developer Profile

Unioney

3 plugins · 40 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect MassPost – Post, Share, Send to Several Websites

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/masspost/assets/css/masspost-admin.css/wp-content/plugins/masspost/assets/js/masspost-admin.js/wp-content/plugins/masspost/assets/js/masspost-settings.js/wp-content/plugins/masspost/assets/js/masspost-diagnostics.js/wp-content/plugins/masspost/assets/css/masspost-diagnostics.css
Version Parameters
/wp-content/plugins/masspost/assets/css/masspost-admin.css?ver=/wp-content/plugins/masspost/assets/js/masspost-admin.js?ver=/wp-content/plugins/masspost/assets/js/masspost-settings.js?ver=/wp-content/plugins/masspost/assets/js/masspost-diagnostics.js?ver=/wp-content/plugins/masspost/assets/css/masspost-diagnostics.css?ver=

HTML / DOM Fingerprints

CSS Classes
masspost-admin-settingsmasspost-diagnostics-wrapmasspost-admin-page
Data Attributes
data-selected
JS Globals
masspostSettingsmasspostAdmin
REST Endpoints
/wp-json/masspost/
FAQ

Frequently Asked Questions about MassPost – Post, Share, Send to Several Websites