Does Mathilda have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Mathilda compatible with WordPress 6.7.5?

According to WordPress.org data, Mathilda 0.12 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is Mathilda updated?

Mathilda was last updated on Apr 2, 2025. Frequent updates are generally a positive security signal.

What is Mathilda's security score?

Mathilda has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Mathilda Security & Risk Analysis

wordpress.org/plugins/mathilda

Mathilda copies your tweets from Twitter to WordPress.

10 active installs v0.12 PHP + WP 4.5+ Updated Apr 2, 2025

blogmicrobloggingsocial-networktweetstwitter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Mathilda Safe to Use in 2026?

Generally Safe

Score 92/100

Mathilda has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "mathilda" v0.12 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and does not appear to have any publicly known vulnerabilities. The attack surface is relatively small, with no unprotected AJAX handlers or REST API routes. However, significant concerns arise from the static analysis. The complete absence of nonce checks and capability checks is a major security deficiency, leaving the plugin vulnerable to CSRF and unauthorized actions if any of its entry points were to become accessible to unauthenticated users. Additionally, the presence of the `set_time_limit` function, without clear justification or sanitization, can be a vector for denial-of-service attacks. The low percentage of properly escaped output also suggests a risk of cross-site scripting (XSS) vulnerabilities, as user-supplied data might be rendered directly in the browser without sufficient sanitization. While the vulnerability history is clean, this does not negate the immediate risks identified in the code analysis, which could lead to future vulnerabilities if not addressed.

Key Concerns

Missing nonce checks on entry points
Missing capability checks on entry points
Low percentage of properly escaped output
Use of dangerous function: set_time_limit

Vulnerabilities

None known

Mathilda Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Mathilda Release Timeline

v0.12Current

v0.11

v0.10

v0.9

v0.8.1

v0.8

v0.7

v0.6.1

v0.6

v0.5

v0.4.2

v0.4.1

v0.4

v0.3

v0.2

v0.1

Code Analysis

Analyzed Apr 16, 2026

Mathilda Code Analysis

Dangerous Functions

Raw SQL Queries

57 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

set_time_limitset_time_limit(900);mathilda_cron.php:18

set_time_limitset_time_limit(900);mathilda_import.php:292

set_time_limitset_time_limit(600);mathilda_schedule.php:85

SQL Query Safety

100% prepared57 total queries

Output Escaping

3% escaped100 total outputs

Attack Surface

Mathilda Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[mathilda] mathilda.php:394

WordPress Hooks 26

filterthe_contentmathilda.php:253

actionwp_headmathilda.php:269

actionadmin_headmathilda.php:275

filterbody_classmathilda.php:288

filterquery_varsmathilda.php:300

filterrewrite_rules_arraymathilda.php:382

filterdashboard_glance_itemsmathilda_dashboard.php:21

actionwp_dashboard_setupmathilda_dashboard.php:36

actionadmin_menumathilda_developer.php:15

actionadmin_initmathilda_developer.php:136

actionmathilda_tweets_updatedmathilda_hooks.php:17

actionadmin_noticesmathilda_notification.php:74

actionadmin_noticesmathilda_notification.php:95

actionadmin_noticesmathilda_notification.php:124

filtercron_schedulesmathilda_schedule.php:29

filtercron_schedulesmathilda_schedule.php:44

actionmathilda_tweetload_schedulemathilda_schedule.php:57

actionmathilda_import_schedulemathilda_schedule.php:68

actionmathilda_embed_schedulemathilda_schedule.php:79

actionadmin_menumathilda_settings.php:14

actionadmin_initmathilda_settings.php:238

actionadmin_initmathilda_settings.php:239

actionadmin_initmathilda_settings.php:240

actionadmin_initmathilda_settings.php:241

actionadmin_menumathilda_tools.php:17

actionplugins_loadedmathilda_update.php:211

Scheduled Events 3

mathilda_tweetload_schedule

mathilda_import_schedule

mathilda_embed_schedule

Maintenance & Trust

Mathilda Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedApr 2, 2025

PHP min version

Downloads3K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Mathilda Alternatives

RSS Stream

rss-stream

RSS Stream displays your social feeds in a lifestream way.

10 No CVEs

Simple microblogging

simple-microblogging

Add a microblog to your site; display the microposts in a widget or using a shortcode.

10 No CVEs

Twittrup

twittrup

Updates Twitter when you create a new blog post utilizing an shortener service of your choice.

10 No CVEs

Customize Feeds for Twitter

twitter-tweets

100

Customize Feeds for Twitter plugin for WordPress. You can use this to display real time Twitter feeds on any where on your website by using shortcode …

4K No CVEs

Slim Jetpack

slimjetpack

Slim version of Jetpack unlinked from WordPress.com :) Supercharge your self-hosted wp site even you're NOT WP.COM users.

2K No CVEs

Developer Profile

Mathilda Developer Profile

unmus

3 plugins · 100 total installs

trust score

Avg Security Score

97/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Mathilda

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mathilda/mathilda_tweets.css/wp-content/plugins/mathilda/mathilda_options.css

HTML / DOM Fingerprints

CSS Classes

mathilda-is-here

FAQ

Mathilda Security & Risk Analysis

Is Mathilda Safe to Use in 2026?

Generally Safe

Key Concerns

Mathilda Security Vulnerabilities

Mathilda Release Timeline

Mathilda Code Analysis

Dangerous Functions Found

SQL Query Safety

Output Escaping

Mathilda Attack Surface

Shortcodes 1

Scheduled Events 3

Mathilda Maintenance & Trust

Maintenance Signals

Community Trust

Mathilda Alternatives

RSS Stream

Simple microblogging

Twittrup

Customize Feeds for Twitter

Slim Jetpack

Mathilda Developer Profile

How We Detect Mathilda

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Mathilda