Mihdan: Yandex Turbo Feed Security & Risk Analysis
wordpress.org/plugins/mihdan-yandex-turbo-feedMihdan: Yandex Turbo Feed by mihdan – allows you to convert your site materials into Yandex.Turbo format.
Is Mihdan: Yandex Turbo Feed Safe to Use in 2026?
Generally Safe
Score 85/100Mihdan: Yandex Turbo Feed has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.
The mihdan-yandex-turbo-feed v1.6.6 plugin exhibits a generally good security posture with a small attack surface and a commendable use of prepared statements for SQL queries. The absence of critical or high-severity taint flows, coupled with a lack of raw SQL queries, are positive indicators. However, the presence of a medium-severity Cross-Site Scripting (XSS) vulnerability in its history, even if currently patched, warrants caution. The code analysis shows a high percentage of properly escaped outputs, but the remaining 15% could still be a vector for XSS if they handle user-supplied data. While the plugin demonstrates strong adherence to many security best practices, the past XSS vulnerability suggests a need for ongoing vigilance and thorough testing of any user-facing output, particularly those not explicitly escaped.
Key Concerns
- Past medium XSS vulnerability history
- 15% of outputs not properly escaped
Mihdan: Yandex Turbo Feed Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
Mihdan: Yandex Turbo Feed <= 1.6.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Mihdan: Yandex Turbo Feed Release Timeline
Mihdan: Yandex Turbo Feed Code Analysis
Bundled Libraries
SQL Query Safety
Output Escaping
Mihdan: Yandex Turbo Feed Attack Surface
Shortcodes 1
WordPress Hooks 53
Maintenance & Trust
Mihdan: Yandex Turbo Feed Maintenance & Trust
Maintenance Signals
Community Trust
Mihdan: Yandex Turbo Feed Alternatives
RSS for Yandex Turbo
rss-for-yandex-turbo
Создание RSS-ленты для сервиса Яндекс.Турбо.
RSS for Yandex Zen
rss-for-yandex-zen
Создание RSS-ленты для сервиса Яндекс.Дзен.
Feed Delay
ram108-feed-delay
Delay posts from being appear in the RSS feed immediately after publication.
RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging
wp-rss-aggregator
The #1 WordPress RSS aggregator to quickly import RSS feeds, build a news aggregator, and for easy autoblogging.
RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator
feedzy-rss-feeds
The most powerful WordPress RSS aggregator, helping you curate content, autoblog, import RSS & display unlimited RSS feeds within a few minutes.
Mihdan: Yandex Turbo Feed Developer Profile
12 plugins · 32K total installs
How We Detect Mihdan: Yandex Turbo Feed
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/mihdan-yandex-turbo-feed/assets/css/admin.css/wp-content/plugins/mihdan-yandex-turbo-feed/assets/js/admin.js/wp-content/plugins/mihdan-yandex-turbo-feed/vendor/autoload.php/wp-content/plugins/mihdan-yandex-turbo-feed/vendor/advanced-custom-fields/acf.php/wp-content/plugins/mihdan-yandex-turbo-feed/vendor/acf-multiple-taxonomy/acf-multiple-taxonomy.php/wp-content/plugins/mihdan-yandex-turbo-feed/includes/class-main.php/wp-content/plugins/mihdan-yandex-turbo-feed/includes/class-utils.php/wp-content/plugins/mihdan-yandex-turbo-feed/includes/class-settings.php+8 moremihdan-yandex-turbo-feed/assets/css/admin.css?ver=mihdan-yandex-turbo-feed/assets/js/admin.js?ver=HTML / DOM Fingerprints
<!-- mihdan-yandex-turbo-feed -->turbo-contentturbo-item-titleturbo-item-descriptionturbo-item-authorturbo-item-imageturbo-item-pubdate+1 more[yandex_turbo_feed_items][yandex_turbo_feed_item]