MP Tweet List Security & Risk Analysis
wordpress.org/plugins/mp-tweet-listThe MP Tweet List allows you to easily display your most recent tweets, with support for multiple Twitter accounts - with no Javascript or Flash.
Is MP Tweet List Safe to Use in 2026?
Generally Safe
Score 85/100MP Tweet List has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "mp-tweet-list" v4.1 plugin exhibits a generally good security posture with no recorded vulnerabilities or critical taint flows. The static analysis indicates a small attack surface with no unprotected entry points like AJAX handlers, REST API routes, or shortcodes. The absence of dangerous functions and the exclusive use of prepared statements for SQL queries are strong indicators of secure coding practices in these areas. However, there are notable concerns. The extremely low percentage of properly escaped output (14%) is a significant weakness, suggesting a high risk of cross-site scripting (XSS) vulnerabilities. While capability checks are present, the lack of nonce checks on potential entry points (though none were identified in the static analysis) is a missed opportunity for defense-in-depth. The presence of file operations and external HTTP requests, while not inherently insecure, requires careful scrutiny as they can be vectors for other vulnerabilities if not handled meticulously. Given the clean vulnerability history, it's possible the plugin developers are attentive to security, but the output escaping issue needs immediate attention to mitigate potential risks.
Key Concerns
- Low output escaping rate
- Missing nonce checks
MP Tweet List Security Vulnerabilities
MP Tweet List Release Timeline
MP Tweet List Code Analysis
Output Escaping
MP Tweet List Attack Surface
WordPress Hooks 4
Maintenance & Trust
MP Tweet List Maintenance & Trust
Maintenance Signals
Community Trust
MP Tweet List Alternatives
Nextend Social Login and Register
nextend-facebook-connect
One click registration & login plugin for Facebook, Google, X (formerly Twitter) and more. Quick setup and easy configuration.
Open Graph and Twitter Card Tags
wonderm00ns-simple-facebook-open-graph-tags
Improve social media sharing by inserting Facebook Open Graph, Twitter Card, and SEO Meta Tags on your WordPress website pages, posts, WooCommerce pro …
Social Media Widget
social-media-widget
Adds links to all of your social media and sharing site profiles. Tons of icons come in 3 sizes, 4 icon styles, and 4 animations.
Professional Social Sharing Buttons, Icons & Related Posts – Shareaholic
shareaholic
Boost Audience Engagement with Award Winning Speed Optimized Social Tools: Share Buttons, Related Posts, Monetization & Google Analytics.
miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn)
miniorange-login-openid
Social Login with Discord, Facebook, Google, Twitter, LinkedIn and 40+ apps. Social login with social share and comments. Free, fast & easy! WooCo …
MP Tweet List Developer Profile
3 plugins · 280 total installs
How We Detect MP Tweet List
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/mp-tweet-list/css/style.css/wp-content/plugins/mp-tweet-list/js/mp-tweet-list.js/wp-content/plugins/mp-tweet-list/js/mp-tweet-list.jsmp-tweet-list/css/style.css?ver=mp-tweet-list/js/mp-tweet-list.js?ver=HTML / DOM Fingerprints
mp-tweet-listmp_tweet_list_widget<!-- MP Tweet List Widget --><!-- MP Tweet List Widget Settings -->data-usernamedata-countdata-consumer-keydata-consumer-secretdata-access-tokendata-access-token-secretmp_tweet_list_ajax[mp-tweet-list]