Does MRZ Social have any unpatched vulnerabilities?

No. All known vulnerabilities in MRZ Social have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is MRZ Social compatible with WordPress 3.9.40?

According to WordPress.org data, MRZ Social 1.1.0 has been tested up to WordPress 3.9.40. Check the plugin's changelog for the latest compatibility information.

How often is MRZ Social updated?

MRZ Social was last updated on Jul 21, 2014. Frequent updates are generally a positive security signal.

What is MRZ Social's security score?

MRZ Social has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

MRZ Social Security & Risk Analysis

wordpress.org/plugins/mrz-social

Just another social icons plugin, but with funky likes, followers, +1 counter and childishly simple configuration!

10 active installs v1.1.0 PHP + WP 3.1+ Updated Jul 21, 2014

facebooklikesocial-countersocial-iconssocial-plugin

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is MRZ Social Safe to Use in 2026?

Generally Safe

Score 85/100

MRZ Social has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The mrz-social plugin v1.1.0 presents a mixed security profile. On the positive side, the static analysis indicates a very small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, all SQL queries are properly prepared, and there are no identified dangerous functions or file operations. The absence of any recorded vulnerabilities in its history is also a positive sign, suggesting a generally stable development track record. However, there are significant concerns regarding output escaping, with only 36% of outputs being properly escaped. This leaves a substantial portion of the plugin's output vulnerable to cross-site scripting (XSS) attacks if user-supplied data is not sufficiently sanitized before display. The lack of nonce checks and capability checks is also a critical weakness, particularly if any of the plugin's actions, however seemingly minor, can be triggered by unauthorized users. The presence of external HTTP requests without clear sanitization or authentication contexts also warrants caution.

Key Concerns

Low percentage of properly escaped output
Missing nonce checks
Missing capability checks
Presence of external HTTP requests

Vulnerabilities

None known

MRZ Social Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

MRZ Social Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

36% escaped25 total outputs

Attack Surface

MRZ Social Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionadmin_menuincludes\options.php:20

actionadmin_initincludes\options.php:161

filterhttps_ssl_verifyincludes\social-counter-class.php:152

filterhttps_ssl_verifyincludes\social-counter-class.php:174

actionplugins_loadedmrz-social.php:27

actionwidgets_initmrz-social.php:61

Maintenance & Trust

MRZ Social Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40

Last updatedJul 21, 2014

PHP min version

Downloads3K

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

MRZ Social Alternatives

WP LikeJS

wp-likejs

100

WP LikeJS includes an eyecatching Facebook Like Box on your website. You'll get more Fans with LikeJS than with an usual Like Button and it locks …

20 No CVEs

Mongoose Page Plugin

facebook-page-feed-graph-api

100

The most popular way to display the Facebook Page Plugin on your WordPress website. Easy implementation using a shortcode or widget.

10K 1 CVE

Easy Social Like Box – Popup – Sidebar Widget

cardoza-facebook-like-box

WP Facebook Like Box Plugin enables you to display the facebook page likes in sidebar widget or popup. Display like button for the posts.

7K 2 CVEs

Social Like Box and Page by WpDevArt

like-box

WordPress Facebook Like box plugin will help you to display like box on your website, just add our plugin widget to your sidebar and use it.

6K 2 CVEs

Easy Social Box / Page Plugin

easy-facebook-like-box

Easy Social box display facebook like box. it enable Facebook Page owners to attract and gain Likes from their own website.

5K 1 CVE

Developer Profile

MRZ Social Developer Profile

MRazorZ

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect MRZ Social

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mrz-social/css/mrz-social-widgets.css

HTML / DOM Fingerprints

CSS Classes

mrz-social-countersmrz-social-counter-facebookmrz-social-link-facebookmrz-social-icon-facebookmrz-social-counter-twittermrz-social-link-twittermrz-social-icon-twittermrz-social-counter-gplus+5 more

Data Attributes

mrz-social-widgets

FAQ