My Social Widgets With ShortCode Security & Risk Analysis
wordpress.org/plugins/my-social-widgets-with-shortcodeAdd social media widgets in the sidebar via widget or shortcode. Support Facebook, Twitter, Recent Posts. Fully Customizable
Is My Social Widgets With ShortCode Safe to Use in 2026?
Generally Safe
Score 85/100My Social Widgets With ShortCode has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The plugin 'my-social-widgets-with-shortcode' v1.0 exhibits a mixed security posture. On the positive side, it shows a strong adherence to secure coding practices regarding SQL queries, utilizing prepared statements exclusively. The plugin also demonstrates a limited attack surface, with only one shortcode as an entry point, and crucially, no unprotected AJAX handlers or REST API routes were identified. Its vulnerability history is clean, with no known CVEs, suggesting either a well-maintained codebase or a lack of past scrutiny. However, several significant concerns arise from the static analysis. The presence of 'create_function', a deprecated and often risky function due to its ability to execute arbitrary code, is a notable weakness. Furthermore, the output escaping is alarmingly low, with only 15% of outputs properly escaped, creating a high risk of Cross-Site Scripting (XSS) vulnerabilities. The complete absence of nonce checks on its sole entry point (the shortcode) is also a critical oversight, potentially exposing the plugin to various forms of injection or unauthorized actions if the shortcode's functionality is exploitable.
Key Concerns
- Low output escaping (XSS risk)
- Use of dangerous 'create_function'
- No nonce checks on entry points
- Limited capability checks found
My Social Widgets With ShortCode Security Vulnerabilities
My Social Widgets With ShortCode Code Analysis
Dangerous Functions Found
Output Escaping
My Social Widgets With ShortCode Attack Surface
Shortcodes 1
WordPress Hooks 8
Maintenance & Trust
My Social Widgets With ShortCode Maintenance & Trust
Maintenance Signals
Community Trust
My Social Widgets With ShortCode Alternatives
Metro Style Social Widget
metro-style-social-widget
Metro Style Social Network Widget
Social Counter Widget
social-counter-widget
This widget will display your RSS subscribers, Twitter followers and Facebook fans in one nice looking box.
Total Social Counter
total-social-counter
This widget combines the number of your RSS readers, twitter followers, and fans of your facebook fan page.
Nextend Social Login and Register
nextend-facebook-connect
One click registration & login plugin for Facebook, Google, X (formerly Twitter) and more. Quick setup and easy configuration.
Open Graph and Twitter Card Tags
wonderm00ns-simple-facebook-open-graph-tags
Improve social media sharing by inserting Facebook Open Graph, Twitter Card, and SEO Meta Tags on your WordPress website pages, posts, WooCommerce pro …
My Social Widgets With ShortCode Developer Profile
2 plugins · 20 total installs
How We Detect My Social Widgets With ShortCode
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/my-social-widgets-with-shortcode/css/social-widgets.css/wp-content/plugins/my-social-widgets-with-shortcode/js/social-widgets.jsmy-social-widgets-with-shortcode/css/social-widgets.css?ver=my-social-widgets-with-shortcode/js/social-widgets.js?ver=HTML / DOM Fingerprints
<!-- Begin MailChimp Signup Form --><!--[if IE]><!--[if IE 7]><!-- indicates requiredid="swform"name="swform"id="facebook"id="twitter"id="recenct_posts"id="sw_options"+17 morewindow.jQuerywindow.jQuery.validatewindow.jQuery.form<h3></h3><textarea style="width:500px; height:75px;">[mysocialwidget widget_name="" instance="