Does My Weather have any unpatched vulnerabilities?

No. All known vulnerabilities in My Weather have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is My Weather compatible with WordPress 4.2.39?

According to WordPress.org data, My Weather 1.1 has been tested up to WordPress 4.2.39. Check the plugin's changelog for the latest compatibility information.

How often is My Weather updated?

My Weather was last updated on Apr 24, 2015. Frequent updates are generally a positive security signal.

What is My Weather's security score?

My Weather has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

My Weather Security & Risk Analysis

wordpress.org/plugins/my-weather

Display the weather for your city on the sidebar. Select from various layouts, designs and colours

200 active installs v1.1 PHP + WP 2.8+ Updated Apr 24, 2015

el-tiempometeoweatherweather-forecastwetter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is My Weather Safe to Use in 2026?

Generally Safe

Score 85/100

My Weather has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The "my-weather" v1.1 plugin exhibits a mixed security posture. On the positive side, it has no recorded vulnerabilities in its history, and its static analysis shows no direct entry points like AJAX handlers, REST API routes, or shortcodes that are exposed without authentication. Furthermore, all SQL queries utilize prepared statements, which is a strong defense against SQL injection. However, significant concerns arise from the code analysis. The presence of two "unserialize" calls is a critical risk, as unserializing untrusted data can lead to arbitrary code execution if not handled with extreme care and input validation. Additionally, a complete lack of output escaping on all observed outputs (33 total) presents a high risk of Cross-Site Scripting (XSS) vulnerabilities. The absence of nonce and capability checks is also worrying, as it indicates a lack of proper authorization and protection against CSRF attacks on any potential future entry points or internal functions that might become exposed.

Key Concerns

Dangerous function: unserialize found
Output escaping: 0% properly escaped
Nonce checks: 0
Capability checks: 0

Vulnerabilities

None known

My Weather Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

My Weather Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$country_weather_list = unserialize($country_weather_list_ser);functions.php:16

unserialize$province_weather_list = unserialize($province_weather_list_ser);functions.php:54

Output Escaping

0% escaped33 total outputs

Attack Surface

My Weather Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actionwidgets_initmy_weather.php:18

Maintenance & Trust

My Weather Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39

Last updatedApr 24, 2015

PHP min version

Downloads53K

Community Trust

Rating100/100

Number of ratings1

Active installs200

Alternatives

My Weather Alternatives

Australian Weather Widget – WillyWeather

australian-weather-widget-willyweather

Australian weather widgets for Wordpress, with the latest data sourced from the Bureau of Meteorology (BoM). Custom designs to suit any website.

200 No CVEs

Das Wetter von wetter.com

das-wetter-von-wettercom

Das Wetter Plugin für Wordpress von wetter.com zeigt aktuelle Wetterinformationen für die Stadt deiner Wahl an. Das Plugin ist leicht zu installieren …

50 No CVEs

Location Weather – WordPress Weather Forecast, AQI, Temperature and Weather Widget

location-weather

100

Customizable WordPress Weather Forecast plugin to display Current Temperature, Hourly & Daily Forecasts, up to 16-Day, Air Quality, & Live Weather Map

10K 1 CVE

wp-forecast

wp-forecast is a highly customizable plugin for wordpress, showing weather-data from open-meteo.com and/or openweathermap.com.

5K 2 CVEs

Wettervorhersage

wettervorhersage

Get the new and amazing weather forecast widget, select location and colors, responsive widget.

2K No CVEs

Developer Profile

My Weather Developer Profile

enclick

8 plugins · 3K total installs

trust score

Avg Security Score

88/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect My Weather

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/my-weather/my_weather.css/wp-content/plugins/my-weather/my_weather.js

Script Paths

/wp-content/plugins/my-weather/my_weather.js

Version Parameters

my-weather/my_weather.css?ver=my-weather/my_weather.js?ver=

HTML / DOM Fingerprints

CSS Classes

my-weather-widget

Data Attributes

data-citydata-countrydata-typedata-text-colordata-background-colordata-border-color+2 more

JS Globals

my_weather_ajax_obj

Shortcode Output

[my_weather]

FAQ