Does Nevobo Feed have any unpatched vulnerabilities?

No. All known vulnerabilities in Nevobo Feed have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Nevobo Feed compatible with WordPress 5.3.21?

According to WordPress.org data, Nevobo Feed 3.3 has been tested up to WordPress 5.3.21. Check the plugin's changelog for the latest compatibility information.

How often is Nevobo Feed updated?

Nevobo Feed was last updated on Dec 7, 2019. Frequent updates are generally a positive security signal.

What is Nevobo Feed's security score?

Nevobo Feed has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Nevobo Feed Security & Risk Analysis

wordpress.org/plugins/nevobo-feed

Toon de standen, uitslagen en programma feeds in de juiste theme-stijl op je wordpress site.

100 active installs v3.3 PHP + WP 3.1+ Updated Dec 7, 2019

competitiefeednevoborssvolleybal

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Nevobo Feed Safe to Use in 2026?

Generally Safe

Score 85/100

Nevobo Feed has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The "nevobo-feed" plugin v3.3 exhibits a generally strong security posture based on the provided static analysis. The plugin demonstrates good practices by having no dangerous functions, using prepared statements exclusively for SQL queries, and performing file operations without any external HTTP requests. The presence of a nonce check and the absence of any recorded vulnerabilities further contribute to this positive assessment. However, the analysis does reveal some areas for improvement. The most significant concern is the lack of capability checks on any of the entry points, particularly the single shortcode. While there are no AJAX handlers or REST API routes without permission callbacks, a shortcode can still be a vector for unauthorized actions if not properly secured. Additionally, half of the output escaping is not properly handled, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is involved in those outputs.

The plugin's vulnerability history is excellent, with no known CVEs. This suggests a commitment to security or a lack of prior exploitable weaknesses. The low number of analyzed taint flows (2) with no unsanitized paths or critical/high severity issues is also reassuring. In conclusion, "nevobo-feed" v3.3 is a relatively secure plugin, but the lack of capability checks on its shortcode and the significant amount of unescaped output represent potential security weaknesses that should be addressed to further harden the plugin.

Key Concerns

Shortcode without capability checks
50% of outputs not properly escaped

Vulnerabilities

None known

Nevobo Feed Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Nevobo Feed Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

15 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

50% escaped30 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

nevobo_settings_page (nevobo-feed.php:374)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Nevobo Feed Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[nevobo] nevobo-feed.php:15

WordPress Hooks 4

actionadmin_menunevobo-feed.php:16

actionwp_enqueue_scriptsnevobo-feed.php:17

actionadmin_initnevobo-feed.php:18

actionadmin_enqueue_scriptsnevobo-feed.php:814

Maintenance & Trust

Nevobo Feed Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21

Last updatedDec 7, 2019

PHP min version

Downloads5K

Community Trust

Rating100/100

Number of ratings2

Active installs100

Alternatives

Nevobo Feed Alternatives

Nevobo API

nevobo-api

Show the results, fixtures and standings of a RSS Feeds from the Dutch Volleyball Federation (Nevobo) on your Wordpress website.

100 No CVEs

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging

wp-rss-aggregator

The #1 WordPress RSS aggregator to quickly import RSS feeds, build a news aggregator, and for easy autoblogging.

50K 13 CVEs

RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator

feedzy-rss-feeds

The most powerful WordPress RSS aggregator, helping you curate content, autoblog, import RSS & display unlimited RSS feeds within a few minutes.

40K 11 CVEs

Disable Feeds

disable-feeds

Disables all RSS/Atom/RDF feeds on your WordPress site.

30K No CVEs

PowerPress Podcasting plugin by Blubrry

powerpress

No. 1 Podcasting plugin for WordPress.

30K 19 CVEs

Developer Profile

Nevobo Feed Developer Profile

Masselink

1 plugin · 100 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Nevobo Feed

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/nevobo-feed/nevobo-feed.css

Version Parameters

nevobo-feed/nevobo-feed.css?ver=

HTML / DOM Fingerprints

CSS Classes

nevobofeed

HTML Comments

Data Attributes

data-url

Shortcode Output

<span class='nevobofeed'><table class='nevobofeed'><thead><tr><th>#</th><th style='min-width: 150px;'>Team </th><th>Wedstr.</th><th>Punten </th></tr></thead><tbody>

<thead><tr><th>Datum</th><th style='min-width: 150px;'>Thuisploeg </th><th></th><th style='min-width: 150px;'>Uitploeg</th><th td style='text-align: center'>Resultaat

FAQ