Does NewsPlugin have any unpatched vulnerabilities?

No. All known vulnerabilities in NewsPlugin have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is NewsPlugin compatible with WordPress 5.8.13?

According to WordPress.org data, NewsPlugin 1.1.0 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

How often is NewsPlugin updated?

NewsPlugin was last updated on Aug 25, 2021. Frequent updates are generally a positive security signal.

What is NewsPlugin's security score?

NewsPlugin has a WP-Safety security score of 84/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

NewsPlugin Security & Risk Analysis

wordpress.org/plugins/newsplugin

The ultimate FREE news plugin for WordPress. Create custom newsfeeds and watch the fresh relevant news headlines appear on your website.

400 active installs v1.1.0 PHP + WP 3.9+ Updated Aug 25, 2021

newsnews-feednews-feedsnews-pluginnewsfeed

B · Generally Safe

CVEs total1

Unpatched0

Last CVEJul 21, 2021

Plugin page Download

Safety Verdict

Is NewsPlugin Safe to Use in 2026?

Mostly Safe

Score 84/100

NewsPlugin is generally safe to use though it hasn't been updated recently. 1 past CVE were resolved. Keep it updated.

1 known CVELast CVE: Jul 21, 2021Updated 4yr ago

Risk Assessment

The newsplugin v1.1.0 exhibits a generally good security posture based on the provided static analysis. The absence of dangerous functions, the exclusive use of prepared statements for SQL queries, and the 100% proper output escaping are strong indicators of secure coding practices. Furthermore, the presence of nonce and capability checks, along with a limited attack surface of two shortcodes with no identified vulnerabilities in their entry points, contribute positively to its security. The plugin's vulnerability history, while showing one past high-severity CSRF vulnerability, is mitigated by the fact that it is currently unpatched. The absence of any taint analysis findings further reinforces the impression of a secure codebase.

Key Concerns

Past high severity vulnerability (CSRF)
Vulnerability history indicates potential for CSRF

Vulnerabilities

NewsPlugin Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

Patched Has unpatched

Severity Breakdown

High

1 total CVE

CVE-2021-34631high · 8.8Cross-Site Request Forgery (CSRF)

NewsPlugin <= 1.0.18 – Cross-Site Request Forgery to Stored Cross-Site Scripting

Jul 21, 2021 Patched in 1.1.0 (916d)

Code Analysis

Analyzed Mar 16, 2026

NewsPlugin Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

252 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped252 total outputs

Attack Surface

NewsPlugin Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[newsplugin_widgets] news-plugin.php:138

[newsplugin_feed] news-plugin.php:139

WordPress Hooks 21

filterwp_feed_cache_transient_lifetimenews-plugin-widget.php:378

actioninitnews-plugin.php:39

actionwidgets_initnews-plugin.php:42

actionadmin_initnews-plugin.php:43

actionadmin_menunews-plugin.php:44

actionadmin_initnews-plugin.php:45

actionadmin_initnews-plugin.php:46

actionadmin_initnews-plugin.php:47

actionadmin_initnews-plugin.php:48

actionadmin_initnews-plugin.php:49

actionadmin_initnews-plugin.php:50

actionadmin_enqueue_scriptsnews-plugin.php:51

actionwp_enqueue_scriptsnews-plugin.php:52

actionadmin_post_nopriv_news_plugin_save_stylenews-plugin.php:54

actionadmin_post_news_plugin_save_stylenews-plugin.php:55

actionadmin_post_nopriv_news_plugin_send_feedbacknews-plugin.php:56

actionadmin_post_news_plugin_send_feedbacknews-plugin.php:57

actionadmin_post_nopriv_news_plugin_update_system_infonews-plugin.php:58

actionadmin_post_news_plugin_update_system_infonews-plugin.php:59

actionadmin_initnews-plugin.php:61

filterwp_mail_content_typesend_feedback.php:75

Maintenance & Trust

NewsPlugin Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedAug 25, 2021

PHP min version

Downloads35K

Community Trust

Rating66/100

Number of ratings7

Active installs400

Alternatives

NewsPlugin Alternatives

Better Press Newsfeed

better-press-newsfeed

A plugin to provide a dashboard widget for WP Tavern and Post Status.

10 No CVEs

WP News and Scrolling Widgets

sp-news-and-widget

100

A quick, easy way to add an News custom post type, News widget, vertical scrolling news widget to WordPress. Also work with Gutenberg shortcode block.

10K No CVEs

News Announcement Scroll

news-announcement-scroll

News Announcement Scroll is a simple vertical scroll news widget for your WordPress website. Easy to use & no coding knowledge required.

2K 2 CVEs

Beamer – newsfeed and push notifications

beamer

Beamer is a smart and easy-to-use notification center and changelog that will help you announce important news, latest products, special offers and mo …

200 No CVEs

Auto Robot – WP Autoblogging and RSS Feed News Aggregator

auto-robot

100

Auto blogging and generate WordPress posts automatically from OpenAI ChatGPT, RSS Feed, Instagram, Youtube, Facebook, Twitter, Vimeo, Flickr and etc.

100 No CVEs

Developer Profile

NewsPlugin Developer Profile

newsplugin.com

1 plugin · 400 total installs

trust score

Avg Security Score

84/100

Avg Patch Time

916 days

View full developer profile

Detection Fingerprints

How We Detect NewsPlugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/newsplugin/assets/css/news-plugin.css

Script Paths

/wp-content/plugins/newsplugin/assets/js/jscolor.min.js

Version Parameters

news-plugin/assets/css/news-plugin.css?ver=news-plugin/assets/js/jscolor.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

newsplugin_widget_areanewsplugin_widgets_area

Data Attributes

data-area

Shortcode Output

[newsplugin_widgets[newsplugin_feed

FAQ