Gunner Technology OpenGrapher Security & Risk Analysis

wordpress.org/plugins/opengrapher

The Gunner Technology OpenGrapher plugin allows WordPress admins to configure OpenGraph info for their site and add official badges with tracking.

10 active installs v0.0.7 PHP + WP 3.0+ Updated Feb 23, 2012
facebookgooglegoogle-pluslinkedinstumbleupon
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is Gunner Technology OpenGrapher Safe to Use in 2026?

Generally Safe

Score 85/100

Gunner Technology OpenGrapher has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 14yr ago
Risk Assessment

The Opengrapher plugin v0.0.7 exhibits a generally good security posture, with no recorded vulnerabilities and strong adherence to secure coding practices such as using prepared statements for SQL and implementing nonce and capability checks. The static analysis reveals a very small attack surface, with only one shortcode entry point and no unprotected AJAX handlers or REST API routes. Taint analysis also shows no critical or high severity flows, indicating a low risk of direct code injection or manipulation through user input.

However, a notable concern lies in the output escaping. With 18% of outputs properly escaped, this leaves a significant portion potentially vulnerable to Cross-Site Scripting (XSS) attacks. While there are no documented CVEs, this could be an area where vulnerabilities might emerge if user-supplied data is not consistently sanitized before being displayed on the frontend. The absence of vulnerabilities in its history is a positive sign, but the lack of robust output escaping is a weakness that warrants attention for improving the plugin's overall security.

In conclusion, Opengrapher v0.0.7 benefits from a limited attack surface and good foundational security practices. The primary area for improvement is ensuring all output is properly escaped to mitigate potential XSS risks. The plugin's history of no reported vulnerabilities is encouraging, but vigilance regarding output sanitization is key to maintaining a strong security posture.

Key Concerns

  • Low percentage of properly escaped output
Vulnerabilities
None known

Gunner Technology OpenGrapher Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Gunner Technology OpenGrapher Release Timeline

v0.0.8
v0.0.7Current
v0.0.6
v0.0.1
Code Analysis
Analyzed Mar 17, 2026

Gunner Technology OpenGrapher Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
23
5 escaped
Nonce Checks
1
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

18% escaped28 total outputs
Attack Surface

Gunner Technology OpenGrapher Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[opengrapher_like_button] opengrapher.php:46
WordPress Hooks 9
actionadmin_noticesadmin.php:14
actionsave_postadmin.php:30
actionadmin_menuadmin.php:32
actionadmin_initadmin.php:33
actionwp_headopengrapher.php:40
actionwp_headopengrapher.php:41
actionwp_headopengrapher.php:42
filterthe_contentopengrapher.php:44
actioninitopengrapher.php:300
Maintenance & Trust

Gunner Technology OpenGrapher Maintenance & Trust

Maintenance Signals

WordPress version tested3.3.2
Last updatedFeb 23, 2012
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Developer Profile

Gunner Technology OpenGrapher Developer Profile

gunnertech

4 plugins · 40 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Gunner Technology OpenGrapher

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/opengrapher/css/style.css
Version Parameters
opengrapher/css/style.css?ver=

HTML / DOM Fingerprints

Shortcode Output
[opengrapher_like_button]
FAQ

Frequently Asked Questions about Gunner Technology OpenGrapher