Does Plot My Posts and Tweets have any unpatched vulnerabilities?

No. All known vulnerabilities in Plot My Posts and Tweets have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Plot My Posts and Tweets compatible with WordPress 3.3.2?

According to WordPress.org data, Plot My Posts and Tweets 1.1 has been tested up to WordPress 3.3.2. Check the plugin's changelog for the latest compatibility information.

How often is Plot My Posts and Tweets updated?

Plot My Posts and Tweets was last updated on Apr 16, 2012. Frequent updates are generally a positive security signal.

What is Plot My Posts and Tweets's security score?

Plot My Posts and Tweets has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Plot My Posts and Tweets Security & Risk Analysis

wordpress.org/plugins/plot-my-tweets-and-posts

Plot your blog posts and/or tweets on a Google Map in date order with a path tracing your route.

10 active installs v1.1 PHP + WP 3.1+ Updated Apr 16, 2012

adventuregoogle-mapsplot-poststweetstwitter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Plot My Posts and Tweets Safe to Use in 2026?

Generally Safe

Score 85/100

Plot My Posts and Tweets has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago

Risk Assessment

The security posture of the "plot-my-tweets-and-posts" v1.1 plugin presents significant concerns primarily due to its unprotected entry points and lack of output escaping. The analysis reveals 4 out of 5 total entry points are not protected by authentication checks, including all AJAX handlers. This creates a broad attack surface where unauthenticated users could potentially interact with sensitive plugin functionalities. Furthermore, the complete absence of output escaping for 44 identified outputs is a critical flaw, making the plugin highly susceptible to Cross-Site Scripting (XSS) vulnerabilities. Although the taint analysis did not identify critical or high severity flows, the presence of 7 unsanitized path flows is concerning and warrants investigation. The plugin's vulnerability history is clean, with no known CVEs, which is a positive indicator of past security efforts, but this does not mitigate the immediate risks identified in the current code analysis. In conclusion, while the plugin has no recorded past vulnerabilities, the current version exhibits severe security weaknesses in handling user input and output, demanding urgent attention and remediation.

Key Concerns

Unprotected AJAX handlers
No output escaping
Unsanitized path flows
No nonce checks
No capability checks

Vulnerabilities

None known

Plot My Posts and Tweets Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Plot My Posts and Tweets Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

67% prepared3 total queries

Output Escaping

0% escaped44 total outputs

Data Flows

7 unsanitized

Data Flow Analysis

7 flows7 with unsanitized paths

plotmypostsandtweets_settings_page (plotmypostsandtweets.php:132)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Plot My Posts and Tweets Attack Surface

Entry Points5

Unprotected4

AJAX Handlers 4

authwp_ajax_edit_tweetplotmypostsandtweets.php:408

authwp_ajax_save_tweetplotmypostsandtweets.php:449

authwp_ajax_edit_postplotmypostsandtweets.php:505

authwp_ajax_save_postplotmypostsandtweets.php:535

Shortcodes 1

[plotmypostsandtweets] plotmypostsandtweets.php:581

WordPress Hooks 3

actionadmin_menuplotmypostsandtweets.php:79

actionadmin_initplotmypostsandtweets.php:224

actionsave_postplotmypostsandtweets.php:575

Maintenance & Trust

Plot My Posts and Tweets Maintenance & Trust

Maintenance Signals

WordPress version tested3.3.2

Last updatedApr 16, 2012

PHP min version

Downloads3K

Community Trust

Rating60/100

Number of ratings3

Active installs10

Alternatives

Plot My Posts and Tweets Alternatives

Customize Feeds for Twitter

twitter-tweets

100

Customize Feeds for Twitter plugin for WordPress. You can use this to display real time Twitter feeds on any where on your website by using shortcode …

4K No CVEs

Slim Jetpack

slimjetpack

Slim version of Jetpack unlinked from WordPress.com :) Supercharge your self-hosted wp site even you're NOT WP.COM users.

2K No CVEs

Display Tweets

display-tweets-php

Display Tweets is an easy to use, future proof Twitter feed plugin that uses PHP to make requests to the v1.1 Twitter REST API.

1K No CVEs

Peadig's Twitter Feed: Embedded Timeline WordPress Plugin

wp-twitter-feed

A simple Twitter feed that outputs your latest tweets in HTML into any post, page, template or sidebar widget. Customisable and easy to install!

600 1 unpatched

Twiget Twitter Widget

twiget

A widget to display the latest Twitter status updates.

500 No CVEs

Developer Profile

Plot My Posts and Tweets Developer Profile

phy9pas

2 plugins · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Plot My Posts and Tweets

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/plot-my-tweets-and-posts/images/icon_post.png/wp-content/plugins/plot-my-tweets-and-posts/images/icon_tweet.png

Version Parameters

plot-my-tweets-and-posts/style.css?ver=plot-my-tweets-and-posts/plotmypostsandtweets.js?ver=

HTML / DOM Fingerprints

CSS Classes

plotmypostsandtweets_filterplotmypostsandtweets_list

Data Attributes

rel="everything"rel="tweet"rel="post"

JS Globals

DATEFORMAT

Shortcode Output

[plotmypostsandtweets]

FAQ