Poster Live Security & Risk Analysis

wordpress.org/plugins/poster-live

A plugin that shows posts in a separate, live and very beautiful category.

0 active installs v1.0.0 PHP 5.2+ WP 5.2+ Updated Nov 18, 2021
ajax-livedisplay-posts-by-categorylive-postspost-categoriesposts
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Poster Live Safe to Use in 2026?

Generally Safe

Score 85/100

Poster Live has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago
Risk Assessment

The 'poster-live' v1.0.0 plugin exhibits a generally positive security posture based on the provided static analysis. The absence of known CVEs and no recorded historical vulnerabilities strongly suggests a history of responsible development. Furthermore, the code signals indicate good practices such as the complete use of prepared statements for SQL queries and a lack of dangerous functions or file operations. However, there are areas that warrant attention. The plugin has a low total attack surface, but the lack of explicit authorization checks on the single shortcode, while not explicitly identified as a vulnerability in the taint analysis, presents a potential risk if the shortcode handles user-supplied data that is then displayed without proper sanitization. Additionally, the 63% output escaping rate indicates that a significant portion of outputs are not properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if user-controlled data is involved in these unescaped outputs.

Key Concerns

  • Shortcode without explicit auth checks
  • Significant portion of output unescaped
Vulnerabilities
None known

Poster Live Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Poster Live Release Timeline

v1.0.0Current
Code Analysis
Analyzed Apr 16, 2026

Poster Live Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
6
10 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

63% escaped16 total outputs
Attack Surface

Poster Live Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[poster_live] main.php:27
WordPress Hooks 1
actionwp_enqueue_scriptsmain.php:15
Maintenance & Trust

Poster Live Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13
Last updatedNov 18, 2021
PHP min version5.2
Downloads817

Community Trust

Rating0/100
Number of ratings0
Active installs0
Developer Profile

Poster Live Developer Profile

moshilini90

1 plugin · 0 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Poster Live

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/poster-live/assets/style.css/wp-content/plugins/poster-live/assets/script.js
Script Paths
/wp-content/plugins/poster-live/assets/script.js
Version Parameters
poster-live/assets/script.js?ver=1.0

HTML / DOM Fingerprints

CSS Classes
poster_live_ulposter_live_postsposter_live_posts_catposter_live_post_cartposter_live_post_thumbnailposter_live_post_linkposter_live_link-containerposter_live_meta_info+3 more
Data Attributes
data-poster_live_cat_id
Shortcode Output
<ul class="poster_live_ul"><div class="poster_live_posts"><div class="poster_live_posts_cat<div class="poster_live_post_cart">
FAQ

Frequently Asked Questions about Poster Live