Posts Viewed Recently Security & Risk Analysis
wordpress.org/plugins/posts-viewed-recentlyPosts Viewed Recently plugin shows recently viewed posts or pages by a visitor as a responsive sidebar widget or on a page/post using the shortcode.
Is Posts Viewed Recently Safe to Use in 2026?
Generally Safe
Score 85/100Posts Viewed Recently has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "posts-viewed-recently" plugin v1.3.2 presents a generally good security posture based on the provided static analysis. The absence of dangerous functions, file operations, external HTTP requests, and SQL queries executed without prepared statements are positive indicators. The limited attack surface, with only one shortcode and no unprotected AJAX handlers or REST API routes, further contributes to its security. However, a significant concern arises from the low percentage of properly escaped output (25%). This indicates that a substantial portion of the plugin's output may be vulnerable to Cross-Site Scripting (XSS) attacks, especially if user-supplied data is displayed without adequate sanitization.
The vulnerability history shows no known CVEs, which is a strong positive sign. This suggests a history of secure development or effective patching by developers. The lack of recorded common vulnerability types reinforces this. Despite the strong vulnerability history, the unescaped output remains a significant weakness that could be exploited. The overall conclusion is that while the plugin benefits from a minimal attack surface and a clean vulnerability record, the unescaped output presents a tangible risk that should be addressed.
Key Concerns
- Low percentage of properly escaped output
Posts Viewed Recently Security Vulnerabilities
Posts Viewed Recently Code Analysis
Output Escaping
Posts Viewed Recently Attack Surface
Shortcodes 1
WordPress Hooks 4
Maintenance & Trust
Posts Viewed Recently Maintenance & Trust
Maintenance Signals
Community Trust
Posts Viewed Recently Alternatives
DD Last Viewed
dd-lastviewed
Shows the users recently viewed/visited posts, filtered on types or terms, in a widget.
Last Viewed Posts by WPBeginner
last-viewed-posts
This shows your site's visitors a personalized list of posts and pages they have recently viewed.
Recently Viewed Product for WooCommerce
recently-viewed-products-for-woocommerce
Recently Viewed Products for WooCommerce Listing page, you can easily add recently viewed product section by activate the plugin.
MATE Recently Viewed Products – Cache Compatible for WooCommerce
mate-recently-viewed-products
Display recently viewed WooCommerce products via AJAX and cookies. Works with caching. Includes a customizable block and shortcode.
Customer who viewed this item also viewed using Woocommerce
woocommerce-customer-who-viewed-this-item-also-viewed
To suggest your site visitors with products which were mostly explored by other customers. This requires the WooCommerce plugin activated
Posts Viewed Recently Developer Profile
4 plugins · 5K total installs
How We Detect Posts Viewed Recently
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/posts-viewed-recently/js/recent-viewed-posts.js/wp-content/plugins/posts-viewed-recently/css/recent-viewed-posts.css/wp-content/plugins/posts-viewed-recently/js/recent-viewed-posts.jsposts-viewed-recently/js/recent-viewed-posts.js?ver=posts-viewed-recently/css/recent-viewed-posts.css?ver=HTML / DOM Fingerprints
ft-recently-viewed-posts<!-- Shortcode: --><!-- Shortcode: [ft-recentlyviewed widget_id="%d"] -->data-posts-viewed-recentlyft_recent_viewed_posts[ft-recentlyviewed]