Does Publish to Netlify have any unpatched vulnerabilities?

No. All known vulnerabilities in Publish to Netlify have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Publish to Netlify compatible with WordPress 5.6.17?

According to WordPress.org data, Publish to Netlify 1.0.2 has been tested up to WordPress 5.6.17. Check the plugin's changelog for the latest compatibility information.

Is Publish to Netlify compatible with PHP 7.0+?

Publish to Netlify requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Publish to Netlify updated?

Publish to Netlify was last updated on Nov 29, 2020. Frequent updates are generally a positive security signal.

What is Publish to Netlify's security score?

Publish to Netlify has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Publish to Netlify Security & Risk Analysis

wordpress.org/plugins/publish-to-netlify

Easily deploy static sites to Netlify using WordPress as backend. This plugin builds your static website using Netlify webhooks to trigger the deploy …

100 active installs v1.0.2 PHP 7.0+ WP 4.6+ Updated Nov 29, 2020

decoupleddeploygatsbyheadlessnetlify

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Publish to Netlify Safe to Use in 2026?

Generally Safe

Score 85/100

Publish to Netlify has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The "publish-to-netlify" v1.0.2 plugin exhibits a strong security posture based on the provided static analysis. The absence of any identified dangerous functions, raw SQL queries, unescaped output, file operations, or critical taint flows is highly positive. Furthermore, the plugin has no recorded vulnerability history, suggesting a commitment to secure development practices. The plugin's attack surface is effectively zero, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events that could be exploited without proper authentication. This demonstrates a well-contained and securely designed plugin.

However, a notable observation is the complete lack of nonce checks and capability checks. While the current attack surface is zero, this absence represents a potential weakness should any new entry points be introduced in future versions without corresponding security checks. Additionally, the plugin makes an external HTTP request, and while the static analysis doesn't indicate immediate risk from this, it's an area that warrants attention, especially concerning potential data exposure or manipulation if the target endpoint is compromised or if the request data is not handled securely. Overall, the plugin is secure as is, but the lack of explicit checks on potential future entry points is a minor concern.

Key Concerns

No nonce checks detected
No capability checks detected
External HTTP requests present

Vulnerabilities

None known

Publish to Netlify Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Publish to Netlify Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Publish to Netlify Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionadmin_menupublish-to-netlify.php:33

actionadmin_initpublish-to-netlify.php:34

actionadmin_initpublish-to-netlify.php:35

actionsave_postpublish-to-netlify.php:36

actionsave_pagepublish-to-netlify.php:37

actionacf_save_postpublish-to-netlify.php:38

Maintenance & Trust

Publish to Netlify Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17

Last updatedNov 29, 2020

PHP min version7.0

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

Publish to Netlify Alternatives

WPGraphQL Blocks

wpgraphql-blocks

Get gutenberg blocks as JSON through wp-graphql

400 No CVEs

Deploy Webhook Button

webhook-netlify-deploy

Easily deploy static sites using Wordpress and Netlify

100 No CVEs

WPGraphQL

wp-graphql

WPGraphQL adds a flexible and powerful GraphQL API to WordPress, enabling efficient querying and interaction with your site's data.

30K 6 CVEs

Headless Mode

headless-mode

Once you take the head off of WordPress, nobody needs to see it. This plugin hides the front end by redirecting to the shiny static (etc) site.

2K No CVEs

CoCart – Headless REST API for WooCommerce

cart-rest-api-for-woocommerce

100

A developer-first REST API to decouple WooCommerce on the frontend to help build modern and scalable storefronts. Fast, secure, customizable, easy.

1K 1 CVE

Developer Profile

Publish to Netlify Developer Profile

Rogério Moreira

1 plugin · 100 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Publish to Netlify

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

wrapwp-settings-wrap

Data Attributes

name="publish_to_netlify_fields"action="options.php"

Shortcode Output

<h1>Publish to Netlify</h1>

FAQ