Does Query Posts have any unpatched vulnerabilities?

Yes — Query Posts currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Query Posts compatible with WordPress 3.0.5?

According to WordPress.org data, Query Posts 0.3.2 has been tested up to WordPress 3.0.5. Check the plugin's changelog for the latest compatibility information.

How often is Query Posts updated?

Query Posts was last updated on Nov 28, 2017. Frequent updates are generally a positive security signal.

What is Query Posts's security score?

Query Posts has a WP-Safety security score of 63/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Query Posts Security & Risk Analysis

wordpress.org/plugins/query-posts

A WordPress widget that gives you unlimited control over showing posts and pages.

900 active installs v0.3.2 PHP + WP 3.0+ Updated Nov 28, 2017

pagepagespostssidebarwidget

C · Use Caution

CVEs total1

Unpatched1

Last CVESep 28, 2025

Plugin page Download

Safety Verdict

Is Query Posts Safe to Use in 2026?

Use With Caution

Score 63/100

Query Posts has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Sep 28, 2025Updated 8yr ago

Risk Assessment

The "query-posts" v0.3.2 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for SQL queries and having a relatively contained attack surface with no unprotected entry points. There are no identified dangerous functions, file operations, or external HTTP requests, which are positive indicators of secure coding.

However, a significant concern is the vulnerability history. The presence of one known medium-severity CVE, classified as Cross-Site Scripting, and crucially, an unpatched vulnerability is a major red flag. The static analysis also reveals a notable weakness in output escaping, with 41% of outputs not being properly escaped. This, combined with the historical XSS vulnerability, strongly suggests a risk of persistent or reflected XSS attacks if user-supplied data is not handled with extreme care in the unescaped outputs.

While the plugin avoids common pitfalls like raw SQL and unprotected AJAX/REST API endpoints, the combination of an unpatched XSS vulnerability and a high percentage of unescaped output presents a considerable risk. The lack of nonce checks and capability checks on the entry points (though none are explicitly unprotected) could also be an area for future improvement to enhance robustness against certain attack vectors.

Key Concerns

Unpatched CVE (Medium severity)
Significant portion of outputs not properly escaped
No nonce checks on entry points
No capability checks on entry points

Vulnerabilities

Query Posts Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-62905medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Query Posts <= 0.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Sep 28, 2025Unpatched

Code Analysis

Analyzed Mar 16, 2026

Query Posts Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

36 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

59% escaped61 total outputs

Attack Surface

Query Posts Attack Surface

Entry Points5

Unprotected0

Shortcodes 5

[entry-author] query-posts-plugin.php:76

[entry-terms] query-posts-plugin.php:79

[entry-comments-link] query-posts-plugin.php:82

[entry-published] query-posts-plugin.php:85

[entry-edit-link] query-posts-plugin.php:88

WordPress Hooks 3

actionplugins_loadedquery-posts-plugin.php:31

actionwidgets_initquery-posts-plugin.php:48

actioninitquery-posts-plugin.php:51

Maintenance & Trust

Query Posts Maintenance & Trust

Maintenance Signals

WordPress version tested3.0.5

Last updatedNov 28, 2017

PHP min version

Downloads79K

Community Trust

Rating74/100

Number of ratings3

Active installs900

Alternatives

Query Posts Alternatives

Per Page Sidebars

per-page-sidebars

The Per Page Sidebars (PPS) plugin allows blog administrators to create a unique sidebar for each Page. No template editing is required.

1K No CVEs

Per Page Widgets

per-page-widgets

Control widget areas on a per-page / per-post basis.

300 No CVEs

Post To Sidebar

post-to-sidebar

A WordPress plugin/widget that gives you the ability to put content (posts and custom post types) in your sidebar.

30 No CVEs

Express Posts

express-posts

Express posts provides a widget to display either a subset of posts, the children of a page or its siblings.

10 No CVEs

Galaxius Custom Sidebars

galaxius-custom-sidebars

100

Allows quick creation of unique sidebars for posts, pages and categories.

10 No CVEs

Developer Profile

Query Posts Developer Profile

Justin Tadlock

33 plugins · 34K total installs

trust score

Avg Security Score

87/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Query Posts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/query-posts/css/widget-query-posts.css/wp-content/plugins/query-posts/js/widget-query-posts.js

Script Paths

/wp-content/plugins/query-posts/js/widget-query-posts.js

Version Parameters

query-posts/css/widget-query-posts.css?ver=query-posts/js/widget-query-posts.js?ver=

HTML / DOM Fingerprints

CSS Classes

query-posts-widget-title

Data Attributes

data-post-iddata-widget-id

Shortcode Output

<span class="edit"><a class="post-edit-link" href="comments-link<span class="">

FAQ