WP-Safety

Random Post Box Security & Risk Analysis

wordpress.org/plugins/random-post-box

The Random Post Box plugin places a box anywhere on the blog, where it loads random posts one-after-the-other.

20 active installs v1.0.3 PHP + WP 2.9+ Updated Jul 28, 2010
ajaxjquerypostrandomshortcode
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Random Post Box Safe to Use in 2026?

Generally Safe

Score 85/100

Random Post Box has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 15yr ago
Risk Assessment

The "random-post-box" plugin version 1.0.3 presents a generally positive security posture with several good practices evident. The absence of known CVEs and a clean vulnerability history indicates a lack of historical security flaws. The code analysis shows no dangerous functions, external HTTP requests, or file operations, which are all positive signs. Furthermore, the plugin implements nonce checks and capability checks for its entry points, and all SQL queries are properly prepared, mitigating common attack vectors.

Key Concerns

  • Only 15% of outputs are properly escaped
Vulnerabilities
None known

Random Post Box Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Random Post Box Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
1 prepared
Unescaped Output
23
4 escaped
Nonce Checks
2
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared1 total queries

Output Escaping

15% escaped27 total outputs
Attack Surface

Random Post Box Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[random-post-box] random-post-box.php:57
WordPress Hooks 4
filterposts_whererandom-post-box-load.php:25
actioninitrandom-post-box.php:51
actionadmin_menurandom-post-box.php:53
actionwp_headrandom-post-box.php:55
Maintenance & Trust

Random Post Box Maintenance & Trust

Maintenance Signals

WordPress version tested3.0.5
Last updatedJul 28, 2010
PHP min version
Downloads6K

Community Trust

Rating0/100
Number of ratings0
Active installs20
Alternatives

Random Post Box Alternatives

Nav Menu Item Duplicator

Nav Menu Item Duplicator

nav-menu-item-duplicate

A
85

A simple plugin that adds a duplicate button to each items on edit menu screen.

600 No CVEs
sCode (Easy Shortcodes)

sCode (Easy Shortcodes)

scode-by-mojwp

A
85

Easy way to creat and manage shortcode from Admin panel site.

500 No CVEs
Random Post Shortcode

Random Post Shortcode

random-post-shortcode

A
85

Random Post Shortcode and Widget

100 No CVEs
Random Post with ajax

Random Post with ajax

random-post-ajax

A
85

Combining beauty and efficiency to display random posts

30 No CVEs
Mhshohel Faq

Mhshohel Faq

mhshohel-faq

A
85

faq in accordian, with custom post, and shortcode.

20 No CVEs
Developer Profile

Random Post Box Developer Profile

Xoda

1 plugin · 20 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Random Post Box

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/random-post-box/style.css/wp-content/plugins/random-post-box/random_post_box.js
Script Paths
/wp-content/plugins/random-post-box/random_post_box.js
Version Parameters
random-post-box/style.css?ver=random-post-box/random_post_box.js?ver=

HTML / DOM Fingerprints

CSS Classes
rpb-admin-selectrandom-post-box-outerrandom-post-box-inner
Data Attributes
data-rpb-delay-outdata-rpb-delay-indata-rpb-delay-intervaldata-rpb-title-onlydata-rpb-excerptdata-rpb-strip-tags+3 more
JS Globals
randomPostBox
Shortcode Output
[random-post-box]
FAQ

Frequently Asked Questions about Random Post Box