Does Random Posts Widget Configurable have any unpatched vulnerabilities?

No. All known vulnerabilities in Random Posts Widget Configurable have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Random Posts Widget Configurable compatible with WordPress 3.5.2?

According to WordPress.org data, Random Posts Widget Configurable 1.19 has been tested up to WordPress 3.5.2. Check the plugin's changelog for the latest compatibility information.

How often is Random Posts Widget Configurable updated?

Random Posts Widget Configurable was last updated on May 17, 2013. Frequent updates are generally a positive security signal.

What is Random Posts Widget Configurable's security score?

Random Posts Widget Configurable has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Random Posts Widget Configurable Security & Risk Analysis

wordpress.org/plugins/random-posts-widget-configurable

Random Posts Widget provides you with a widget that displays random posts. You can set the number of random posts to be displayed.

10 active installs v1.19 PHP + WP 3.1+ Updated May 17, 2013

postsrandomrandom-postswidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Random Posts Widget Configurable Safe to Use in 2026?

Generally Safe

Score 85/100

Random Posts Widget Configurable has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The plugin 'random-posts-widget-configurable' version 1.19 exhibits a strong security posture based on the provided static analysis. There are no identified AJAX handlers, REST API routes, shortcodes, or cron events, significantly limiting the plugin's attack surface. Furthermore, the code signals show no dangerous functions, no file operations, no external HTTP requests, and critically, all SQL queries utilize prepared statements. The absence of known vulnerabilities in its history reinforces this positive assessment.

Key Concerns

Low percentage of properly escaped output
No nonce checks implemented
No capability checks implemented

Vulnerabilities

None known

Random Posts Widget Configurable Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Random Posts Widget Configurable Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

35% escaped17 total outputs

Attack Surface

Random Posts Widget Configurable Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actionwidgets_initrandom-posts-widget-configurable.php:85

Maintenance & Trust

Random Posts Widget Configurable Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2

Last updatedMay 17, 2013

PHP min version

Downloads6K

Community Trust

Rating58/100

Number of ratings7

Active installs10

Alternatives

Random Posts Widget Configurable Alternatives

Advanced Random Posts Widget

advanced-random-posts-widget

Provides flexible and advanced random posts. Display it via shortcode or widget with thumbnails, post excerpt, and much more!

10K No CVEs

Smart Recent Posts Widget

smart-recent-posts-widget

Provides advanced recent posts widget,you can display it with thumbnails, excerpt, date, author, comment count and more.

9K 1 unpatched