Does Reactions have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Reactions compatible with WordPress 4.5.33?

According to WordPress.org data, Reactions 0.1-20160329 has been tested up to WordPress 4.5.33. Check the plugin's changelog for the latest compatibility information.

How often is Reactions updated?

Reactions was last updated on Mar 29, 2016. Frequent updates are generally a positive security signal.

What is Reactions's security score?

Reactions has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Reactions Security & Risk Analysis

wordpress.org/plugins/react

💩 reactions.

10 active installs v0.1-20160329 PHP + WP 4.4+ Updated Mar 29, 2016

commentsemojireactions

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Reactions Safe to Use in 2026?

Generally Safe

Score 85/100

Reactions has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The "react" v0.1-20160329 plugin exhibits a strong security posture based on the static analysis provided. It demonstrates excellent adherence to secure coding practices with no detected dangerous functions, all SQL queries utilizing prepared statements, and all output being properly escaped. The absence of external HTTP requests and a lack of direct file manipulation further enhance its security. The very low attack surface, with zero entry points identified across AJAX handlers, REST API routes, shortcodes, and cron events, suggests a minimal exposure to common web vulnerabilities.

Key Concerns

Missing nonce checks on AJAX
Missing capability checks
File operations without explicit auth checks

Vulnerabilities

None known

Reactions Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Reactions Release Timeline

No version history available.

Code Analysis

Analyzed Mar 17, 2026

Reactions Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Reactions Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actioninitreact.php:22

actionplugins_loadedreact.php:25

Maintenance & Trust

Reactions Maintenance & Trust

Maintenance Signals

WordPress version tested4.5.33

Last updatedMar 29, 2016

PHP min version

Downloads18K

Community Trust

Rating78/100

Number of ratings8

Active installs10

Alternatives

Reactions Alternatives

Vuukle Comments, Reactions, Share Bar, Revenue

free-comments-for-wordpress-vuukle

Vuukle website is an audience engagement platform which amplifies basic user comments and other attention data (shares, likes) into experiences showin …

300 1 CVE

Comments Reactions

comments-reactions

Improve your comment system with funny emoji reactions.

10 No CVEs

Emojis for Posts and Pages

emojis-for-posts-and-pages

100

Add colorful emoji reactions to your WordPress posts and pages, similar to Facebook reactions.

10 No CVEs

Native Emoji

native-emoji

Insert emojis in your posts, pages, custom post types, and comments

5K No CVEs

No Nonsense

no-nonsense

100

The fastest, cleanest way to get rid of the parts of WordPress you don't need.

1K No CVEs

Developer Profile

Reactions Developer Profile

Gary Pendergast

4 plugins · 31K total installs

trust score

Avg Security Score

89/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Reactions

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/react/lib/class-wp-rest-react-controller.php/wp-content/plugins/react/lib/class-react.php

HTML / DOM Fingerprints

REST Endpoints

/wp-json/react/v1

FAQ