Does React & Share – Customizable Reaction Buttons have any unpatched vulnerabilities?

No. All known vulnerabilities in React & Share – Customizable Reaction Buttons have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is React & Share – Customizable Reaction Buttons compatible with WordPress 6.1.10?

According to WordPress.org data, React & Share – Customizable Reaction Buttons 3.6.1 has been tested up to WordPress 6.1.10. Check the plugin's changelog for the latest compatibility information.

How often is React & Share – Customizable Reaction Buttons updated?

React & Share – Customizable Reaction Buttons was last updated on Jan 13, 2023. Frequent updates are generally a positive security signal.

What is React & Share – Customizable Reaction Buttons's security score?

React & Share – Customizable Reaction Buttons has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

React & Share – Customizable Reaction Buttons Security & Risk Analysis

wordpress.org/plugins/react-and-share

Get feedback and see what your readers think about your articles.

400 active installs v3.6.1 PHP + WP 4.5+ Updated Jan 13, 2023

reaction-buttonsreactionsshareshare-buttonssocial-media

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is React & Share – Customizable Reaction Buttons Safe to Use in 2026?

Generally Safe

Score 85/100

React & Share – Customizable Reaction Buttons has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The "react-and-share" plugin v3.6.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for SQL queries and having no recorded vulnerability history. This suggests a generally well-maintained codebase with a history of secure development. However, a significant concern arises from the substantial attack surface, with 6 out of 7 total entry points lacking authentication checks. This creates a considerable risk of unauthorized access and manipulation of plugin functionalities.

While the static analysis did not reveal any critical or high-severity taint flows, and dangerous functions are absent, the low percentage of properly escaped output (19%) is a notable weakness. This could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is not handled carefully before being displayed to other users. The presence of nonce checks and capability checks on only one entry point further exacerbates the risk associated with the unprotected entry points. The lack of a large number of CVEs is encouraging, but the current attack surface and output escaping issues present immediate potential vulnerabilities that need to be addressed.

Key Concerns

Multiple AJAX handlers without auth checks
Low percentage of properly escaped output
Limited nonce checks across entry points
Limited capability checks across entry points

Vulnerabilities

None known

React & Share – Customizable Reaction Buttons Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

React & Share – Customizable Reaction Buttons Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

7 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

19% escaped36 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<rns> (rns.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

6 unprotected

React & Share – Customizable Reaction Buttons Attack Surface

Entry Points7

Unprotected6

AJAX Handlers 6

authwp_ajax_rns_reactrns.php:45

noprivwp_ajax_rns_reactrns.php:46

authwp_ajax_rns_get_reactionsrns.php:47

noprivwp_ajax_rns_get_reactionsrns.php:48

authwp_ajax_rns_get_htmlrns.php:49

noprivwp_ajax_rns_get_htmlrns.php:50

Shortcodes 1

[rns_reactions] rns.php:56

WordPress Hooks 13

actionthe_contentrns.php:39

actionthe_excerptrns.php:40

actionadmin_menurns.php:41

actionadmin_initrns.php:42

actionadmin_initrns.php:43

actionwp_enqueue_scriptsrns.php:52

actionload-post.phprns.php:53

actionload-post-new.phprns.php:54

filterplugin_row_metarns.php:58

actionadmin_noticesrns.php:60

filterpre_update_option_rns_settingsrns.php:61

actionadd_meta_boxesrns.php:143

actionsave_postrns.php:144

Maintenance & Trust

React & Share – Customizable Reaction Buttons Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10

Last updatedJan 13, 2023

PHP min version

Downloads51K

Community Trust

Rating68/100

Number of ratings13

Active installs400

Alternatives

React & Share – Customizable Reaction Buttons Alternatives

AddToAny Share Buttons

add-to-any

Share buttons for WordPress including the AddToAny button, Facebook, Bluesky, Mastodon, WhatsApp, Pinterest, Reddit, many more, and follow icons too.

300K 3 CVEs

Social Sharing Plugin – Sassy Social Share

sassy-social-share

The Simplest and Optimized Social Share buttons. Facebook, X, Reddit, Pinterest, Whatsapp, Grok, ChatGPT, Gab, Gettr and over 100 more.

100K 11 CVEs

Social Icons Widget & Block – Social Media Icons & Share Buttons

social-icons-widget-by-wpzoom

Social media icons plugin for WordPress - Add 400+ social icons and share buttons. Gutenberg block, widget & Elementor support. GDPR compliant.

100K 3 CVEs

Buttonizer – Social Media Share Buttons, Social Icons, & Social Feeds

facebook-pagelike-widget

Floating Social Media Icons, Sticky Share Buttons, Facebook Feeds, & Popup builder. Also, create Call, Email, SMS, & Contact buttons to increa …

50K 2 CVEs

Simple Social Media Share Buttons – Social Sharing for Everyone

simple-social-buttons

This Social Share Plugin adds advanced social media sharing buttons to your WordPress sites, such as Facebook, WhatsApp, X, LinkedIn, & Pinterest.

20K 7 CVEs

Developer Profile

React & Share – Customizable Reaction Buttons Developer Profile

Dekko

1 plugin · 400 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect React & Share – Customizable Reaction Buttons

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/react-and-share/rns-public.css/wp-content/plugins/react-and-share/rns-public.js/wp-content/plugins/react-and-share/rns-admin.css/wp-content/plugins/react-and-share/rns-admin.js

Script Paths

/wp-content/plugins/react-and-share/rns-public.js

Version Parameters

react-and-share/rns-public.css?ver=react-and-share/rns-public.js?ver=

HTML / DOM Fingerprints

CSS Classes

rns-plugin-wrapperrns-like-btnrns-love-btnrns-happy-btnrns-surprised-btnrns-sad-btnrns-angry-btnrns-share-facebook+6 more

HTML Comments

Data Attributes

data-post-iddata-post-typedata-rns-nonce

JS Globals

rns_ajax_urlrns_noncerns_post_idrns_post_typeRNS

REST Endpoints

/wp-json/rns/v1/react/wp-json/rns/v1/get_reactions/wp-json/rns/v1/get_plugin_html

Shortcode Output

[rns_reactions]

FAQ