WP-Safety

Recent Archive More Widget Security & Risk Analysis

wordpress.org/plugins/recent-archive-more-widget

'Recent Archive More Widget' displays posts, not listed on page content area on the widget area of the sidebar of category archive page.

10 active installs v1.1 PHP + WP 3.5+ Updated Nov 8, 2014
archive-pagecategory-archivecategory-archive-sidebarposts-on-sidebarwordpress-widget
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Recent Archive More Widget Safe to Use in 2026?

Generally Safe

Score 85/100

Recent Archive More Widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago
Risk Assessment

The "recent-archive-more-widget" v1.1 plugin exhibits a strong security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits its attack surface. Furthermore, the plugin demonstrates good coding practices by exclusively using prepared statements for SQL queries and avoiding dangerous functions, file operations, and external HTTP requests. The lack of recorded vulnerabilities in its history also suggests a history of secure development and maintenance.

However, a notable concern is the low percentage of properly escaped output (20%). This indicates a potential for cross-site scripting (XSS) vulnerabilities, where untrusted data might be rendered directly in the browser without proper sanitization. While the taint analysis found no specific issues, the lack of comprehensive output escaping remains a significant weakness that could be exploited if any user-supplied data finds its way into an output context.

In conclusion, the plugin is generally well-secured with a limited attack surface and good SQL handling. The primary area for improvement and a source of moderate risk is the insufficient output escaping, which warrants careful attention to prevent potential XSS vulnerabilities. The clean vulnerability history is a positive indicator but does not negate the identified code-level risk.

Key Concerns

  • Insufficient output escaping
Vulnerabilities
None known

Recent Archive More Widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Recent Archive More Widget Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
12
3 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

20% escaped15 total outputs
Attack Surface

Recent Archive More Widget Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 7
actionwp_headrecent-archive.php:23
actionwp_enqueue_scriptsrecent-archive.php:42
filterthe_excerptrecent-archive.php:47
actionsave_postrecent-archive.php:81
actiondeleted_postrecent-archive.php:82
actionswitch_themerecent-archive.php:83
actionwidgets_initrecent-archive.php:224
Maintenance & Trust

Recent Archive More Widget Maintenance & Trust

Maintenance Signals

WordPress version tested4.0.38
Last updatedNov 8, 2014
PHP min version
Downloads2K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

Recent Archive More Widget Alternatives

Smart Archive Page Remove

Smart Archive Page Remove

smart-archive-page-remove

A
92

Completely remove unwanted Archive Pages from your Blog

7K No CVEs
Archive Control

Archive Control

archive-control

A
85

Quickly customize your custom post type and taxonomy archives with a custom headline, image, and editable content. Modify order and pagination.

1K No CVEs
Hide Archive Label

Hide Archive Label

hide-archive-label

A
100

Hide Archive Label is a free WordPress plugin to hide or remove archive page title prefixes such as “Category:”, “Tags:”, “Author:”, and more.

900 No CVEs
Archive Page

Archive Page

archive-page

A
99

Make archive page easily with full customize and in all languages of the world.

600 1 CVE
Post Type Archive Pages

Post Type Archive Pages

post-type-archive-pages

A
85

Place the archive pages for your post types in the structure of your content pages. The power of pages and post types combined!

300 No CVEs
Developer Profile

Recent Archive More Widget Developer Profile

De paragon

3 plugins · 20 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Recent Archive More Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/recent-archive-more-widget/css/tp_style.css

HTML / DOM Fingerprints

CSS Classes
recent_archivearchive-thumbnailarchive-post-titlerecent-archive-sidebar
HTML Comments
<!-- {someone posted this on a forum: i decided to make this plugin, got it ready 17hrs later } The message from the original seeker "[I am in the process of finding a plugin that could achieve as the following: - Show the posts in in widget area like normal plugin that could show recent posts and has filters the same. - Filter to show only posts in specific category if it's on that category archive - If the archive show for example 5 posts that widget must not show those posts but show others. It's hard to explain myself.]" -->/*===---===-0--===--=-----=======---999---=============================== +Another way to acheive what i have below: + get_option('posts_per_page'); and set it as offset for the query = below...hahaha... didn't like that idea at first.. = it goes like this = 'offset' => (int)get_option('posts_per_page'), = then it came like this:: Thought about the loophole(no p intended) = what if the page is using a custom query.. = Don't mind me. i'm hypersensitive. = = =-=--0r0r0r0r0000r0r00r90f0f09foflfkrkfkfkrjfkekdjdkd==================== */
Data Attributes
id="recent_archive_post"class="recent-archive-sidebar"
JS Globals
g_post_id
FAQ

Frequently Asked Questions about Recent Archive More Widget