Related Items Security & Risk Analysis
wordpress.org/plugins/related-itemsRelated Items plugin lets you relate a page, post or custom post type to other pages, posts and custom post types.
Is Related Items Safe to Use in 2026?
Generally Safe
Score 85/100Related Items has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "related-items" plugin v1.1.3 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices regarding SQL query sanitization, exclusively using prepared statements. It also has no recorded vulnerability history, indicating a generally stable codebase or a lack of past exploitation.
However, significant concerns arise from the static analysis. The most critical is that 100% of the 19 output operations are not properly escaped. This presents a high risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied or dynamically generated content could be rendered directly in the browser without sanitization, allowing attackers to inject malicious scripts. Furthermore, while the taint analysis did not identify critical or high severity flows, it did reveal three flows with unsanitized paths, suggesting potential for unintended data handling or further exploitation pathways.
While the lack of unauthenticated entry points and known CVEs is reassuring, the pervasive lack of output escaping is a major weakness. This plugin's security is significantly undermined by its failure to properly sanitize output, making it vulnerable to XSS attacks. Users should exercise caution and ideally ensure proper sanitization is implemented before deploying this plugin in a production environment.
Key Concerns
- 100% of outputs are unescaped
- 3 unsanitized paths in taint analysis
- No capability checks on entry points
- No nonce checks on entry points
Related Items Security Vulnerabilities
Related Items Code Analysis
Output Escaping
Data Flow Analysis
Related Items Attack Surface
Shortcodes 1
WordPress Hooks 9
Maintenance & Trust
Related Items Maintenance & Trust
Maintenance Signals
Community Trust
Related Items Alternatives
WP Related Posts and Products (WRI)
wp-related-items
WP Related Items plugin offers different types of similar contents for your users. For example, some related products can be displayed to your posts.
Inline Related Posts
intelly-related-posts
Inline Related Posts AUTOMATICALLY inserts related posts INSIDE your content, capturing immediately the reader's attention.
VK All in One Expansion Unit
vk-all-in-one-expansion-unit
This plug-in is an integrated plug-in with a variety of features that make it powerful your web site.
YARPP – Yet Another Related Posts Plugin
yet-another-related-posts-plugin
The best WordPress plugin for displaying related posts. Simple and flexible, with a powerful proven algorithm and inbuilt caching.
Contextual Related Posts
contextual-related-posts
Keep visitors on your site longer with intelligent, fast-loading, contextually related posts. Block, shortcode, custom post type and widget ready.
Related Items Developer Profile
19 plugins · 2K total installs
How We Detect Related Items
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/related-items/styles.css/wp-content/plugins/related-items/scripts.js/wp-content/plugins/related-items/scripts.jsrelated-items/styles.css?ver=related-items/scripts.js?ver=HTML / DOM Fingerprints
related-items-boxnew_relationship_formadd new relationship meta boxid="related-items-category-filter-select"name="related-items-category-filter-select"id="related-items-select"name="related-items-select"id="add_relationship"id="related-items-box"var wpurl<div id="related-items"><p>Select items to add a relationship, drag and drop related items to change the order.</p><div class='new_relationship_form'>Item Type: <select id="related-items-category-filter-select" name="related-items-category-filter-select">