Does RP News Ticker have any unpatched vulnerabilities?

No. All known vulnerabilities in RP News Ticker have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is RP News Ticker compatible with WordPress 3.2.1?

According to WordPress.org data, RP News Ticker 0.7 has been tested up to WordPress 3.2.1. Check the plugin's changelog for the latest compatibility information.

How often is RP News Ticker updated?

RP News Ticker was last updated on Oct 10, 2011. Frequent updates are generally a positive security signal.

What is RP News Ticker's security score?

RP News Ticker has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

RP News Ticker Security & Risk Analysis

wordpress.org/plugins/rp-news-ticker

A versatile horizontal news ticker using liScroll.js

10 active installs v0.7 PHP + WP 2.6+ Updated Oct 10, 2011

horizontaljquerynewstickerwidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is RP News Ticker Safe to Use in 2026?

Generally Safe

Score 85/100

RP News Ticker has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 14yr ago

Risk Assessment

The "rp-news-ticker" plugin version 0.7 exhibits a generally good security posture due to the absence of known vulnerabilities and a small attack surface with all identified entry points appearing to have authentication checks. The code analysis reveals adherence to some security best practices, such as using prepared statements for all SQL queries and incorporating nonce and capability checks. However, a significant concern arises from the presence of the `unserialize` function without explicit sanitization, which is a known avenue for remote code execution vulnerabilities if user-controlled data is passed to it. Furthermore, the low percentage of properly escaped output (7%) suggests a substantial risk of cross-site scripting (XSS) vulnerabilities, as user-supplied data displayed in the frontend might not be sufficiently filtered.

Key Concerns

Use of unserialize function
Low percentage of properly escaped output

Vulnerabilities

None known

RP News Ticker Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

RP News Ticker Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$plugins = unserialize($r['body']['plugins']);rp-news-ticker-loader.php:107

Output Escaping

7% escaped46 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

save_settings_admin (rp-news-ticker-admin.php:201)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

RP News Ticker Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[rp-news-ticker] rp-news-ticker-front.php:54

WordPress Hooks 7

actionadmin_menurp-news-ticker-admin.php:53

actionadmin_post_save_rp_news_ticker_settingsrp-news-ticker-admin.php:54

actionadmin_post_reset_rp_news_ticker_settingsrp-news-ticker-admin.php:55

actionwp_headrp-news-ticker-front.php:53

filterwidget_textrp-news-ticker-front.php:55

actioninitrp-news-ticker-loader.php:61

filterhttp_request_argsrp-news-ticker-loader.php:66

Maintenance & Trust

RP News Ticker Maintenance & Trust

Maintenance Signals

WordPress version tested3.2.1

Last updatedOct 10, 2011

PHP min version

Downloads12K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

RP News Ticker Alternatives

Simple News Ticker

simple-news-ticker

Creates a Widget to display a News Ticker of posts or whatever custom post type you have. Includes 'Next', 'Prev' buttons.

10 No CVEs

WP News and Scrolling Widgets

sp-news-and-widget

100

A quick, easy way to add an News custom post type, News widget, vertical scrolling news widget to WordPress. Also work with Gutenberg shortcode block.

10K No CVEs

PJ News Ticker

pj-news-ticker

100

PJ News Ticker is a small plugin that shows your most recent posts in a marquee style.

3K 1 CVE

Simple Posts Ticker – Easy, Lightweight & Flexible

simple-posts-ticker

The Simple Posts Ticker plugin is a small tool that shows your most recent posts in a marquee style.

2K 2 CVEs

Post Ticker Ultimate

ticker-ultimate

100

Add and display horizontal or vertical post ticker on website that work with WordPress posts with the help of shortcode or Gutenberg block.

1K No CVEs

Developer Profile

RP News Ticker Developer Profile

Alec

3 plugins · 20 total installs

trust score

Avg Security Score

90/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect RP News Ticker

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/rp-news-ticker/js/rp-news-ticker.js/wp-content/plugins/rp-news-ticker/css/rp-news-ticker.css/wp-content/plugins/rp-news-ticker/js/jquery.liScroll.js

Script Paths

/wp-content/plugins/rp-news-ticker/js/rp-news-ticker.js/wp-content/plugins/rp-news-ticker/js/jquery.liScroll.js

Version Parameters

rp-news-ticker.js?ver=rp-news-ticker.css?ver=

HTML / DOM Fingerprints

CSS Classes

rp-news-tickerrp-news-ticker-loading

Data Attributes

data-rpnt-directiondata-rpnt-speeddata-rpnt-pausedata-rpnt-delaydata-rpnt-heightdata-rpnt-margin+1 more

JS Globals

rpNewsTickerjQuery

Shortcode Output

[rp-news-ticker]

FAQ