Does RPS Include Content have any unpatched vulnerabilities?

No. All known vulnerabilities in RPS Include Content have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is RPS Include Content compatible with WordPress 6.7.5?

According to WordPress.org data, RPS Include Content 1.2.2 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is RPS Include Content updated?

RPS Include Content was last updated on Mar 24, 2025. Frequent updates are generally a positive security signal.

What is RPS Include Content's security score?

RPS Include Content has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

RPS Include Content Security & Risk Analysis

wordpress.org/plugins/rps-include-content

Makes it easy to pull content from one post or page and place it on another using a simple shortcode, even in a multisite environment.

800 active installs v1.2.2 PHP + WP 5.0+ Updated Mar 24, 2025

copy-contentduplicate-contentincludeinclude-contentincludes

A · Safe

CVEs total1

Unpatched0

Last CVEMar 28, 2025

Plugin page Download

Safety Verdict

Is RPS Include Content Safe to Use in 2026?

Generally Safe

Score 91/100

RPS Include Content has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Mar 28, 2025Updated 1yr ago

Risk Assessment

The "rps-include-content" plugin version 1.2.2 demonstrates a generally good security posture based on the static analysis. The absence of AJAX handlers and REST API routes without proper authentication checks significantly limits the attack surface. The code also shows strong adherence to secure SQL practices by exclusively using prepared statements and a high percentage of output escaping, indicating an effort to prevent common web vulnerabilities. Furthermore, the presence of nonce and capability checks, along with no detected file operations or external HTTP requests, are positive security indicators. The taint analysis showing zero flows with unsanitized paths further supports this. However, the plugin does have a history of known vulnerabilities, including one classified as medium severity. While this specific vulnerability is currently unpatched, the fact that there are no *currently* unpatched CVEs is a positive sign for this specific version. The past presence of cross-site scripting vulnerabilities suggests that vigilance in output escaping and input sanitization, even with current good scores, is crucial for future development.

Key Concerns

Past medium severity CVE
History of XSS vulnerabilities

Vulnerabilities

RPS Include Content Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-31093medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

RPS Include Content <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Mar 28, 2025 Patched in 1.2.2 (6d)

Code Analysis

Analyzed Mar 16, 2026

RPS Include Content Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

29 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

91% escaped32 total outputs

Attack Surface

RPS Include Content Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[rps-include] rps-include-content.php:78

[rps-include-content] rps-include-content.php:79

WordPress Hooks 5

actioninitrps-include-content.php:67

actionwp_enqueue_scriptsrps-include-content.php:68

actionadmin_menurps-include-content.php:69

actionadmin_initrps-include-content.php:71

actionplugins_loadedrps-include-content.php:74

Maintenance & Trust

RPS Include Content Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedMar 24, 2025

PHP min version

Downloads24K

Community Trust

Rating98/100

Number of ratings18

Active installs800

Alternatives

RPS Include Content Alternatives

Include Content By Shortcode

include-content-by-shortcode

This plugin allows you to include content from a custom post type by using a shortcode. You can also add custom CSS and JS to the included content.

50 No CVEs

Post Head Includes

post-head-includes

100

Easily add scripts and stylesheets to the HEAD of your posts, keeping your HTML cleaner without inline scripts or styles.

10 No CVEs

Include Me

include-me

Include Me helps to include any external file (textual, HTML or PHP) in posts or pages.

4K 2 CVEs

Advance Canonical URL

advance-canonical-url

100

Advanced Canonical URL is a powerful WordPress plugin designed to enhance your website’s SEO by preventing duplicate content issues.

2K No CVEs

Copyscape Premium

copyscape-premium

The Copyscape Premium plugin lets you check if a WordPress post is unique before it's published, by searching for duplicate content on the web.

1K 2 CVEs

Developer Profile

RPS Include Content Developer Profile

redpixelstudios

3 plugins · 2K total installs

trust score

Avg Security Score

87/100

Avg Patch Time

6 days

View full developer profile

Detection Fingerprints

How We Detect RPS Include Content

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/rps-include-content/rps-include-content.css

Version Parameters

rps-include-content/rps-include-content.css?ver=

HTML / DOM Fingerprints

Data Attributes

data-rps-include-blogdata-rps-include-postdata-rps-include-pagedata-rps-include-titledata-rps-include-titletagdata-rps-include-titlelink+13 more

Shortcode Output

[rps-include[rps-include-content

FAQ