WP-Safety

feed-modify-on-your-choice Security & Risk Analysis

wordpress.org/plugins/rss-feed-modify-on-your-choice

This plugin modifies RSS feeds and ATOM feeds as you want.

10 active installs v1.0 PHP + WP 2.5+ Updated Nov 26, 2013
atomcustome-rss-feedfeedrssrss2
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is feed-modify-on-your-choice Safe to Use in 2026?

Generally Safe

Score 85/100

feed-modify-on-your-choice has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago
Risk Assessment

The "rss-feed-modify-on-your-choice" v1.0 plugin exhibits a generally strong security posture based on the provided static analysis. It has no apparent entry points like AJAX handlers, REST API routes, or shortcodes, which significantly reduces its attack surface. Furthermore, the absence of dangerous functions, file operations, and external HTTP requests are positive indicators. The code also demonstrates good practices by exclusively using prepared statements for SQL queries, indicating a safeguard against SQL injection vulnerabilities.

However, the static analysis reveals a significant concern regarding output escaping, with only 28% of outputs being properly escaped. This suggests a potential risk of cross-site scripting (XSS) vulnerabilities if user-supplied data is rendered directly into the output without adequate sanitization. The lack of capability checks and nonce checks is also a notable weakness, as these are fundamental security mechanisms in WordPress for controlling access and preventing CSRF attacks. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive sign, but it doesn't negate the risks identified in the code itself.

In conclusion, while the plugin benefits from a limited attack surface and secure database interactions, the poor output escaping and missing authorization/security checks are critical areas of concern. These weaknesses, if exploited, could lead to XSS or unauthorized actions, despite the absence of known historical vulnerabilities.

Key Concerns

  • Low percentage of properly escaped output
  • Missing capability checks
  • Missing nonce checks
Vulnerabilities
None known

feed-modify-on-your-choice Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

feed-modify-on-your-choice Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
53
21 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

28% escaped74 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
self_link (feedfile\feed.php:489)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

feed-modify-on-your-choice Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 4
actiondo_feed_rdffeed-modify-on-your-choice.php:31
actiondo_feed_rssfeed-modify-on-your-choice.php:32
actiondo_feed_rss2feed-modify-on-your-choice.php:33
actiondo_feed_atomfeed-modify-on-your-choice.php:34
Maintenance & Trust

feed-modify-on-your-choice Maintenance & Trust

Maintenance Signals

WordPress version tested3.7.41
Last updatedNov 26, 2013
PHP min version
Downloads3K

Community Trust

Rating80/100
Number of ratings1
Active installs10
Alternatives

feed-modify-on-your-choice Alternatives

Feed Template Customize

Feed Template Customize

feed-template-customize

A
85

This plugin modifies RSS feeds and ATOM feeds as you want.

300 No CVEs
FeedDisabler Plugin

FeedDisabler Plugin

feed-disabler

A
85

Disables all feeds (rdf, rss, rss2, atom).

40 No CVEs
Feedme

Feedme

feedme

A
85

Feedme is a simple and powerful tool that will surely enhance any WordPress install. As feed readers become more advanced and are capable of handling …

10 No CVEs
RSSupplement

RSSupplement

rssupplement

A
85

Adds WP functions, copyright, and more to your RSS feed items.

10 No CVEs
Disable Feeds

Disable Feeds

disable-feeds

A
85

Disables all RSS/Atom/RDF feeds on your WordPress site.

30K No CVEs
Developer Profile

feed-modify-on-your-choice Developer Profile

Kishor Kumar

3 plugins · 20 total installs

87
trust score
Avg Security Score
90/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect feed-modify-on-your-choice

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/rss-feed-modify-on-your-choice/feedfile/

HTML / DOM Fingerprints

HTML Comments
/** * Atom Feed Template for displaying Atom Posts feed. * * @package WordPress *//** * WordPress Feed API * * Many of the functions used in here belong in The Loop, or The Loop for the * Feeds. * * @package WordPress * @subpackage Feed *//** * RSS container for the bloginfo function. * * You can retrieve anything that you can using the get_bloginfo() function. * Everything will be stripped of tags and characters converted, when the values * are retrieved for use in the feeds. * * @package WordPress * @subpackage Feed * @since 1.5.1 * @uses apply_filters() Calls 'get_bloginfo_rss' hook with two parameters. * @see get_bloginfo() For the list of possible values to display. * * @param string $show See get_bloginfo() for possible values. * @return string *//** * Display RSS container for the bloginfo function. * * You can retrieve anything that you can using the get_bloginfo() function. * Everything will be stripped of tags and characters converted, when the values * are retrieved for use in the feeds. * * @package WordPress * @subpackage Feed * @since 0.71 * @uses apply_filters() Calls 'bloginfo_rss' hook with two parameters. * @see get_bloginfo() For the list of possible values to display. * * @param string $show See get_bloginfo() for possible values. */+2 more
FAQ

Frequently Asked Questions about feed-modify-on-your-choice