Does RSS llama have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is RSS llama compatible with WordPress 6.8.5?

According to WordPress.org data, RSS llama 2.0.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is RSS llama compatible with PHP 7.0+?

RSS llama requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is RSS llama updated?

RSS llama was last updated on Jul 31, 2025. Frequent updates are generally a positive security signal.

What is RSS llama's security score?

RSS llama has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

RSS llama Security & Risk Analysis

wordpress.org/plugins/rss-llama

Categorize your rss feeds into a useful page.

10 active installs v2.0.1 PHP 7.0+ WP 4.2.2+ Updated Jul 31, 2025

feedreaderrsssubscribe

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is RSS llama Safe to Use in 2026?

Generally Safe

Score 100/100

RSS llama has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago

Risk Assessment

The "rss-llama" v2.0.1 plugin exhibits a strong security posture based on the provided static analysis. The absence of known CVEs and a clean vulnerability history is a significant positive indicator, suggesting a commitment to security or a lack of past exploitation. The code analysis reveals excellent practices, including 100% prepared SQL statements, proper output escaping, and extensive use of nonce and capability checks, which are crucial for preventing common web vulnerabilities.

However, there are minor areas for improvement. The presence of two "flows with unsanitized paths" in the taint analysis, even without critical or high severity, warrants attention as it represents potential vectors for path traversal or file manipulation if not handled with extreme care. Furthermore, while the attack surface is small and all entry points appear to have authorization checks, the existence of four AJAX handlers means that any oversight in those checks could still lead to issues. Overall, the plugin is secure, but the taint analysis results suggest a single area that could be hardened further.

Key Concerns

Flows with unsanitized paths

Vulnerabilities

None known

RSS llama Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

RSS llama Release Timeline

v2.0.1Current

v2.0.0

v1.0.1

v1.0.0

v0.6.2

v0.6.1

v0.6

v0.5

v0.4

v0.3

v0.2

v0.1

Code Analysis

Analyzed Apr 16, 2026

RSS llama Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

355 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared4 total queries

Output Escaping

100% escaped356 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

5 flows2 with unsanitized paths

plugin_summary_callback (class-rssllama.php:1388)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

RSS llama Attack Surface

Entry Points5

Unprotected0

AJAX Handlers 4

noprivwp_ajax_plugin_summary_callbackclass-rssllama.php:648

authwp_ajax_plugin_summary_callbackclass-rssllama.php:651

noprivwp_ajax_plugin_category_callbackclass-rssllama.php:654

authwp_ajax_plugin_category_callbackclass-rssllama.php:657

Shortcodes 1

[rss-llama] class-rssllama.php:1712

WordPress Hooks 11

actiontext_domainclass-rssllama.php:642

actioninitclass-rssllama.php:645

actioninitclass-rssllama.php:663

actioninitclass-rssllama.php:665

actionwp_enqueue_scriptsclass-rssllama.php:668

filterwp_feed_cache_transient_lifetimeclass-rssllama.php:671

actionadmin_enqueue_scriptsclass-rssllama.php:675

filterpre_option_link_manager_enabledclass-rssllama.php:683

actionadmin_menuclass-rssllama.php:686

actionadmin_initclass-rssllama.php:690

actionplugins_loadedclass-rssllama.php:1746

Maintenance & Trust

RSS llama Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJul 31, 2025

PHP min version7.0

Downloads7K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

RSS llama Alternatives

Subscribe Button by AddToAny

add-to-any-subscribe

Help visitors subscribe to your blog using email or any feed reader, such as Feedly, The Old Reader, Yahoo!, AOL, and many more feed services.

1K No CVEs

Simple Statistics for Feeds

simple-feed-stats

Tracks your feeds and displays your feed count via shortcode.

900 1 CVE

Readers From RSS 2 Blog Lite

readers-from-rss-2-blog

Increase Your SALES And BLOG Audience By Turning Your BLOG RSS FEED Into A Powerful MARKETING Machine

100 No CVEs

Subscribe Here Widget

subscribe-here-widget

Subscribe Here displays a visible plugin widget in the sidebar with Subscribe by Rss & Subscribe by Email(through Feedburner) options.

100 No CVEs

Subscribe Widget

subscribe-plugin

Sidebar widget to easy customize and display your subscribers buttons. All settings are available from Sidebar Widget Admin.

100 No CVEs

Developer Profile

RSS llama Developer Profile

oooorgle

2 plugins · 1K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

163 days

View full developer profile

Detection Fingerprints

How We Detect RSS llama

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/rss-llama/includes/css/rss-llama-admin.css/wp-content/plugins/rss-llama/includes/js/rss-llama-wafer.js/wp-content/plugins/rss-llama/includes/js/rss-llama-rewrite-rules.js/wp-content/plugins/rss-llama/includes/js/rss-llama-functions.js

Script Paths

/wp-content/plugins/rss-llama/includes/js/rss-llama-wafer.js/wp-content/plugins/rss-llama/includes/js/rss-llama-rewrite-rules.js/wp-content/plugins/rss-llama/includes/js/rss-llama-functions.js

Version Parameters

rss-llama/includes/css/rss-llama-admin.css?ver=rss-llama/includes/js/rss-llama-wafer.js?ver=rss-llama/includes/js/rss-llama-rewrite-rules.js?ver=rss-llama/includes/js/rss-llama-functions.js?ver=

HTML / DOM Fingerprints

CSS Classes

rss-llama-admin

Data Attributes

rss_llama_noncerss_llama_export_noncerss_llama_ajaxurlrss_llama_sidebarposrss_llama_random_enabledrss_llama_scrolltop+2 more

JS Globals

rss_llama_AJAXrss_llama_body

FAQ

RSS llama Security & Risk Analysis

Is RSS llama Safe to Use in 2026?

Generally Safe

Key Concerns

RSS llama Security Vulnerabilities

RSS llama Release Timeline

RSS llama Code Analysis

SQL Query Safety

Output Escaping

Data Flow Analysis

RSS llama Attack Surface

AJAX Handlers 4

Shortcodes 1

RSS llama Maintenance & Trust

Maintenance Signals

Community Trust

RSS llama Alternatives

Subscribe Button by AddToAny

Simple Statistics for Feeds

Readers From RSS 2 Blog Lite

Subscribe Here Widget

Subscribe Widget

RSS llama Developer Profile

How We Detect RSS llama

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about RSS llama