Does Short URL Generator have any unpatched vulnerabilities?

No. All known vulnerabilities in Short URL Generator have been patched as of the latest data update. Always keep the plugin updated to the latest version.

How often is Short URL Generator updated?

Short URL Generator was last updated on Jul 19, 2009. Frequent updates are generally a positive security signal.

What is Short URL Generator's security score?

Short URL Generator has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Short URL Generator Security & Risk Analysis

wordpress.org/plugins/shortcode-shorturl

This plugin automatically generates a Short URL for your article. You can choose your favorite provider and get multiple options.

10 active installs v1.1.1 PHP + WP 2.5+ Updated Jul 19, 2009

short-urlshortcodetwitterurl-shortener

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Short URL Generator Safe to Use in 2026?

Generally Safe

Score 85/100

Short URL Generator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 16yr ago

Risk Assessment

The 'shortcode-shorturl' plugin version 1.1.1 exhibits a mixed security posture. On the positive side, it has no known vulnerabilities (CVEs) and avoids common risky practices like raw SQL queries, external HTTP requests, and bundled libraries. However, significant concerns arise from the static analysis. A notable weakness is the complete lack of output escaping for all six identified output points. This means any data rendered by the plugin could potentially be vulnerable to cross-site scripting (XSS) attacks, especially if user-supplied data is involved. Additionally, while the plugin has a small attack surface with only one shortcode and no direct AJAX or REST API endpoints, the lack of capability checks or nonce verification on this shortcode entry point is a concern. The taint analysis, though limited in scope, reveals two flows with unsanitized paths, indicating potential issues with how data is handled, though no critical or high severity vulnerabilities were identified in these flows.

Key Concerns

0% output escaping
No capability checks on entry points
Taint analysis shows unsanitized paths

Vulnerabilities

None known

Short URL Generator Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Short URL Generator Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped6 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

jhm_shorturl_settings (shorturl.php:129)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Short URL Generator Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[shorturl] shorturl.php:276

WordPress Hooks 2

actionadmin_menushorturl.php:277

actionthe_contentshorturl.php:278

Maintenance & Trust

Short URL Generator Maintenance & Trust

Maintenance Signals

WordPress version tested

Last updatedJul 19, 2009

PHP min version

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Short URL Generator Alternatives

Bitly URL Shortener

codehaveli-bitly-url-shortener

Bitly URL Shortener uses the functionality of Bitly API to generate Bitly short link without leaving your WordPress site.

600 1 CVE

Twitter's Bootstrap Shortcodes Ultimate Add-on

twitters-bootstrap-shortcodes-ultimate

Add short codes for Twitter's Bootstrap 3 CSS and components to your site add-on for Shortcodes Ultimate.

300 No CVEs

URL Shortener

url-shortener

This plugin allows you to generate shortlinks for post/pages using URL Shorteners (e.g. Bit.ly, Su.pr, YOURLS, Goo.gl and many others).

100 No CVEs

Twitter API Master – Twitter Widgets For WordPress

teg-twitter-api

Post to twitter, twitter feeds, twitter trends shortcode and widget wordpres plugin.

50 No CVEs

Twitter Hash Tag Shortcode

twitter-hash-tag-shortcode

Displaying the most recent twitter status updates for a particular hash tag in your posts/pages using shortcode.

20 No CVEs

Developer Profile

Short URL Generator Developer Profile

jhm

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Short URL Generator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Data Attributes

shortfulllinktxt

Shortcode Output

[shorturl][shorturl txt=1][shorturl link=1][shorturl full=1]

FAQ