Does Shortcode to flag have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Shortcode to flag compatible with WordPress 4.1.42?

According to WordPress.org data, Shortcode to flag 1.0 has been tested up to WordPress 4.1.42. Check the plugin's changelog for the latest compatibility information.

How often is Shortcode to flag updated?

Shortcode to flag was last updated on Jan 9, 2015. Frequent updates are generally a positive security signal.

What is Shortcode to flag's security score?

Shortcode to flag has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Shortcode to flag Security & Risk Analysis

wordpress.org/plugins/shortcode-to-flag

Shortcode to flag is an easy plugin, that will allow you to insert flags with shortcodes.

30 active installs v1.0 PHP + WP 4.1+ Updated Jan 9, 2015

countryflagflagsshortcodeshortcodes

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Shortcode to flag Safe to Use in 2026?

Generally Safe

Score 85/100

Shortcode to flag has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

Based on the provided static analysis and vulnerability history, the 'shortcode-to-flag' v1.0 plugin exhibits an exceptionally strong security posture. The static analysis reveals no apparent attack surface, no dangerous function usage, and all SQL queries are prepared. Crucially, all output is properly escaped, and there are no file operations or external HTTP requests, further minimizing potential risks. The taint analysis also shows zero flows, indicating no vulnerabilities related to unsanitized data handling. The plugin's vulnerability history is clean, with no recorded CVEs, which suggests a history of secure development practices and diligent maintenance.

While the lack of any identified vulnerabilities or attack vectors is a significant strength, the complete absence of checks like nonces or capability checks on potential entry points (though none exist in this version) could be a concern if functionality were to be added in future versions without these security measures. However, as the plugin currently stands with zero entry points, this is a theoretical risk rather than a present one. The current assessment points to a highly secure plugin with no immediate threats.

Vulnerabilities

None known

Shortcode to flag Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Shortcode to flag Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

Shortcode to flag Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Shortcode to flag Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actionwp_enqueue_scriptsshortcode-to-flag.php:33

Maintenance & Trust

Shortcode to flag Maintenance & Trust

Maintenance Signals

WordPress version tested4.1.42

Last updatedJan 9, 2015

PHP min version

Downloads2K

Community Trust

Rating56/100

Number of ratings4

Active installs30

Alternatives

Shortcode to flag Alternatives

International Telephone Input for Contact Form 7

international-telephone-input-for-contact-form-7

Addon for Contact Form 7 that creates a new type of input for entering and validating international telephone numbers. It adds a flag dropdown, detect …

8K No CVEs

Phone Validator with Flags for WooCommerce

phone-validator-with-flags-for-woocommerce

100

Adds a country flag and phone validation to the checkout phone field.

700 No CVEs

azurecurve Flags

azurecurve-flags

Allows a 16x16 flag to be displayed in a post or page using a shortcode.

300 No CVEs

Softech Country Phone Validator

softech-country-phone-validator

100

Add phone input with country flags, dial codes, and validation to WordPress forms and WooCommerce checkout (classic + blocks).

100 No CVEs

Country Flags

country-flags

Insert country flags via a shortcode. Example: [flag country="fr"] inserts corresponding image size.

90 No CVEs

Developer Profile

Shortcode to flag Developer Profile

David Jetelina

1 plugin · 30 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Shortcode to flag

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/shortcode-to-flag/flagstyle.css

HTML / DOM Fingerprints

CSS Classes

stf-flag

Shortcode Output

<img class="stf-flag" src="/wp-content/plugins/shortcode-to-flag/flags/img/

FAQ