Show Post Content Anywhere Security & Risk Analysis

wordpress.org/plugins/show-post-content-anywhere

Show post content is a light-wieght plugin with impressive functionality. It enables user to show content of a post on any page, post, even in widgets …

10 active installs v1.0 PHP 5.0+ WP 3.0+ Updated Jul 10, 2018
meta-fieldpostpost-content
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is Show Post Content Anywhere Safe to Use in 2026?

Generally Safe

Score 85/100

Show Post Content Anywhere has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago
Risk Assessment

The 'show-post-content-anywhere' v1.0 plugin exhibits a generally good security posture based on the provided static analysis. There are no detected dangerous functions, SQL queries utilize prepared statements, and all identified outputs are properly escaped. The absence of file operations, external HTTP requests, and any recorded vulnerabilities in its history further contribute to this positive assessment. The limited attack surface, consisting solely of shortcodes, is also a positive indicator. However, the complete lack of nonce checks and capability checks on all entry points is a significant concern. While there are no AJAX handlers or REST API routes that are explicitly listed as unprotected, shortcodes can still be invoked by any user, including unauthenticated ones, and without proper authorization checks, they could potentially be abused. The taint analysis showing zero flows with unsanitized paths is reassuring, but the absence of checks on entry points could still lead to vulnerabilities if input is not handled carefully within the shortcode's execution.

Key Concerns

  • Missing nonce checks on all entry points
  • Missing capability checks on all entry points
Vulnerabilities
None known

Show Post Content Anywhere Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Show Post Content Anywhere Release Timeline

No version history available.
Code Analysis
Analyzed Apr 16, 2026

Show Post Content Anywhere Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
1 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped1 total outputs
Attack Surface

Show Post Content Anywhere Attack Surface

Entry Points3
Unprotected0

Shortcodes 3

[show_post_content] show-post-content-anywhere.php:20
[SPCA] show-post-content-anywhere.php:21
[spca] show-post-content-anywhere.php:22
Maintenance & Trust

Show Post Content Anywhere Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29
Last updatedJul 10, 2018
PHP min version5.0
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Developer Profile

Show Post Content Anywhere Developer Profile

Mohammad Nur Hossain

2 plugins · 20 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Show Post Content Anywhere

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output
[show_post_content][SPCA][spca]
FAQ

Frequently Asked Questions about Show Post Content Anywhere