Smart Recent Post Security & Risk Analysis
wordpress.org/plugins/smart-recent-postSmart recent posts shows the recent posts from your wordpress blog
Is Smart Recent Post Safe to Use in 2026?
Generally Safe
Score 85/100Smart Recent Post has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'smart-recent-post' v2.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates strong practices by exclusively using prepared statements for SQL queries and having no recorded vulnerabilities or CVEs. This suggests a generally well-maintained codebase regarding known security flaws.
However, significant concerns arise from the static analysis. The presence of the `create_function` dangerous function is a notable risk, as it can lead to code injection vulnerabilities if used with unsanitized input. Furthermore, a substantial portion (67%) of output escaping is missing, indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities, especially if any user-supplied data is displayed without proper sanitization. The absence of nonce and capability checks on any potential (though not explicitly identified as entry points in this analysis) interaction points is also a concern, as it leaves the plugin open to CSRF attacks and unauthorized actions.
While the plugin has no known vulnerabilities, the identified code signals of `create_function` and insufficient output escaping present immediate and exploitable risks. The lack of identified attack surface through AJAX, REST API, shortcodes, or cron events is a strength, but the underlying code quality issues remain. Users should be aware of the potential for XSS and code injection despite the clean vulnerability history.
Key Concerns
- Dangerous function detected (create_function)
- Low percentage of properly escaped output
- Missing nonce checks
- Missing capability checks
Smart Recent Post Security Vulnerabilities
Smart Recent Post Code Analysis
Dangerous Functions Found
Output Escaping
Smart Recent Post Attack Surface
WordPress Hooks 2
Maintenance & Trust
Smart Recent Post Maintenance & Trust
Maintenance Signals
Community Trust
Smart Recent Post Alternatives
Recent Posts Widget With Thumbnails
recent-posts-widget-with-thumbnails
List the most recent posts with post titles, thumbnails, excerpts, authors, categories, dates and more!
Smart Recent Posts Widget
smart-recent-posts-widget
Provides advanced recent posts widget,you can display it with thumbnails, excerpt, date, author, comment count and more.
PE Recent Posts
pe-recent-posts
The simple plugin that allows you to display image slides with title, description and read more linked to posts from selected category.
Recent Post Widget Thumbnail
recent-post-widget-thumbnail
Gives adaptable and highly organized recent posts. Show it through widget with thumbnails, post excerpt, post date.
Latest Posts With Thumbnails and Ads
latest-posts-with-thumbnails-and-ads
Just like the default Recent Posts widget except that posts are with thumbnails and you can show ads between them, show post date and comments count.
Smart Recent Post Developer Profile
2 plugins · 60 total installs
How We Detect Smart Recent Post
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/smart-recent-post/style.css/wp-content/plugins/smart-recent-post/js/jquery.bxslider.min.js/wp-content/plugins/smart-recent-post/js/widget-script.js/wp-content/plugins/smart-recent-post/js/jquery.bxslider.min.js/wp-content/plugins/smart-recent-post/js/widget-script.jssmart-recent-post/style.css?ver=smart-recent-post/js/jquery.bxslider.min.js?ver=smart-recent-post/js/widget-script.js?ver=HTML / DOM Fingerprints
smart_postdata-slider-autodata-slider-speeddata-slider-pausedata-slider-moveSlidesdata-slider-slideMargindata-slider-infiniteLoop+17 moresmart_recent_post_slider_options