Snap Tales – User, Post, Product and Admin Stories, Integrated with BuddyPress and PeepSo Security & Risk Analysis

Snap Tales - Instagram Style Stories, Integrated with BuddyPress, BuddyBoss, PeepSo. You can also set up Post and Product stories by manually.

20 active installs v1.1.3 PHP 8.1+ WP 5.0+ Updated May 22, 2025

instagramsnap-talesstoriesstyleusers

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Snap Tales – User, Post, Product and Admin Stories, Integrated with BuddyPress and PeepSo Safe to Use in 2026?

Generally Safe

Score 100/100

Snap Tales – User, Post, Product and Admin Stories, Integrated with BuddyPress and PeepSo has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago

Risk Assessment

The "snap-tales" plugin version 1.1.3 exhibits a generally good security posture based on the provided static analysis. The absence of known CVEs and the implementation of prepared statements for a majority of SQL queries are positive indicators. Furthermore, the plugin demonstrates a commitment to output escaping, with over 80% of outputs being properly handled, and includes nonce and capability checks, which are essential for robust security.

However, there are a few areas that warrant attention. The taint analysis reveals two flows with unsanitized paths, which, despite not being classified as critical or high severity in this instance, represent potential avenues for injection vulnerabilities if not carefully managed. The presence of file operations and external HTTP requests also increases the attack surface, though the analysis doesn't explicitly flag them as insecure. The inclusion of TinyMCE, while common, can also introduce its own set of security considerations if not properly managed or if the bundled version is outdated.

In conclusion, "snap-tales" v1.1.3 appears to be a relatively secure plugin due to its adherence to common security best practices like prepared statements and output escaping, and its clean vulnerability history. The primary concerns stem from the taint analysis results indicating unsanitized paths, which should be thoroughly investigated and remediated. Overall, the strengths outweigh the weaknesses, but proactive monitoring and addressing the identified taint flows are recommended.

Key Concerns

Flows with unsanitized paths
Untested output escaping (16% unescaped)
File operations present
External HTTP requests present
Bundled library (TinyMCE)

Vulnerabilities

None known

Snap Tales – User, Post, Product and Admin Stories, Integrated with BuddyPress and PeepSo Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Snap Tales – User, Post, Product and Admin Stories, Integrated with BuddyPress and PeepSo Code Analysis

Dangerous Functions

Raw SQL Queries

12 prepared

Unescaped Output

261 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

TinyMCE

SQL Query Safety

80% prepared15 total queries

Output Escaping

84% escaped309 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths

saveCategoryImage (app\Integrations\CategoryImage.php:64)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Snap Tales – User, Post, Product and Admin Stories, Integrated with BuddyPress and PeepSo Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[snap-tales] app\Shortcode\Manager.php:61

WordPress Hooks 44

actionedited_categoryapp\Integrations\CategoryImage.php:22

actioncreate_categoryapp\Integrations\CategoryImage.php:23

actioncategory_add_form_fieldsapp\Integrations\CategoryImage.php:24

actioncategory_edit_form_fieldsapp\Integrations\CategoryImage.php:25

actionmanage_edit-category_columnsapp\Integrations\CategoryImage.php:27

actionmanage_category_custom_columnapp\Integrations\CategoryImage.php:29

actionpost_updatedapp\Integrations\MetaBoxes.php:21

actionadd_meta_boxesapp\Integrations\MetaBoxes.php:23

actionenqueue_block_editor_assetsapp\Integrations\Register.php:24

actionelementor/widgets/widgets_registeredapp\Integrations\Register.php:41

actionadmin_headapp\Integrations\Register.php:48

filtermce_external_pluginsapp\Integrations\Register.php:49

filtermce_buttonsapp\Integrations\Register.php:54

actionplugins_loadedapp\Loader.php:25

actioninitapp\Loader.php:57

actioninitapp\PluginHero\BaseAPI.php:35

actionrest_api_initapp\PluginHero\BaseAPI.php:43

filterrest_pre_dispatchapp\PluginHero\BaseAPI.php:71

actioninitapp\PluginHero\Helpers\Feedback.php:69

actionrest_api_initapp\PluginHero\Helpers\Feedback.php:75

actionadmin_enqueue_scriptsapp\PluginHero\Helpers\Feedback.php:114

actionadmin_footerapp\PluginHero\Helpers\Feedback.php:129

actionrest_api_initapp\PluginHero\Helpers\Feedback.php:155

actionadmin_initapp\PluginHero\Helpers\Redirect.php:36

actiontemplate_redirectapp\PluginHero\Helpers\Redirect.php:48

filtertheme_page_templatesapp\PluginHero\Helpers\Template.php:85

filtertemplate_includeapp\PluginHero\Helpers\Template.php:90

actionadmin_noticesapp\PluginHero\Helpers\Template.php:272

actionadmin_noticesapp\PluginHero\Helpers.php:80

actionadmin_noticesapp\PluginHero\Helpers.php:97

actionadmin_noticesapp\PluginHero\Helpers.php:105

actionadmin_noticesapp\PluginHero\Helpers.php:113

actionadmin_noticesapp\PluginHero\Helpers.php:121

actionadmin_noticesapp\PluginHero\Helpers.php:129

actionadmin_noticesapp\PluginHero\Helpers.php:140

actionadmin_menuapp\PluginHero\Page.php:40

actionadmin_headapp\PluginHero\Page.php:78

actionadmin_enqueue_scriptsapp\PluginHero\Plugin.php:68

actionwp_enqueue_scriptsapp\PluginHero\Plugin.php:77

actioninitapp\PluginHero\Plugin.php:96

actioninitapp\PluginHero\Plugin.php:144

actionadmin_footerapp\PluginHero\templates\plugins.php:33

actioninitapp\Shortcode\Manager.php:41

actionwp_footerapp\Shortcode\Manager.php:42

Maintenance & Trust

Snap Tales – User, Post, Product and Admin Stories, Integrated with BuddyPress and PeepSo Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMay 22, 2025

PHP min version8.1

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs20

Alternatives

Snap Tales – User, Post, Product and Admin Stories, Integrated with BuddyPress and PeepSo Alternatives

WP Story

wp-story

Create your own custom Instagram style stories. Show them on any part of your site by adding custom links, text and images.

1K No CVEs

My Story

my-story

100

Create your own custom Instagram style stories. ✌

400 No CVEs

EmbedStories – Display social media stories

embedstories

EmbedStories allows you to easily embed Instagram Stories on your website

300 1 CVE

BW WP Stories

bw-product-stories

100

Instagram-like product stories for WordPress/WooCommerce with shortcodes and a clean slider UI.

30 No CVEs

Smash Balloon Social Photo Feed – Easy Social Feeds Plugin

instagram-feed

Formerly "Instagram Feed". Display clean, customizable, and responsive Instagram feeds from multiple accounts. Supports Instagram oEmbeds.

1.0M 4 CVEs

Developer Profile

Snap Tales – User, Post, Product and Admin Stories, Integrated with BuddyPress and PeepSo Developer Profile

BeycanPress LLC

16 plugins · 260 total installs

trust score

Avg Security Score

99/100

Avg Patch Time

85 days

View full developer profile

Detection Fingerprints

How We Detect Snap Tales – User, Post, Product and Admin Stories, Integrated with BuddyPress and PeepSo

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/snap-tales/assets/css/snap-tales.css/wp-content/plugins/snap-tales/assets/js/snap-tales.js

Script Paths

/wp-content/plugins/snap-tales/assets/js/snap-tales.js

Version Parameters

snap-tales/assets/css/snap-tales.css?ver=snap-tales/assets/js/snap-tales.js?ver=

HTML / DOM Fingerprints

FAQ