WP-Safety

Social Icons Security & Risk Analysis

wordpress.org/plugins/social-icons

Social Icons provides you with an easy way to display various popular social icons via widgets and shortcode

10K active installs v1.7.4 PHP + WP 4.7+ Updated Feb 8, 2021
brandsiconsmediasocialwidget
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Social Icons Safe to Use in 2026?

Generally Safe

Score 85/100

Social Icons has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The "social-icons" plugin v1.7.4 exhibits a generally positive security posture, with no known historical vulnerabilities or critical issues identified in the static and taint analysis. The plugin demonstrates good security practices by implementing capability checks and a nonce check, indicating an awareness of common WordPress security requirements. The absence of file operations and external HTTP requests further reduces the potential attack surface. However, a significant concern arises from the presence of three SQL queries that are not using prepared statements, alongside only 79% of output being properly escaped. While the attack surface appears minimal with no exposed AJAX handlers, REST API routes, or shortcodes, these unescaped outputs and raw SQL queries represent potential avenues for cross-site scripting (XSS) and SQL injection vulnerabilities, especially if the input used in these queries or outputs is not meticulously sanitized within the application logic.

Key Concerns

  • SQL queries not using prepared statements
  • Output escaping not fully implemented
Vulnerabilities
None known

Social Icons Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Social Icons Code Analysis

Dangerous Functions
0
Raw SQL Queries
3
0 prepared
Unescaped Output
49
181 escaped
Nonce Checks
1
Capability Checks
5
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

0% prepared3 total queries

Output Escaping

79% escaped230 total outputs
Attack Surface

Social Icons Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 38
actionsave_postincludes\abstracts\abstract-si-widget.php:62
actiondeleted_postincludes\abstracts\abstract-si-widget.php:63
actionswitch_themeincludes\abstracts\abstract-si-widget.php:64
actionadmin_enqueue_scriptsincludes\admin\class-si-admin-assets.php:27
actionadmin_enqueue_scriptsincludes\admin\class-si-admin-assets.php:28
actionsiteorigin_panel_enqueue_admin_scriptsincludes\admin\class-si-admin-assets.php:29
actionadd_meta_boxesincludes\admin\class-si-admin-meta-boxes.php:41
actionadd_meta_boxesincludes\admin\class-si-admin-meta-boxes.php:42
actionsave_postincludes\admin\class-si-admin-meta-boxes.php:43
actionsocial_icons_process_social_icon_metaincludes\admin\class-si-admin-meta-boxes.php:46
actionadmin_noticesincludes\admin\class-si-admin-meta-boxes.php:49
actionshutdownincludes\admin\class-si-admin-meta-boxes.php:50
filterpost_updated_messagesincludes\admin\class-si-admin-post-types.php:27
filterbulk_post_updated_messagesincludes\admin\class-si-admin-post-types.php:28
filtermanage_social_icon_posts_columnsincludes\admin\class-si-admin-post-types.php:31
actionmanage_social_icon_posts_custom_columnincludes\admin\class-si-admin-post-types.php:32
filtermanage_edit-social_icon_sortable_columnsincludes\admin\class-si-admin-post-types.php:33
filterlist_table_primary_columnincludes\admin\class-si-admin-post-types.php:35
filterpost_row_actionsincludes\admin\class-si-admin-post-types.php:36
filterenter_title_hereincludes\admin\class-si-admin-post-types.php:39
actionedit_form_after_titleincludes\admin\class-si-admin-post-types.php:40
filterview_mode_post_typesincludes\admin\class-si-admin-post-types.php:46
actioninitincludes\admin\class-si-admin.php:25
actionadmin_footerincludes\admin\class-si-admin.php:26
filteradmin_footer_textincludes\admin\class-si-admin.php:27
actionwp_enqueue_scriptsincludes\class-si-frontend-scripts.php:31
filterplugin_row_metaincludes\class-si-install.php:26
actioninitincludes\class-si-post-types.php:27
actioninitincludes\class-si-post-types.php:28
filterrest_api_allowed_post_typesincludes\class-si-post-types.php:29
actionwidgets_initincludes\functions-si-widget.php:28
actionwp_enqueue_scriptsincludes\widgets\class-si-widget-social-icons.php:105
actionadmin_print_footer_scriptsincludes\widgets\class-si-widget-social-icons.php:106
actionsocial_icons_widget_field_social_iconsincludes\widgets\class-si-widget-social-icons.php:107
actionsocial_icons_widget_settings_sanitize_optionincludes\widgets\class-si-widget-social-icons.php:108
actioninitsocial-icons.php:87
actioninitsocial-icons.php:88
filterkses_allowed_protocolssocial-icons.php:89
Maintenance & Trust

Social Icons Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17
Last updatedFeb 8, 2021
PHP min version
Downloads339K

Community Trust

Rating90/100
Number of ratings15
Active installs10K
Alternatives

Social Icons Alternatives

Social Icons Widget & Block – Social Media Icons & Share Buttons

Social Icons Widget & Block – Social Media Icons & Share Buttons

social-icons-widget-by-wpzoom

A
96

Social media icons plugin for WordPress - Add 400+ social icons and share buttons. Gutenberg block, widget & Elementor support. GDPR compliant.

100K 3 CVEs
Social Media Share Buttons & Social Sharing Icons

Social Media Share Buttons & Social Sharing Icons

ultimate-social-media-icons

A
96

Share buttons and pop up share icons for social media sharing

100K 11 CVEs
Lightweight Social Icons

Lightweight Social Icons

lightweight-social-icons

A
85

Looking to add simple social icons to your widget areas? Choose the size and color of your icons, and then choose from 47 different social profiles.

30K No CVEs
Fuse Social Floating Sidebar

Fuse Social Floating Sidebar

fuse-social-floating-sidebar

A
99

This plugin allows you to add social media floating sidebar icons connected with your social media profiles.

10K 2 CVEs
Social Media Icon Widget

Social Media Icon Widget

new-social-media-widget

A
100

Add social media icon links to your sidebar with customizable styles, colors, hover effects, and animations.

4K No CVEs
Developer Profile

Social Icons Developer Profile

ThemeGrill

31 plugins · 252K total installs

77
trust score
Avg Security Score
97/100
Avg Patch Time
184 days
View full developer profile
Detection Fingerprints

How We Detect Social Icons

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/social-icons/assets/css/admin.css/wp-content/plugins/social-icons/assets/css/widgets.css/wp-content/plugins/social-icons/assets/js/admin/admin.js/wp-content/plugins/social-icons/assets/js/admin/admin.min.js
Script Paths
/wp-content/plugins/social-icons/assets/js/admin/admin.js/wp-content/plugins/social-icons/assets/js/admin/admin.min.js
Version Parameters
/assets/css/admin.css?ver=/assets/css/widgets.css?ver=/assets/js/admin/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
si-social-icon-wrapsocial-iconsocial-icon-titlesocial-icon-wrapper
Data Attributes
data-icon-container
JS Globals
SI
FAQ

Frequently Asked Questions about Social Icons