Does Social Tracker have any unpatched vulnerabilities?

No. All known vulnerabilities in Social Tracker have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Social Tracker compatible with WordPress 3.7.41?

According to WordPress.org data, Social Tracker 1.2 has been tested up to WordPress 3.7.41. Check the plugin's changelog for the latest compatibility information.

How often is Social Tracker updated?

Social Tracker was last updated on Mar 4, 2014. Frequent updates are generally a positive security signal.

What is Social Tracker's security score?

Social Tracker has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Social Tracker Security & Risk Analysis

wordpress.org/plugins/social-tracker

Track your website's social and SEO ranking data daily and know your sites growth.

10 active installs v1.2 PHP + WP 2.8+ Updated Mar 4, 2014

dailyfacebookranksocialtrack

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Social Tracker Safe to Use in 2026?

Generally Safe

Score 85/100

Social Tracker has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The "social-tracker" v1.2 plugin exhibits a mixed security posture. On one hand, the static analysis reveals a complete absence of dangerous functions, SQL injection vulnerabilities through prepared statements, and external HTTP requests. The limited attack surface is a positive indicator, with no identified AJAX handlers, REST API routes, shortcodes, or cron events that are exposed without authentication or proper checks. The presence of a capability check is also a good practice.

However, a significant concern arises from the complete lack of output escaping. With 39 total outputs and 0% properly escaped, this presents a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. Any data rendered directly to the user interface without proper sanitization or escaping is susceptible to malicious injection. The absence of taint analysis results (0 flows analyzed) makes it difficult to fully assess the risk of data manipulation, but the output escaping issue alone is a critical weakness.

The plugin's vulnerability history is clean, with no known CVEs recorded. This, combined with the absence of specific vulnerability types and a recent history, suggests a generally well-maintained codebase historically. However, the lack of output escaping is a fundamental security flaw that outweighs the absence of past vulnerabilities. The plugin has strengths in its limited attack surface and secure SQL practices, but the critical lack of output escaping makes it a risky choice without immediate remediation.

Key Concerns

All outputs lack proper escaping
No taint flows analyzed
No nonce checks found

Vulnerabilities

None known

Social Tracker Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Social Tracker Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped39 total outputs

Attack Surface

Social Tracker Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actionadmin_menusocial-tracker.php:12

actionadmin_enqueue_scriptssocial-tracker.php:13

Maintenance & Trust

Social Tracker Maintenance & Trust

Maintenance Signals

WordPress version tested3.7.41

Last updatedMar 4, 2014

PHP min version

Downloads2K

Community Trust

Rating74/100

Number of ratings3

Active installs10

Alternatives

Social Tracker Alternatives

ViperProof

viper-proof

ViperProof allows you to show various aspects of social proof on your website, which will help you to get more blog subscribers.

10 No CVEs

Nextend Social Login and Register

nextend-facebook-connect

One click registration & login plugin for Facebook, Google, X (formerly Twitter) and more. Quick setup and easy configuration.

200K 6 CVEs

Open Graph and Twitter Card Tags

wonderm00ns-simple-facebook-open-graph-tags

Improve social media sharing by inserting Facebook Open Graph, Twitter Card, and SEO Meta Tags on your WordPress website pages, posts, WooCommerce pro …

60K 2 CVEs

Buttonizer – Social Media Share Buttons, Social Icons, & Social Feeds

facebook-pagelike-widget

Floating Social Media Icons, Sticky Share Buttons, Facebook Feeds, & Popup builder. Also, create Call, Email, SMS, & Contact buttons to increa …

50K 2 CVEs

Pixel Manager for WooCommerce – Conversion Tracking, Google Ads, GA4, TikTok, Dynamic Remarketing

woocommerce-google-adwords-conversion-tracking-tag

Conversion tracking for WooCommerce. Google Ads, GA4, Meta/Facebook Pixel, TikTok & more. Recover 30% more conversions with server-side tracking!

50K 4 CVEs

Developer Profile

Social Tracker Developer Profile

Bhagirath Dhanani

4 plugins · 390 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Social Tracker

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/social-tracker/css/main.css/wp-content/plugins/social-tracker/css/bootstrap.min.css/wp-content/plugins/social-tracker/js/main.js/wp-content/plugins/social-tracker/js/bootstrap.min.js

Script Paths

http://s7.addthis.com/js/250/addthis_widget.js

Version Parameters

social-tracker/css/main.css?ver=social-tracker/css/bootstrap.min.css?ver=social-tracker/js/main.js?ver=social-tracker/js/bootstrap.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

social_tracker

Data Attributes

addthis:urladdthis:titleaddthis:descriptiong:plusone:count

JS Globals

addthis_configaddthis_share

Shortcode Output

<iframe src="http://www.click2check.net/click2checklight?url=

FAQ