Does Social Sharing Plugin – Social Warfare have any unpatched vulnerabilities?

No. All known vulnerabilities in Social Sharing Plugin – Social Warfare have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Social Sharing Plugin – Social Warfare compatible with WordPress 6.7.5?

According to WordPress.org data, Social Sharing Plugin – Social Warfare 4.5.6 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Social Sharing Plugin – Social Warfare compatible with PHP 5.6+?

Social Sharing Plugin – Social Warfare requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Social Sharing Plugin – Social Warfare updated?

Social Sharing Plugin – Social Warfare was last updated on Mar 18, 2025. Frequent updates are generally a positive security signal.

What is Social Sharing Plugin – Social Warfare's security score?

Social Sharing Plugin – Social Warfare has a WP-Safety security score of 84/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Social Sharing Plugin – Social Warfare Security & Risk Analysis

wordpress.org/plugins/social-warfare

The most beautiful, responsive, lightning fast social share buttons built to boost shares and drive more traffic without slowing down your site.

20K active installs v4.5.6 PHP 5.6+ WP 4.5.0+ Updated Mar 18, 2025

floating-share-buttonsshare-buttonssharing-buttonssocial-media-sharesocial-sharing-plugin

B · Generally Safe

CVEs total8

Unpatched0

Last CVEFeb 19, 2025

Plugin page Download

Safety Verdict

Is Social Sharing Plugin – Social Warfare Safe to Use in 2026?

Mostly Safe

Score 84/100

Social Sharing Plugin – Social Warfare is generally safe to use though it hasn't been updated recently. 8 past CVEs were resolved. Keep it updated.

8 known CVEsLast CVE: Feb 19, 2025Updated 1yr ago

Risk Assessment

The static analysis of Social Warfare v4.5.6 presents a deceptively clean picture, with zero identified attack surface points, dangerous functions, or taint flows. This suggests that in this specific version, common vulnerability classes like XSS and SQL injection might not be directly exploitable through standard entry points. The code also demonstrates good practices like 100% prepared SQL statements and proper output escaping. However, this static snapshot does not account for potential vulnerabilities in bundled libraries (though none are listed here) or complex logic flaws that might not be caught by basic static analysis. It's crucial to note that the lack of capability checks and nonce checks, while not flagged as an issue in the static analysis for this specific version's entry points, represents a significant potential risk if any new entry points were to be introduced or if these checks were implicitly relied upon by other components.

Key Concerns

Significant past vulnerability history
Past critical and high severity vulnerabilities
Past code injection vulnerabilities
Past cross-site scripting vulnerabilities
Past missing authorization vulnerabilities
Past cross-site request forgery vulnerabilities
Lack of capability checks
Lack of nonce checks

Vulnerabilities

Social Sharing Plugin – Social Warfare Security Vulnerabilities

CVEs by Year

1 CVE in 2019

2019

1 CVE in 2021

2021

3 CVEs in 2023

2023

2 CVEs in 2024

2024

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Critical

High

Medium

8 total CVEs

CVE-2025-26973medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Social Sharing Plugin – Social Warfare <= 4.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

Feb 19, 2025 Patched in 4.5.6 (31d)

CVE-2024-34825medium · 4.3Cross-Site Request Forgery (CSRF)

Social Sharing Plugin – Social Warfare <= 4.4.5.1 - Cross-Site Request Forgery

May 9, 2024 Patched in 4.4.6 (7d)

CVE-2024-1959medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Social Sharing Plugin – Social Warfare <= 4.4.6.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode

Apr 22, 2024 Patched in 4.4.6.2 (11d)

CVE-2023-4842medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Social Sharing Plugin - Social Warfare <= 4.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Nov 6, 2023 Patched in 4.4.4 (78d)

CVE-2023-0402medium · 5.4Missing Authorization

Social Warfare <= 4.3.0 - Missing Authorization

Jan 5, 2023 Patched in 4.3.1 (383d)

CVE-2023-0403medium · 5.4Cross-Site Request Forgery (CSRF)

Social Warfare <= 4.3.1 - Cross-Site Request Forgery

Jan 5, 2023 Patched in 4.4.0 (383d)

CVE-2021-4434critical · 10Improper Control of Generation of Code ('Code Injection')

Social Warfare <= 3.5.2 - Remote Code Execution

Apr 29, 2021 Patched in 3.5.3 (999d)

CVE-2019-9978high · 7.2Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Social Warfare <= 3.5.2 - Unauthenticated Arbitrary Settings Update

Mar 21, 2019 Patched in 3.5.3 (1769d)

Code Analysis

Analyzed Mar 16, 2026

Social Sharing Plugin – Social Warfare Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Social Sharing Plugin – Social Warfare Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

filterthe_excerptsocial-warfare.php:38

Maintenance & Trust

Social Sharing Plugin – Social Warfare Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedMar 18, 2025

PHP min version5.6

Downloads1.9M

Community Trust

Rating66/100

Number of ratings186

Active installs20K

Alternatives

Social Sharing Plugin – Social Warfare Alternatives

Plain Social Sharing Buttons

plain-social-sharing-buttons

100

Simple and lightweight social sharing buttons for your wordpress site

0 No CVEs

Simple Social Media Share Buttons – Social Sharing for Everyone

simple-social-buttons

This Social Share Plugin adds advanced social media sharing buttons to your WordPress sites, such as Facebook, WhatsApp, X, LinkedIn, & Pinterest.

20K 7 CVEs

Block Referer Spam

block-referer-spam

Blocks referer/referral spam from accessing your site and cleans up your Google Analytics in the process!

600 1 CVE

Super Share

super-share

Super Share wordpress social plugin by MasterBlogster shows the social sharing buttons in a popup box only when reader reaches the end of the article.

10 No CVEs

Ultimate Social Share Buttons

ultimate-social-share-buttons

100

Ultimate Social Share Buttons is a most useful Social Media Share Plugin for your blog page and single page. It is a unique social sharing plugin.

10 No CVEs

Developer Profile

Social Sharing Plugin – Social Warfare Developer Profile

WarfarePlugins

1 plugin · 20K total installs

trust score

Avg Security Score

84/100

Avg Patch Time

458 days

View full developer profile

Detection Fingerprints

How We Detect Social Sharing Plugin – Social Warfare

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/social-warfare/css/style.css/wp-content/plugins/social-warfare/css/admin-style.css/wp-content/plugins/social-warfare/js/social-warfare.min.js/wp-content/plugins/social-warfare/js/admin.min.js

Script Paths

/wp-content/plugins/social-warfare/js/social-warfare.min.js/wp-content/plugins/social-warfare/js/admin.min.js

Version Parameters

social-warfare/style.css?ver=social-warfare/admin-style.css?ver=social-warfare/social-warfare.min.js?ver=social-warfare/admin.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

social-warfare-buttonsswp_facebook_buttonswp_twitter_buttonswp_pinterest_buttonswp_linked_in_buttonswp_share_button

Data Attributes

data-pin-descriptiondata-pin-urldata-pin-mediadata-tweet-text

JS Globals

swptswpdSWP_SettingsSWP_Share_SourceSWP_Analytics

Shortcode Output

[social_warfare]

FAQ