EZ Related Posts Footer Links and Widget Security & Risk Analysis
wordpress.org/plugins/spostarbustDisplay a linked list of related Posts by Tags or Categories at the bottom of every post or on the sidebar. Options to show Post Date and Excerpts.
Is EZ Related Posts Footer Links and Widget Safe to Use in 2026?
Generally Safe
Score 99/100EZ Related Posts Footer Links and Widget has a strong security track record. Known vulnerabilities have been patched promptly.
The "spostarbust" v1.2.04.25 plugin exhibits a mixed security posture. On the positive side, the static analysis reveals no apparent attack surface through common entry points like AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, the plugin demonstrates good practices by utilizing prepared statements for all SQL queries and avoiding file operations or external HTTP requests. The presence of nonce checks is also encouraging.
However, there are notable areas of concern. A significant portion of output (47%) is not properly escaped, indicating a potential risk of Cross-Site Scripting (XSS) vulnerabilities if untrusted data is rendered directly. The absence of capability checks on any entry points, though the attack surface is currently zero, means that if entry points are added in the future, they may be unprotected by WordPress's role-based access control. The vulnerability history, while currently showing no unpatched vulnerabilities, does list one previous CVE related to Cross-Site Request Forgery (CSRF), suggesting a past tendency towards this type of flaw.
In conclusion, while the plugin has made strides in secure coding practices, the unescaped output represents a tangible risk that needs addressing. The history of CSRF vulnerabilities, even if resolved, warrants continued vigilance. Future development should prioritize implementing capability checks on any new entry points and ensuring all output is thoroughly escaped to mitigate potential XSS risks.
Key Concerns
- Significant unescaped output detected
- Vulnerability history includes past CSRF
- No capability checks on any entry points
EZ Related Posts Footer Links and Widget Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
ELI's Related Posts Footer Links and Widget <= 1.2.04.20 - Cross-Site Request Forgery to Stored Cross-Site Scripting
EZ Related Posts Footer Links and Widget Code Analysis
Output Escaping
EZ Related Posts Footer Links and Widget Attack Surface
WordPress Hooks 7
Maintenance & Trust
EZ Related Posts Footer Links and Widget Maintenance & Trust
Maintenance Signals
Community Trust
EZ Related Posts Footer Links and Widget Alternatives
VK All in One Expansion Unit
vk-all-in-one-expansion-unit
This plug-in is an integrated plug-in with a variety of features that make it powerful your web site.
List category posts
list-category-posts
Very customizable plugin to list posts by category (or tag, author and more) in a post, page or widget. Uses the [catlist] shortcode to select posts.
Essential Widgets
essential-widgets
Essential Widgets is a WordPress plugin for widgets that allows you to create and add amazing widgets with high customization option
Flexible Posts Widget
flexible-posts-widget
An advanced posts display widget with many options. Display posts in your sidebars any way you'd like!
SEO Auto Linker
wpa-seo-auto-linker
SEO Auto Linker assists in creating cornerstone SEO content. This is not a full replacement for SEO plugins.
EZ Related Posts Footer Links and Widget Developer Profile
9 plugins · 101K total installs
How We Detect EZ Related Posts Footer Links and Widget
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
HTML / DOM Fingerprints
rounded-cornersshadowed-boxsidebar-boxsidebar-linksshadowed-textsub-optioninsidepp_left+2 moreid="right-sidebar"class="shadowed-box stuffbox"id="pluginlinks"name="submit"alt="Make a Donation with PayPal"name="submitc"+10 moreSPOSTARBUST_plugin_dirSPOSTARBUST_plugin_home