Does ST social feed have any unpatched vulnerabilities?

No. All known vulnerabilities in ST social feed have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ST social feed compatible with WordPress 4.9.29?

According to WordPress.org data, ST social feed 1.0.0 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is ST social feed updated?

ST social feed was last updated on Sep 22, 2018. Frequent updates are generally a positive security signal.

What is ST social feed's security score?

ST social feed has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ST social feed Security & Risk Analysis

wordpress.org/plugins/st-social-feed

ST social feed is very simple and low weight slide show plugin which helps WordPress/dashboard user to fetch social feed and Show on page by using sho …

0 active installs v1.0.0 PHP + WP 3.9+ Updated Sep 22, 2018

custom-social-feedpost-social-feedsocial-feed

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is ST social feed Safe to Use in 2026?

Generally Safe

Score 85/100

ST social feed has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The 'st-social-feed' plugin version 1.0.0 exhibits a mixed security posture. On the positive side, it has a very small attack surface, with only one shortcode and no AJAX handlers, REST API routes, or cron events. Crucially, all SQL queries observed utilize prepared statements, and there are no known CVEs associated with this plugin, suggesting a potentially stable and well-maintained codebase in terms of historical vulnerabilities. The absence of external HTTP requests and file operations further reduces the immediate threat landscape.

However, significant concerns arise from the lack of output escaping. With four total outputs and 0% properly escaped, this presents a clear risk of Cross-Site Scripting (XSS) vulnerabilities. Any data rendered to the user that originates from an untrusted source or is manipulated by an attacker could be executed as JavaScript in the user's browser. Additionally, the complete absence of nonce checks and capability checks, despite the presence of a shortcode, means that there are no built-in mechanisms to verify user permissions or prevent CSRF attacks on the shortcode's functionality. This combination of unescaped output and insufficient authentication/authorization checks creates a notable security gap.

Key Concerns

Unescaped output found
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

ST social feed Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

ST social feed Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped4 total outputs

Attack Surface

ST social feed Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[st_social_feed] short-code\st-social-feed-short-code.php:41

WordPress Hooks 3

actionadmin_menust-social-feed-post.php:33

actionadmin_initst-social-feed-post.php:71

actionwp_enqueue_scriptsst-social-feed.php:31

Maintenance & Trust

ST social feed Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedSep 22, 2018

PHP min version

Downloads940

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

ST social feed Alternatives

EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more

embedpress

EmbedPress lets you embed videos, pages, social feeds, embed PDF 3D flipbooks & other content on WordPress without coding & enhance storytelling.

100K 27 CVEs

WP Social Ninja – Embed Social Feeds, User Reviews & Chat Widgets

wp-social-reviews

Add Facebook feeds, Instagram feeds, TikTok feeds, Facebook reviews, WhatsApp Chat, Messenger chat, Testimonial, and others using a single dashboard.

30K 3 CVEs

Social Slider Feed

instagram-slider-widget

Display Instagram, Facebook and YouTube feeds in widgets, posts, pages, or anywhere else on your website.

20K 10 CVEs

SocialFeeds

socialfeeds

100

YouTube feeds for WordPress with simple Setup and Settings options.

4K No CVEs

RSS Feed Widget

rss-feed-widget

RSS Feed Widget with customizable slider. Feed title, description, image, censorship and a few other features which you can use.

2K 6 CVEs

Developer Profile

ST social feed Developer Profile

tsumitinfo

2 plugins · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ST social feed

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/st-social-feed/assets/css/style.min.css/wp-content/plugins/st-social-feed/assets/js/script.min.js

Script Paths

/wp-content/plugins/st-social-feed/assets/js/script.min.js

Version Parameters

st-social-feed/assets/css/style.min.css?ver=st-social-feed/assets/js/script.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

st-insta-feed-wrappst-insta-boxst-insta-img

Data Attributes

row

Shortcode Output

<div class="st-insta-feed-wrapp"<div class="st-insta-box"<div class="st-insta-img"><img src="

FAQ