Does Stealth Publish have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Stealth Publish compatible with WordPress 4.5.33?

According to WordPress.org data, Stealth Publish 2.6 has been tested up to WordPress 4.5.33. Check the plugin's changelog for the latest compatibility information.

How often is Stealth Publish updated?

Stealth Publish was last updated on Apr 13, 2016. Frequent updates are generally a positive security signal.

What is Stealth Publish's security score?

Stealth Publish has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Stealth Publish Security & Risk Analysis

wordpress.org/plugins/stealth-publish

Prevent specified posts from being featured on the front page or in feeds, and from notifying external services of publication.

900 active installs v2.6 PHP + WP 3.6+ Updated Apr 13, 2016

archivefeaturefeedhomepost

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Stealth Publish Safe to Use in 2026?

Generally Safe

Score 85/100

Stealth Publish has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The 'stealth-publish' v2.6 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface. Furthermore, the code analysis shows no dangerous functions, no file operations, and no external HTTP requests, which are positive indicators of secure coding practices. The use of prepared statements for all SQL queries is a significant strength, mitigating risks of SQL injection. The vulnerability history is also clear, with zero known CVEs, indicating a lack of previously identified security flaws. However, the relatively low percentage of properly escaped output (57%) presents a concern, suggesting potential for cross-site scripting (XSS) vulnerabilities if user-supplied data is not adequately sanitized before being displayed. The complete absence of nonce checks and capability checks across all entry points (though there are none) is a notable weakness, meaning if entry points were to be introduced in future versions, they would be inherently insecure.

Key Concerns

Low output escaping percentage
No nonce checks on potential entry points
No capability checks on potential entry points

Vulnerabilities

None known

Stealth Publish Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Stealth Publish Release Timeline

v2.6Current

v2.5.1

v2.5

v2.4

v2.3

v2.2.1

v2.2

v2.1

v2.0.2

v2.0.1

v2.0

v1.0

Code Analysis

Analyzed Mar 16, 2026

Stealth Publish Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

57% escaped7 total outputs

Attack Surface

Stealth Publish Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 9

actioninitstealth-publish.php:96

filterposts_wherestealth-publish.php:132

actionpost_submitbox_misc_actionsstealth-publish.php:134

filterwp_insert_post_datastealth-publish.php:135

actionpublish_poststealth-publish.php:136

actionquick_edit_custom_boxstealth-publish.php:138

actionadmin_enqueue_scriptsstealth-publish.php:139

filterpost_date_column_timestealth-publish.php:140

filterposts_wherestealth-publish.php:236

Maintenance & Trust

Stealth Publish Maintenance & Trust

Maintenance Signals

WordPress version tested4.5.33

Last updatedApr 13, 2016

PHP min version

Downloads30K

Community Trust

Rating100/100

Number of ratings11

Active installs900

Alternatives

Stealth Publish Alternatives

Add Featured Image to RSS Feed

add-featured-image-to-rss-feed

Adds the featured image attached to posts to the beginning of the post content and excerpt in RSS feeds.

2K No CVEs

WP-UTF8-Excerpt

wp-utf8-excerpt

This plugin generates a better excerpt for multi-byte language users (Chinese, for example). Besides, it keeps the html tags in the excerpt.

800 No CVEs

JMS Rss Feed

jms-rss-feed

Add the featured image tag in your posts RSS feed. For standard RSS feed XML, there is no image tag definition. This plugin will show the post featur …

20 No CVEs

Show Category Posts Fade in/out

show-posts-fade-inout-fix

The Random Featured Post plugin allows you to display a random post from a designated category as a "featured" post.

10 No CVEs

Featured Posts

wordpress-mu-featured-posts

Featured posts plugin & widget for WordPress or WordPress MU.

10 No CVEs

Developer Profile

Stealth Publish Developer Profile

Scott Reilly

63 plugins · 92K total installs

trust score

Avg Security Score

88/100

Avg Patch Time

374 days

View full developer profile

Detection Fingerprints

How We Detect Stealth Publish

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/stealth-publish/assets/admin.js

Script Paths

/wp-content/plugins/stealth-publish/assets/admin.js

Version Parameters

stealth-publish/assets/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

stealth-publish

HTML Comments

Copyright (c) 2007-2016 by Scott Reilly (aka coffee2code)This program is free software; you can redistribute it and/ormodify it under the terms of the GNU General Public Licenseas published by the Free Software Foundation; either version 2+8 more

Data Attributes

data-stealth-publish

JS Globals

c2c_StealthPublishstealth_publish

FAQ