Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds Security & Risk Analysis
wordpress.org/plugins/tagembed-widgetCollect & Embed Instagram Feed, Embed Facebook Feed, Embed YouTube Videos, Embed Twitter Feed, Google Reviews & 15+ Social Media Feed on website.
Is Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds Safe to Use in 2026?
Generally Safe
Score 99/100Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds has a strong security track record. Known vulnerabilities have been patched promptly.
The tagembed-widget v7.1 plugin exhibits a generally strong security posture, with excellent practices in SQL query handling and output escaping, indicating a development team that prioritizes secure coding. The absence of dangerous functions and file operations further bolsters confidence. However, the analysis reveals three taint flows with unsanitized paths, all classified as high severity. While these flows are not immediately exploitable due to the plugin's entry points being protected by nonce and capability checks, they represent a potential weakness that could be exploited if those checks were bypassed or if new, unprotected entry points were introduced in future versions. The plugin's vulnerability history, while currently showing no unpatched CVEs, includes two past medium-severity vulnerabilities, specifically Missing Authorization and Cross-site Scripting. This historical pattern, combined with the identified taint flows, suggests a recurring need for vigilance regarding input sanitization and authorization checks. In conclusion, tagembed-widget v7.1 is a well-developed plugin with good security foundations. The identified high-severity taint flows are the primary concern and warrant attention to ensure thorough sanitization, even with existing protective measures.
Key Concerns
- High severity taint flows with unsanitized paths
- Past medium severity vulnerabilities (XSS, Auth)
Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds Security Vulnerabilities
CVEs by Year
Severity Breakdown
2 total CVEs
Tagembed <= 5.8 - Missing Authorization
Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds <= 4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting
Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds Attack Surface
AJAX Handlers 1
Shortcodes 1
WordPress Hooks 7
Maintenance & Trust
Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds Maintenance & Trust
Maintenance Signals
Community Trust
Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds Alternatives
Taggbox: Social Feed Widgets
taggbox-widget
Collect, Curate & Publish Instagram, Facebook Feeds, YouTube Videos, Twitter (X) Feeds, Google Reviews & 20+ Social Media Widgets on your website.
LITTLE Social
little-social
Display posts from multiple social media channels and profiles in one combined feed.
Social Media Widget
social-media-widget
Adds links to all of your social media and sharing site profiles. Tons of icons come in 3 sizes, 4 icon styles, and 4 animations.
miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn)
miniorange-login-openid
Social Login with Discord, Facebook, Google, Twitter, LinkedIn and 40+ apps. Social login with social share and comments. Free, fast & easy! WooCo …
Social Media Auto Publish
social-media-auto-publish
Publish posts automatically to social media networks like Facebook, Twitter, Instagram, Tumblr, LinkedIn, Threads and Telegram.
Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds Developer Profile
1 plugin · 10K total installs
How We Detect Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/tagembed-widget/assets/css/common.css/wp-content/plugins/tagembed-widget/assets/css/toast.css/wp-content/plugins/tagembed-widget/assets/css/confirm_dialog.css/wp-content/plugins/tagembed-widget/assets/css/loader.css/wp-content/plugins/tagembed-widget/assets/css/styles.css/wp-content/plugins/tagembed-widget/assets/js/toast.js/wp-content/plugins/tagembed-widget/assets/js/confirm_dialog.js/wp-content/plugins/tagembed-widget/assets/js/loader.js+4 morehttps://widget.tagembed.com/embed.min.jstagembed-widget/assets/css/common.css?ver=tagembed-widget/assets/css/toast.css?ver=tagembed-widget/assets/css/confirm_dialog.css?ver=tagembed-widget/assets/css/loader.css?ver=tagembed-widget/assets/css/styles.css?ver=tagembed-widget/assets/js/toast.js?ver=tagembed-widget/assets/js/confirm_dialog.js?ver=tagembed-widget/assets/js/loader.js?ver=tagembed-widget/assets/js/tagembed.deactive.js?ver=tagembed-widget/assets/js/dialog.form.js?ver=tagembed-widget/assets/css/editor/editor.css?ver=tagembed-widget/assets/js/editor/editor.js?ver=HTML / DOM Fingerprints
tagembed-widgettagembed-block<!-- --Start-- Create Constant --><!-- --End-- Create Constant --><!-- --Start--Include Files --><!-- --End--Include Files -->+10 more__tagembed__embbedJs__tagembed__commonCss__tagembed__toastCss__tagembed__confirmDialogCss__tagembed__tagembedloaderCss__tagembed__popupCss+7 more__tagembed__pluginLoaderImageUrlObj__tagembed__ajax_call_security_nones_object