Does The Future Posts have any unpatched vulnerabilities?

No. All known vulnerabilities in The Future Posts have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is The Future Posts compatible with WordPress 4.9.29?

According to WordPress.org data, The Future Posts 1.40 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

Is The Future Posts compatible with PHP 5.6.0+?

The Future Posts requires PHP 5.6.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is The Future Posts updated?

The Future Posts was last updated on Aug 7, 2018. Frequent updates are generally a positive security signal.

What is The Future Posts's security score?

The Future Posts has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

The Future Posts Security & Risk Analysis

wordpress.org/plugins/the-future-posts

Display future (scheduled) posts in responsive grids using shortcodes. Works with PODS, Advanced Custom Fields, WooCommerce, and all page builders.

20 active installs v1.40 PHP 5.6.0+ WP 4.6.0+ Updated Aug 7, 2018

advanced-custom-fieldspodspost-gridresponsivescheduled

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is The Future Posts Safe to Use in 2026?

Generally Safe

Score 85/100

The Future Posts has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The 'the-future-posts' plugin v1.40 exhibits a mixed security posture. On the positive side, there are no recorded vulnerabilities (CVEs) and the static analysis shows no direct SQL injection risks due to prepared statements. The plugin also avoids external HTTP requests and doesn't bundle potentially outdated libraries. However, significant concerns arise from the lack of output escaping and insufficient security checks. With 40 total outputs, none are properly escaped, which presents a high risk for cross-site scripting (XSS) vulnerabilities. Furthermore, the absence of nonce checks and capability checks on its single shortcode entry point means that any authenticated user could potentially trigger unintended actions, depending on the shortcode's functionality. While taint analysis shows no current issues, the unescaped output and lack of authorization controls create a fertile ground for vulnerabilities if malicious data is processed.

Key Concerns

Unescaped output across all outputs
Missing nonce check on shortcode
Missing capability check on shortcode

Vulnerabilities

None known

The Future Posts Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

The Future Posts Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared1 total queries

Output Escaping

0% escaped40 total outputs

Attack Surface

The Future Posts Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[the_future_posts] the-future-posts.php:44

WordPress Hooks 6

filterwidget_textthe-future-posts.php:50

actionadmin_menuthe-future-posts.php:74

actionwp_enqueue_scriptsthe-future-posts.php:106

filterpost_linkthe-future-posts.php:135

filterpost_type_linkthe-future-posts.php:136

filterthe_poststhe-future-posts.php:151

Maintenance & Trust

The Future Posts Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedAug 7, 2018

PHP min version5.6.0

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

The Future Posts Alternatives

Ultimate Addons for SiteOrigin

addon-so-widgets-bundle

An ultimate collection of addons for SiteOrigin. SiteOrigin Widgets Bundle is required.

7K No CVEs

Featured Post Creative

featured-post-creative

Display Featured post on your website with 2 shortcode and 1 widget. Also work with Gutenberg shortcode block.

1K 2 CVEs

Grid Accordion

grid-accordion

100

Grid Accordion is a responsive gallery plugin that includes Premium features for FREE, like animated layers, lightbox support, post content and more.

80 No CVEs

Page Builder by SiteOrigin

siteorigin-panels

Build responsive page layouts using the widgets you know and love using this simple drag and drop page builder.

500K 8 CVEs

Max Mega Menu

megamenu

An easy to use mega menu plugin. Written the WordPress way.

300K 2 CVEs

Developer Profile

The Future Posts Developer Profile

jdalmeida

1 plugin · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect The Future Posts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/the-future-posts/css/gridlex.css/wp-content/plugins/the-future-posts/css/the-future-posts-icons.css/wp-content/plugins/the-future-posts/css/the-future-posts.css

Script Paths

/wp-content/plugins/the-future-posts/includes/main.js

Version Parameters

the-future-posts/css/gridlex.css?ver=the-future-posts/css/the-future-posts-icons.css?ver=the-future-posts/css/the-future-posts.css?ver=the-future-posts/includes/main.js?ver=

HTML / DOM Fingerprints

CSS Classes

the-future-posts-wrappertfp-gridtfp-itemtfp-theme-defaulttfp-theme-custom

Data Attributes

data-post-statusdata-post-typedata-category-namedata-taxonomydata-taxonomy-termsdata-date-before+13 more

JS Globals

the_future_posts_main

Shortcode Output

[the_future_posts]

FAQ