Does ThreeWP have any unpatched vulnerabilities?

No. All known vulnerabilities in ThreeWP have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ThreeWP compatible with WordPress 6.9.4?

According to WordPress.org data, ThreeWP 2.0.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is ThreeWP compatible with PHP 7.4+?

ThreeWP requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is ThreeWP updated?

ThreeWP was last updated on Dec 20, 2025. Frequent updates are generally a positive security signal.

What is ThreeWP's security score?

ThreeWP has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ThreeWP Security & Risk Analysis

wordpress.org/plugins/threewp

Easily integrate Three.js with WordPress to create and display 3D models and animations.

200 active installs v2.0.2 PHP 7.4+ WP 5.4+ Updated Dec 20, 2025

3d-graphicsthree-jsvisualizationwebglwordpress-3d

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is ThreeWP Safe to Use in 2026?

Generally Safe

Score 100/100

ThreeWP has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The static analysis of the "threewp" plugin v2.0.2 reveals a generally strong security posture. The code demonstrates good practices by not utilizing dangerous functions, performing all SQL queries with prepared statements, and ensuring all output is properly escaped. Furthermore, there are no file operations or external HTTP requests, and the absence of bundled libraries reduces the risk of outdated dependencies. The plugin also lacks any recorded vulnerabilities in its history, suggesting a history of secure development or effective patching.

However, a significant concern arises from the lack of any capability checks or nonce checks. While the current attack surface is limited to a single shortcode with no apparent unprotected entry points, the absence of these fundamental security mechanisms means that this shortcode, and any future additions, could be susceptible to unauthorized access or manipulation if they were to handle sensitive data or actions. Taint analysis shows no critical or high severity flows, which is positive, but this is in the context of zero flows analyzed.

In conclusion, the "threewp" plugin v2.0.2 has a solid foundation with secure coding practices for SQL and output handling. The lack of vulnerability history is also a positive indicator. The primary weakness lies in the complete absence of authorization and nonce checks, which represents a potential blind spot for future development or any overlooked aspects of the existing shortcode.

Key Concerns

No capability checks found
No nonce checks found
No taint flows analyzed

Vulnerabilities

None known

ThreeWP Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

ThreeWP Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

ThreeWP Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[use_threewp] threewp.php:29

WordPress Hooks 3

actionplugins_loadedthreewp.php:19

filterscript_loader_tagthreewp.php:48

actionwp_enqueue_scriptsthreewp.php:57

Maintenance & Trust

ThreeWP Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 20, 2025

PHP min version7.4

Downloads3K

Community Trust

Rating100/100

Number of ratings2

Active installs200

Alternatives

ThreeWP Alternatives

Visualizer: Tables and Charts Manager for WordPress

visualizer

A simple yet powerful WordPress chart plugin to effortlessly create and embed responsive charts & tables into your site, supporting multiple data …

20K 12 CVEs

Graphina – Charts and Graphs For Elementor

graphina-elementor-charts-and-graphs

Most Powerful Data visualization plugin for WordPress Elementor. The easiest way to build gorgeous Charts & Graphs on your Elementor website.

10K 7 CVEs

Chartify – WordPress Chart Plugin

chart-builder

Chartify is a powerful WordPress Chart Builder Plugin that will help you to create WordPress Graphs & Charts easily and quickly.

4K 8 CVEs

Ninja Charts – Interactive Charts and Graphs

ninja-charts

The easiest way to create responsive, customizable, and reusable charts and graphs for your website.

3K 1 CVE

Tableberg – Simple Gutenberg Table Block

tableberg

Table Block For the Block Editor. Craft Beautiful Tables With Ease.

2K 2 CVEs

Developer Profile

ThreeWP Developer Profile

Rownok Bosunia

2 plugins · 200 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ThreeWP

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/threewp/assets/js/threewp.bundle.min.js

Script Paths