Does Author: Francis Crossen (fcrossen) have any unpatched vulnerabilities?

No. All known vulnerabilities in Author: Francis Crossen (fcrossen) have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Author: Francis Crossen (fcrossen) compatible with WordPress 3.5.2?

According to WordPress.org data, Author: Francis Crossen (fcrossen) 1.0.13 has been tested up to WordPress 3.5.2. Check the plugin's changelog for the latest compatibility information.

How often is Author: Francis Crossen (fcrossen) updated?

Author: Francis Crossen (fcrossen) was last updated on Nov 22, 2013. Frequent updates are generally a positive security signal.

What is Author: Francis Crossen (fcrossen)'s security score?

Author: Francis Crossen (fcrossen) has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Author: Francis Crossen (fcrossen) Security & Risk Analysis

wordpress.org/plugins/tina-mvc

Tina MVC is a Wordpress framework that allows you to develop plugins, shortcodes and and widgets.

10 active installs v1.0.13 PHP + WP 3.5+ Updated Nov 22, 2013

developmentframeworkmvcshortcodewidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Author: Francis Crossen (fcrossen) Safe to Use in 2026?

Generally Safe

Score 85/100

Author: Francis Crossen (fcrossen) has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The "tina-mvc" plugin v1.0.13 presents a mixed security posture. On the positive side, it has a relatively small attack surface with no unprotected entry points identified in the static analysis. The absence of known CVEs and past vulnerabilities is also a strong indicator of good security practices. Furthermore, the majority of SQL queries utilize prepared statements, which significantly mitigates the risk of SQL injection.

Key Concerns

Significant portion of output not properly escaped
No nonce checks on any entry points
One flow with unsanitized paths in taint analysis
File operations present without clear context
Only one capability check found

Vulnerabilities

None known

Author: Francis Crossen (fcrossen) Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Author: Francis Crossen (fcrossen) Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

150

39 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

75% prepared4 total queries

Output Escaping

21% escaped189 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths

<example-captcha> (tina_mvc\3rd_party\recaptcha\example-captcha.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Author: Francis Crossen (fcrossen) Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[tina_mvc] tina_mvc.php:96

[tina_mvc] tina_mvc.php:652

WordPress Hooks 12

actionadmin_menutina_mvc\admin_pages\admin_functions.php:433

filterparse_querytina_mvc.php:97

filterthe_poststina_mvc.php:98

actionwidgets_inittina_mvc.php:99

filterthe_contenttina_mvc.php:100

actioninittina_mvc.php:102

filterupgrader_pre_installtina_mvc.php:117

filterupgrader_post_installtina_mvc.php:118

actionlogin_inittina_mvc.php:130

actionwp_logouttina_mvc.php:131

actionadmin_inittina_mvc.php:136

actiontina_mvc_cron_hooktina_mvc.php:141

Scheduled Events 1

tina_mvc_cron_hook

Maintenance & Trust

Author: Francis Crossen (fcrossen) Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2

Last updatedNov 22, 2013

PHP min version

Downloads9K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Author: Francis Crossen (fcrossen) Alternatives

Contact Form by BestWebSoft – Advanced WP Contact Form Builder for WordPress

contact-form-plugin

The most powerful and user-friendly WordPress contact form plugin. Create beautiful contact forms, widgets and pages using shortcodes.

30K 1 unpatched

Apollo13 Framework Extensions

apollo13-framework-extensions

Adds custom post types, shortcodes and some features that are used in themes built on Apollo13 Framework.

20K 6 CVEs

Kaya QR Code Generator

kaya-qr-code-generator

Generate QR Code through Widgets and Shortcodes, without any dependencies.

20K 2 CVEs

Donations via PayPal

paypal-donations

100

Easy, simple setup to add a PayPal Donation button as a Widget or with a shortcode.

20K 1 CVE

Reusable Blocks Extended

reusable-blocks-extended

100

Extend Gutenberg Reusable Blocks feature with a complete admin panel, widgets, shortcodes and PHP functions.

20K 1 CVE

Developer Profile

Author: Francis Crossen (fcrossen) Developer Profile

Francis Crossen

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Author: Francis Crossen (fcrossen)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/tina-mvc/tina_mvc/css/tina_mvc_style.css/wp-content/plugins/tina-mvc/tina_mvc/js/tina_mvc_scripts.js

Script Paths

/wp-content/plugins/tina-mvc/tina_mvc/js/tina_mvc_scripts.js

Version Parameters

tina_mvc/style.css?ver=tina_mvc/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

tina-mvc-contenttina-mvc-login

Data Attributes

data-tina-mvc-shortcode

JS Globals

tina_mvc

Shortcode Output

[tina_mvc

FAQ