Does TU Crypto Widgets have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is TU Crypto Widgets compatible with WordPress 6.9.4?

According to WordPress.org data, TU Crypto Widgets 1.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is TU Crypto Widgets updated?

TU Crypto Widgets was last updated on Mar 31, 2026. Frequent updates are generally a positive security signal.

What is TU Crypto Widgets's security score?

TU Crypto Widgets has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

TU Crypto Widgets Security & Risk Analysis

wordpress.org/plugins/tu-crypto-widgets

Add cryptocurrency widgets to your WordPress posts and publications.

0 active installs v1.0.0 PHP + WP 5.0+ Updated Mar 31, 2026

bitcoincryptocryptocurrencyethereumwidgets

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is TU Crypto Widgets Safe to Use in 2026?

Generally Safe

Score 100/100

TU Crypto Widgets has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "tu-crypto-widgets" v1.0.0 plugin exhibits a strong security posture based on the provided static analysis and vulnerability history. The absence of any critical or high-severity taint flows, coupled with 100% proper output escaping and the exclusive use of prepared statements for SQL queries, indicates a proactive approach to secure coding practices. Furthermore, the presence of nonce and capability checks on the identified entry points is commendable, suggesting a good understanding of WordPress security fundamentals.

While the plugin has no recorded vulnerabilities or CVEs, which is a significant positive indicator, the static analysis does reveal a few areas that warrant attention. The plugin performs file operations, which can sometimes introduce risks if not handled with extreme care, although no specific issues were flagged in the taint analysis. The presence of two AJAX handlers, even with authentication checks in place, represents potential entry points that could be subject to future vulnerabilities if not diligently maintained.

Overall, "tu-crypto-widgets" v1.0.0 appears to be a well-developed plugin from a security perspective. The lack of historical vulnerabilities and the strong adherence to secure coding practices in the static analysis are significant strengths. However, the file operation capability should be monitored, and as with any software, ongoing vigilance regarding potential future vulnerabilities is always recommended.

Key Concerns

File operations present

Vulnerabilities

None known

TU Crypto Widgets Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

TU Crypto Widgets Release Timeline

v1.0.0Current

Code Analysis

Analyzed Apr 16, 2026

TU Crypto Widgets Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

238 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped238 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

render_widget_settings_page (admin/class-tu-crypto-widgets-admin.php:372)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

TU Crypto Widgets Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 2

authwp_ajax_tucrwi_get_news_previewadmin/class-tu-crypto-widgets-admin.php:35

authwp_ajax_tucrwi_render_widget_previewincludes/class-tu-crypto-widgets.php:65

Shortcodes 1

[tucrwi_crypto_widget] includes/class-tu-crypto-widgets.php:88

WordPress Hooks 14

actionadmin_menuadmin/class-tu-crypto-widgets-admin.php:31

actionadmin_enqueue_scriptsadmin/class-tu-crypto-widgets-admin.php:32

actionadmin_enqueue_scriptsadmin/class-tu-crypto-widgets-admin.php:33

actionadmin_initadmin/class-tu-crypto-widgets-admin.php:34

filtersubmenu_fileadmin/class-tu-crypto-widgets-admin.php:36

filterscript_loader_tagadmin/class-tu-crypto-widgets-admin.php:217

actioninitincludes/class-tu-crypto-widgets.php:59

actionwp_enqueue_scriptsincludes/class-tu-crypto-widgets.php:62

filterthe_contentincludes/class-tu-crypto-widgets.php:68

filterdo_shortcode_tagincludes/class-tu-crypto-widgets.php:71

filterthe_contentincludes/class-tu-crypto-widgets.php:74

filterscript_loader_tagincludes/class-tu-crypto-widgets.php:566

actionplugins_loadedtu-crypto-widgets.php:59

filterwp_plugin_check_ignore_filestu-crypto-widgets.php:65

Maintenance & Trust

TU Crypto Widgets Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 31, 2026

PHP min version

Downloads55

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

TU Crypto Widgets Alternatives

NOWPayments for WooCommerce – Crypto Payment Gateway

nowpayments-for-woocommerce

100

Accept Bitcoin, Ethereum, and 300+ cryptocurrencies in WooCommerce using the official NOWPayments crypto payment gateway.

3K No CVEs

Crypto Price Widgets – CryptoWP

cryptowp

100

A lightweight plugin to show the latest Bitcoin, Ethereum, and other cryptocurrency widgets on your website.

700 No CVEs

Cryptocurrency Donation Box – Bitcoin & Crypto Donations

cryptocurrency-donation-box

Accept crypto payments and donations on your WordPress site easily with this free cryptocurrency donation box plugin

600 1 unpatched

Cryptocurrency Payment Gateway

cryptocurrency-payment-gateway

100

Digital Currency Payment Gateway for WooCommerce. Easily accept Bitcoin, Bitcoin Cash, Litecoin, Dogecoin, and more in your store.

500 No CVEs

Cryptocurrency Exchange

crypto-exchange

Extremely simple way to launch your own crypto exchange on wordpress or to simply add token trading directly onto a page or post.

60 No CVEs

Developer Profile

TU Crypto Widgets Developer Profile

tuwidgets

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect TU Crypto Widgets

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/tu-crypto-widgets/admin/css/admin.css/wp-content/plugins/tu-crypto-widgets/admin/js/admin.js/wp-content/plugins/tu-crypto-widgets/assets/css/ticker-tape.css/wp-content/plugins/tu-crypto-widgets/assets/css/tu-crypto-widgets.css/wp-content/plugins/tu-crypto-widgets/assets/js/ticker-tape.js/wp-content/plugins/tu-crypto-widgets/assets/js/tu-crypto-widgets.js

Script Paths

/wp-content/plugins/tu-crypto-widgets/admin/js/admin.js/wp-content/plugins/tu-crypto-widgets/assets/js/ticker-tape.js/wp-content/plugins/tu-crypto-widgets/assets/js/tu-crypto-widgets.js

Version Parameters

tu-crypto-widgets/admin/css/admin.css?ver=tu-crypto-widgets/admin/js/admin.js?ver=tu-crypto-widgets/assets/css/ticker-tape.css?ver=tu-crypto-widgets/assets/css/tu-crypto-widgets.css?ver=tu-crypto-widgets/assets/js/ticker-tape.js?ver=tu-crypto-widgets/assets/js/tu-crypto-widgets.js?ver=

HTML / DOM Fingerprints

CSS Classes

tu-crypto-widget-settings-wraptucrwi-widget-settings

HTML Comments

Data Attributes

data-widget-type

JS Globals

TUCRWI_AdminTUCRWI_AJAX_URL

REST Endpoints

/wp-json/tucrwi/v1/get-news-preview

FAQ