TW Shortcodes Security & Risk Analysis
wordpress.org/plugins/tw-shortcodesTW Shortcodes enables you to easily add "flat design" buttons, icons, pricing tables and more without modifying CSS, HTML or PHP.
Is TW Shortcodes Safe to Use in 2026?
Generally Safe
Score 85/100TW Shortcodes has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "tw-shortcodes" plugin version 1.1 presents a seemingly strong security posture based on the provided static analysis. The absence of dangerous functions, the exclusive use of prepared statements for SQL queries, and proper output escaping are all positive indicators. Furthermore, the plugin has no recorded vulnerabilities, which suggests a history of secure development or minimal public exposure.
However, there are significant areas of concern that temper this positive outlook. The plugin lacks any nonce checks or capability checks. While the static analysis indicates no unprotected entry points directly, this absence of authorization mechanisms on potentially dynamic code execution paths (like shortcodes) creates a significant blind spot. If any of the shortcodes were to implement logic that could be manipulated by an unauthenticated or unauthorized user, the lack of these security checks would be a critical flaw. The absence of taint analysis results is also notable; it could mean no taint flows were found, or it could indicate the analysis was incomplete or not performed thoroughly.
In conclusion, while the "tw-shortcodes" v1.1 plugin adheres to good practices in areas like SQL and output handling and boasts a clean vulnerability history, the complete lack of nonce and capability checks across its 33 shortcodes represents a significant potential risk. This oversight could be exploited if any shortcode logic becomes sensitive to unauthorized input.
Key Concerns
- Missing nonce checks on shortcodes
- Missing capability checks on shortcodes
- No taint analysis results provided
TW Shortcodes Security Vulnerabilities
TW Shortcodes Code Analysis
Output Escaping
TW Shortcodes Attack Surface
Shortcodes 33
WordPress Hooks 6
Maintenance & Trust
TW Shortcodes Maintenance & Trust
Maintenance Signals
Community Trust
TW Shortcodes Alternatives
Bootstrap Shortcodes
bootstrap-shortcodes
Wordpress plugin to add shortcodes for Twitter Bootstrap 3.3
Elements For Elementor
nd-elements
The plugin adds some useful elements to the Elementor Page Builder Plugin. All components are full responsive and retina ready.
WP Shortcode by MyThemeShop
wp-shortcode
WP Shortcode is a premium WP plugin for free, that provides easy to use over 24 shortcodes. You can easily add buttons, alerts, videos and more.
Arconix Shortcodes
arconix-shortcodes
Arconix Shortcodes provides a number of useful design elements like buttons, boxes, tabs and toggles to help compliment any website.
Popular Brand Icons – Simple Icons
simple-icons
An easy to use lightweight SVG icons plugin with over 1500+ brand icons. Use these icons in your menus, widgets, posts, or pages.
TW Shortcodes Developer Profile
1 plugin · 10 total installs
How We Detect TW Shortcodes
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/tw-shortcodes/tw-shortcodes.css/wp-content/plugins/tw-shortcodes/genericons/genericons.css/wp-content/plugins/tw-shortcodes/js/tw_sc_scripts.jstw-shortcodes/style.css?ver=tw-shortcodes/genericons/genericons.css?ver=tw_sc_scripts.js?ver=1.0.3https://maps.googleapis.com/maps/api/js?sensor=false?ver=1.0.3HTML / DOM Fingerprints
tw-sc-grid_4tw-sc-grid_8tw-sc-grid_6tw-sc-grid_3tw-sc-grid_9tw-sc-grid_2tw-sc-grid_10tw-sc-buttonclass="tw-sc-grid_4 alpha"class="tw-sc-grid_4 omega"class="tw-sc-grid_8 alpha"class="tw-sc-grid_8 omega"class="tw-sc-grid_6 alpha"class="tw-sc-grid_6 omega"+9 more<div class="tw-sc-grid_4 alpha"><div class="tw-sc-grid_4"><div class="tw-sc-grid_4 omega"><div class="clear"></div>