Does TweetButton have any unpatched vulnerabilities?

No. All known vulnerabilities in TweetButton have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is TweetButton compatible with WordPress 4.5.33?

According to WordPress.org data, TweetButton 3.1.0 has been tested up to WordPress 4.5.33. Check the plugin's changelog for the latest compatibility information.

How often is TweetButton updated?

TweetButton was last updated on May 27, 2016. Frequent updates are generally a positive security signal.

What is TweetButton's security score?

TweetButton has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

TweetButton Security & Risk Analysis

wordpress.org/plugins/tweetbutton-for-wordpress

Easily allows your blog post or page to be retweeted. Currently being used by SocialBrite and other members of the social media community.

20 active installs v3.1.0 PHP + WP 2.8+ Updated May 27, 2016

buttonrelatedretweettwittervoting

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is TweetButton Safe to Use in 2026?

Generally Safe

Score 85/100

TweetButton has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The "tweetbutton-for-wordpress" v3.1.0 plugin exhibits a seemingly strong security posture based on the provided static analysis. The absence of identified dangerous functions, SQL queries, file operations, external HTTP requests, and taint flows is a positive indicator. Furthermore, the lack of known CVEs in its history suggests a history of responsible development or a lack of significant past security issues.

However, a critical concern arises from the output escaping analysis. With 5 total outputs and 0% properly escaped, this indicates a high likelihood of Cross-Site Scripting (XSS) vulnerabilities. Any dynamic data displayed to users without proper sanitization can be manipulated by attackers to inject malicious scripts. While the plugin doesn't expose a large attack surface through AJAX, REST API, or shortcodes, the unescaped output is a significant weakness that could be exploited.

In conclusion, the plugin has strengths in its limited attack surface and lack of critical code signals like dangerous functions or raw SQL. However, the pervasive lack of output escaping is a major security flaw that overshadows these positives. The vulnerability history, while empty, doesn't mitigate the immediate risk posed by unescaped output. Users should exercise caution and consider implementing custom sanitization or seeking an updated version with proper escaping mechanisms.

Key Concerns

0% output escaping

Vulnerabilities

None known

TweetButton Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

TweetButton Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped5 total outputs

Attack Surface

TweetButton Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionadmin_menutweetbutton.php:309

actionadmin_inittweetbutton.php:310

filterthe_contenttweetbutton.php:327

filterget_the_excerpttweetbutton.php:328

actionwp_headtweetbutton.php:329

Maintenance & Trust

TweetButton Maintenance & Trust

Maintenance Signals

WordPress version tested4.5.33

Last updatedMay 27, 2016

PHP min version

Downloads11K

Community Trust

Rating100/100

Number of ratings1

Active installs20

Alternatives

TweetButton Alternatives

TweetMeme Button

tweetmeme-button

The TweetMeme Retweet button is the defacto standard in retweeting - used by some of the biggest websites in the world including Techcrunch.

30 No CVEs

WP Tweet

wp-tweet

100

Adds the official Tweet Button from Twitter.

10 No CVEs

Custom Share Buttons with Floating Sidebar

custom-share-buttons-with-floating-sidebar

Share buttons with extra features to sharing your website posts/pages on Facebook, Twitter, Instagram, Whatsapp, Pinterest etc.

5K 1 CVE

Like Button Rating ♥ LikeBtn

likebtn-like-button

Add Like button to posts, pages, comments, WooCommerce, BuddyPress, bbPress, UM, custom posts! Sort content by likes! Get instant stats and insights!

4K 5 CVEs

Feeds for Twitter – Embed Social Media Posts with Live Updates

easy-twitter-feeds

Embed Twitter Timeline/Feed, Post, Video, Hashtag, Follow Button, Tweet Button easily. This plugin is lightweight but super powerful.

2K 2 CVEs

Developer Profile

TweetButton Developer Profile

David Davis

2 plugins · 320 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect TweetButton

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/tweetbutton-for-wordpress/images/tweet.png

Script Paths

//platform.twitter.com/widgets.js

HTML / DOM Fingerprints

CSS Classes

TweetButton_button

Data Attributes

data-urldata-textdata-viadata-hashtagsdata-langdata-related

Shortcode Output

<div class="TweetButton_button" style="

FAQ