Does Twidger have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Twidger compatible with WordPress 2.9.2?

According to WordPress.org data, Twidger 0.4.0 has been tested up to WordPress 2.9.2. Check the plugin's changelog for the latest compatibility information.

How often is Twidger updated?

Twidger was last updated on May 10, 2010. Frequent updates are generally a positive security signal.

What is Twidger's security score?

Twidger has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Twidger Security & Risk Analysis

wordpress.org/plugins/twidger

A Twitter widget that display messages with associated usernames and avatars from a Twitter search results.

10 active installs v0.4.0 PHP + WP 2.7+ Updated May 10, 2010

avatartweettwitterwidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Twidger Safe to Use in 2026?

Generally Safe

Score 85/100

Twidger has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 16yr ago

Risk Assessment

The 'twidger' plugin v0.4.0 exhibits a seemingly strong security posture based on the provided static analysis. There are no identified entry points into the plugin that are not protected by authentication or permission checks, nor are there any dangerous functions, SQL injection risks via prepared statements, file operations, or external HTTP requests. This indicates a good foundational approach to preventing common web vulnerabilities.

However, a significant concern arises from the lack of proper output escaping for all identified output points. This means that any data rendered by the plugin, if it originates from user input or an untrusted source, could be susceptible to cross-site scripting (XSS) attacks. While the attack surface appears small and secure, this single unaddressed issue presents a tangible risk. The absence of any recorded vulnerabilities or CVEs is a positive sign, suggesting a history of secure development, but it does not negate the potential risks identified in the current static analysis.

Key Concerns

All output is unescaped

Vulnerabilities

None known

Twidger Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Twidger Release Timeline

v0.2.1

Code Analysis

Analyzed Mar 17, 2026

Twidger Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped39 total outputs

Attack Surface

Twidger Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actionwidgets_inittwidger.php:48

actionwp_headtwidger.php:91

Maintenance & Trust

Twidger Maintenance & Trust

Maintenance Signals

WordPress version tested2.9.2

Last updatedMay 10, 2010

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Twidger Alternatives

Easy Twitter Feed Widget Plugin

easy-twitter-feed-widget

Add twitter feeds on your WordPress site by using the Easy Twitter Feed Widget plugin.

10K No CVEs

Customize Feeds for Twitter

twitter-tweets

100

Customize Feeds for Twitter plugin for WordPress. You can use this to display real time Twitter feeds on any where on your website by using shortcode …

4K No CVEs

Twiget Twitter Widget

twiget

A widget to display the latest Twitter status updates.

500 No CVEs

Ultimate Twitter Feeds

ultimate-twitter-feeds

100

Display lightweight Twitter feeds. Fetch profiles, lists, or single tweets with customizable sizes and language support.

400 No CVEs

FireCask’s Twitter Follow Button

twitter-follow

Quickly adds the Twitter follow button. Can be easily implemented into your page, post or theme template

200 1 CVE

Developer Profile

Twidger Developer Profile

Laurent LaSalle

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Twidger

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/twidger/css/twidger_style.css

HTML / DOM Fingerprints

CSS Classes

twidger

HTML Comments

+4 more

Data Attributes

id="twidger-widget"class="twidger"data-widget_id

FAQ