WP-Safety

User Status Shortcode Security & Risk Analysis

wordpress.org/plugins/user-status-shortcode

Easily allows you to display different content to your visitors that are logged in than those that are logged out via shortcode.

100 active installs v0.1.1 PHP + WP 3.0+ Updated Jan 21, 2016
inboundloginlogoutshortcodewidget
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is User Status Shortcode Safe to Use in 2026?

Generally Safe

Score 85/100

User Status Shortcode has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago
Risk Assessment

The 'user-status-shortcode' v0.1.1 plugin exhibits a strong security posture based on the provided static analysis. A significant strength is the complete absence of dangerous functions, SQL queries without prepared statements, unescaped output, file operations, and external HTTP requests. Furthermore, the plugin reports zero known vulnerabilities, with no historical issues recorded, suggesting a history of secure development or minimal public exposure. The attack surface is also well-managed, with all identified entry points (shortcodes) likely to incorporate implicit or explicit security checks by WordPress core functions when used within a typical context. Taint analysis showing no unsanitized flows further bolsters this positive assessment.

Key Concerns

  • No nonce checks implemented
  • No capability checks implemented
Vulnerabilities
None known

User Status Shortcode Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

User Status Shortcode Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0
Attack Surface

User Status Shortcode Attack Surface

Entry Points2
Unprotected0

Shortcodes 2

[userloggedin] wordpress-user-logged-in-shortcode.php:29
[userloggedout] wordpress-user-logged-in-shortcode.php:42
WordPress Hooks 2
filterwidget_textwordpress-user-logged-in-shortcode.php:15
filterwidget_textwordpress-user-logged-in-shortcode.php:16
Maintenance & Trust

User Status Shortcode Maintenance & Trust

Maintenance Signals

WordPress version tested4.4.34
Last updatedJan 21, 2016
PHP min version
Downloads9K

Community Trust

Rating100/100
Number of ratings5
Active installs100
Alternatives

User Status Shortcode Alternatives

Login-Logout

Login-Logout

login-logout

C
63

Widget with login, logout, admin and register links. Replacement of the default Meta widget.

3K 1 unpatched
Login-Logout

Login-Logout

login-and-out

A
85

Adds simple, clean links so users can login/logout & register easily. Highly customisable, & can be used as a widget or inserted into your sit …

200 No CVEs
Login Form Anywhere

Login Form Anywhere

login-form-anywhere

A
85

Allow admin to show login from anywhere in Wordpress.

60 No CVEs
Simple Login SC

Simple Login SC

simple-login-sc

A
85

Adds a simple login form via a shortcode and does not add any extraneous code to slow your website. It just uses the core functions of WordPress.

20 No CVEs
LogInOut button

LogInOut button

loginout

A
85

Заменяет [LogInOut] в виджете "html" ("Внешний вид"->"Виджеты") на кнопку "Вход редактора/Выйти". Фильтр.

10 No CVEs
Developer Profile

User Status Shortcode Developer Profile

Reed Wendorf

1 plugin · 100 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect User Status Shortcode

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output
[userloggedin][/userloggedin][userloggedout][/userloggedout]
FAQ

Frequently Asked Questions about User Status Shortcode