Does View Shortcodes have any unpatched vulnerabilities?

No. All known vulnerabilities in View Shortcodes have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is View Shortcodes compatible with WordPress 6.7.5?

According to WordPress.org data, View Shortcodes 2.5.1 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is View Shortcodes compatible with PHP 8.0+?

View Shortcodes requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is View Shortcodes updated?

View Shortcodes was last updated on Mar 30, 2025. Frequent updates are generally a positive security signal.

What is View Shortcodes's security score?

View Shortcodes has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

View Shortcodes Security & Risk Analysis

wordpress.org/plugins/view-shortcodes

The plugin is for displaying active shortcodes.

200 active installs v2.5.1 PHP 8.0+ WP 6.0+ Updated Mar 30, 2025

mime

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is View Shortcodes Safe to Use in 2026?

Generally Safe

Score 92/100

View Shortcodes has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The 'view-shortcodes' plugin v2.5.1 presents a mixed security posture. On the positive side, the static analysis reveals no identified vulnerabilities related to dangerous functions, file operations, external HTTP requests, or SQL injection through prepared statements. The absence of any recorded CVEs, both historical and current, is also a strong indicator of a generally secure plugin. However, a significant concern arises from the complete lack of output escaping for all identified output points. This suggests that any dynamic content rendered by the plugin is potentially vulnerable to cross-site scripting (XSS) attacks if user-supplied data is not properly sanitized before being displayed. The absence of any capability checks or nonce checks, while not directly indicating a vulnerability in this version, suggests a potential lack of robust authorization and CSRF protection mechanisms, which could become an issue if the plugin's functionality were to expand or interact with more sensitive data in the future.

Key Concerns

All output is unescaped

Vulnerabilities

None known

View Shortcodes Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

View Shortcodes Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped2 total outputs

Attack Surface

View Shortcodes Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actionadmin_menuview-shortcodes.php:17

Maintenance & Trust

View Shortcodes Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedMar 30, 2025

PHP min version8.0

Downloads8K

Community Trust

Rating100/100

Number of ratings2

Active installs200

Alternatives

View Shortcodes Alternatives

Safe SVG

safe-svg

Enable SVG uploads and sanitize them to stop XML/SVG vulnerabilities in your WordPress website.

1.0M 6 CVEs

SVG Support

svg-support

Securely upload SVG files to your media library, with built-in sanitization and advanced features for styling and animation.

1.0M 6 CVEs

Enhanced Media Library

enhanced-media-library

This plugin would be handy for those who need to manage a lot of media files.

70K 1 CVE

WP Add Mime Types

wp-add-mime-types

The plugin additionally allows the mime types and file extensions to WordPress.

50K No CVEs

File Upload Types by WPForms

file-upload-types

Easily allow WordPress to accept and upload any file type extension or MIME type, including custom file types.

30K 1 CVE

Developer Profile

View Shortcodes Developer Profile

kimipooh

9 plugins · 54K total installs

trust score

Avg Security Score

93/100

Avg Patch Time

1460 days

View full developer profile

Detection Fingerprints

How We Detect View Shortcodes

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output

<input type="text" value="[]" />

FAQ