Does Vinvin SEO have any unpatched vulnerabilities?

No. All known vulnerabilities in Vinvin SEO have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Vinvin SEO compatible with WordPress 6.1.10?

According to WordPress.org data, Vinvin SEO 2.0.0 has been tested up to WordPress 6.1.10. Check the plugin's changelog for the latest compatibility information.

Is Vinvin SEO compatible with PHP 5.6+?

Vinvin SEO requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Vinvin SEO updated?

Vinvin SEO was last updated on Nov 15, 2022. Frequent updates are generally a positive security signal.

What is Vinvin SEO's security score?

Vinvin SEO has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Vinvin SEO Security & Risk Analysis

wordpress.org/plugins/vinvin-seo

Vinvin SEO is a small extension allow you to add review on page/post. It add review on text also on JSON/LD. Lots of new features incoming

10 active installs v2.0.0 PHP 5.6+ WP 5.0+ Updated Nov 15, 2022

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Vinvin SEO Safe to Use in 2026?

Generally Safe

Score 85/100

Vinvin SEO has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The vinvin-seo plugin v2.0.0 exhibits a generally good security posture based on the provided static analysis. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests is commendable. The plugin also correctly utilizes prepared statements for its SQL queries, which is a significant strength. However, a major concern is the very low percentage of properly escaped output (5%). With 39 total outputs, this indicates that a substantial number of outputs are likely vulnerable to cross-site scripting (XSS) attacks. The lack of nonce checks on its entry points (shortcodes) is another significant risk, as it doesn't prevent unauthorized execution of these shortcodes. Despite these concerns, the plugin has no recorded vulnerabilities, which suggests that either existing vulnerabilities have been patched, or the plugin's limited functionality and attack surface haven't been heavily targeted or exploited in the past. The strong adherence to prepared statements is a positive indicator of secure coding practices in database interactions. However, the output escaping and nonce check deficiencies represent significant areas of risk that require immediate attention. In conclusion, while the plugin demonstrates strengths in database security, its handling of user-provided data and request verification presents notable vulnerabilities.

Key Concerns

Low percentage of properly escaped output
No nonce checks on shortcodes

Vulnerabilities

None known

Vinvin SEO Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Vinvin SEO Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

5% escaped39 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

vinvin_fn (vinvin.php:75)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Vinvin SEO Attack Surface

Entry Points4

Unprotected0

Shortcodes 4

[vinvin_site_description] vinvin.php:498

[vinvin_site_name] vinvin.php:505

[vinvin_post_title] vinvin.php:511

[vg_sc_fs_multi_faq] vinvin.php:836

WordPress Hooks 9

actionpage_generator_pro_generate_content_finishedvinvin.php:27

actionthe_contentvinvin.php:38

actionvinvin_totovinvin.php:50

actionadmin_menuvinvin.php:70

filterthe_contentvinvin.php:521

actionsave_postvinvin.php:661

actionwp_headvinvin.php:673

actionsave_postvinvin.php:931

actionsave_postvinvin.php:1096

Maintenance & Trust

Vinvin SEO Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10

Last updatedNov 15, 2022

PHP min version5.6

Downloads8K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Vinvin SEO Alternatives

No alternatives data available yet.

Developer Profile

Vinvin SEO Developer Profile

vinvin27

4 plugins · 810 total installs

trust score

Avg Security Score

89/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Vinvin SEO

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/vinvin-seo/vinvin.css

Script Paths

/wp-content/plugins/vinvin-seo/vinvin.js

Version Parameters

vinvin-seo/vinvin.css?ver=vinvin-seo/vinvin.js?ver=

HTML / DOM Fingerprints

CSS Classes

v_id_post

HTML Comments

Data Attributes

id="v_id_post"

JS Globals

window.vinvin_seo_options

FAQ