Does ViperProof have any unpatched vulnerabilities?

No. All known vulnerabilities in ViperProof have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ViperProof compatible with WordPress 3.1.4?

According to WordPress.org data, ViperProof 1.1 has been tested up to WordPress 3.1.4. Check the plugin's changelog for the latest compatibility information.

How often is ViperProof updated?

ViperProof was last updated on Dec 3, 2011. Frequent updates are generally a positive security signal.

What is ViperProof's security score?

ViperProof has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ViperProof Security & Risk Analysis

wordpress.org/plugins/viper-proof

ViperProof allows you to show various aspects of social proof on your website, which will help you to get more blog subscribers.

10 active installs v1.1 PHP + WP 3.0+ Updated Dec 3, 2011

alexafacebookpageranksocial-mediatwitter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is ViperProof Safe to Use in 2026?

Generally Safe

Score 85/100

ViperProof has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 14yr ago

Risk Assessment

The viper-proof plugin, version 1.1, exhibits several significant security concerns despite having a limited attack surface and no known historical vulnerabilities. The static analysis reveals critical weaknesses in its handling of SQL queries and output escaping. Specifically, all SQL queries are executed without prepared statements, creating a high risk of SQL injection vulnerabilities. Furthermore, none of the 19 identified output points are properly escaped, exposing the plugin to cross-site scripting (XSS) attacks. The taint analysis also shows two flows with unsanitized paths, indicating potential data handling issues that could be exploited.

Key Concerns

SQL queries lack prepared statements
Output escaping is not properly implemented
Taint analysis shows unsanitized paths
No nonce checks present
No capability checks present

Vulnerabilities

None known

ViperProof Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

ViperProof Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared2 total queries

Output Escaping

0% escaped19 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

setup_social_proof (viperproof.php:72)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

ViperProof Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[viperproof] viperproof.php:13

WordPress Hooks 3

actionadmin_menuviperproof.php:10

actionwp_footerviperproof.php:16

actionwidgets_initviperproof.php:26

Maintenance & Trust

ViperProof Maintenance & Trust

Maintenance Signals

WordPress version tested3.1.4

Last updatedDec 3, 2011

PHP min version

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

ViperProof Alternatives

Open Graph and Twitter Card Tags

wonderm00ns-simple-facebook-open-graph-tags

Improve social media sharing by inserting Facebook Open Graph, Twitter Card, and SEO Meta Tags on your WordPress website pages, posts, WooCommerce pro …

60K 2 CVEs

Social Media Widget

social-media-widget

Adds links to all of your social media and sharing site profiles. Tons of icons come in 3 sizes, 4 icon styles, and 4 animations.

30K 3 CVEs

Social Media Auto Publish

social-media-auto-publish

Publish posts automatically to social media networks like Facebook, Twitter, Instagram, Tumblr, LinkedIn, Threads and Telegram.

7K 1 CVE

Curator.io

curatorio

Aggregate and embed your social media posts on your site (Facebook, Twitter, Instagram, Pinterest and many more) as a beautiful social media feed.

2K 2 CVEs

Social Media Icons Widget

social-media-icons

Developed at NCI.

1K No CVEs

Developer Profile

ViperProof Developer Profile

viperchill

3 plugins · 30 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ViperProof

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/viper-proof/images/Twitter.png/wp-content/plugins/viper-proof/images/Traffic.png/wp-content/plugins/viper-proof/images/Facebook.png

HTML / DOM Fingerprints

CSS Classes

ViperProofviperproofstatsviperproofstats .statdisplaychoicesViperFeed_main_containerViperFeed_inputViperFeed_labelViperFeed_form_element

Data Attributes

class="ViperProof"id="viperproof-widget"class="ViperFeed_main_container"class="ViperFeed_input"class="ViperFeed_label"class="ViperFeed_form_element"+3 more

JS Globals

viperproof_formviperproof_activationviperlinkviper_proof_shortcodesetup_social_proof

Shortcode Output

<center>ViperProof by <a href='http://www.viperchill.com'>ViperChill</a></center><div id="ViperFeed_main_container">

<p style="text-align:center;">Use <span style="background-color: #FFD; padding:3px;">[viperproof]</span> to embed your statistics. To align it vertically, use <span style="background-color: #FFD; padding:3px;">[viperproof direction="vertical"]</span>.<br />

Alternatively, you will find a Widget called 'ViperProof' on your Widgets page which you can also use.</p>

FAQ