Does Widget Text Icon have any unpatched vulnerabilities?

No. All known vulnerabilities in Widget Text Icon have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Widget Text Icon compatible with WordPress 3.5.2?

According to WordPress.org data, Widget Text Icon 0.3 has been tested up to WordPress 3.5.2. Check the plugin's changelog for the latest compatibility information.

How often is Widget Text Icon updated?

Widget Text Icon was last updated on May 2, 2013. Frequent updates are generally a positive security signal.

What is Widget Text Icon's security score?

Widget Text Icon has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Widget Text Icon Security & Risk Analysis

wordpress.org/plugins/widget-text-icon

Basically it just a WordPress "Text Widget" but with additional icon font selector based on FontAwesome. The Icon will show just before widg …

50 active installs v0.3 PHP + WP 3.2+ Updated May 2, 2013

iconswidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Widget Text Icon Safe to Use in 2026?

Generally Safe

Score 85/100

Widget Text Icon has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The widget-text-icon plugin v0.3 exhibits a generally good security posture based on the static analysis. It demonstrates adherence to several security best practices, including a complete absence of dangerous functions, file operations, and external HTTP requests. Crucially, all SQL queries are prepared, and there are no identified taint flows with unsanitized paths. The plugin also has a clean vulnerability history with no recorded CVEs.

However, there are significant areas for improvement. The most concerning aspect is the extremely low percentage of properly escaped output (19%). This suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities, as user-supplied data could be rendered directly in the browser without adequate sanitization. Furthermore, the absence of nonce checks and the presence of only one capability check across the entire plugin's entry points (even though there are 0 entry points listed as unprotected) indicates a potential for privilege escalation or unauthorized actions if any new entry points are introduced or if the current structure is incomplete.

In conclusion, while the plugin avoids several common pitfalls, the severe under-escaperation of output is a critical weakness that significantly elevates its risk profile. The lack of robust authorization checks across potential entry points also represents a concern. The clean vulnerability history is a positive indicator, but it should not overshadow the immediate risks identified in the static analysis.

Key Concerns

Very low output escaping rate
Lack of nonce checks
Limited capability checks

Vulnerabilities

None known

Widget Text Icon Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Widget Text Icon Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

19% escaped21 total outputs

Attack Surface

Widget Text Icon Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actionwp_enqueue_scriptswidgets-text-icon.php:68

actionwidgets_initwidgets-text-icon.php:183

Maintenance & Trust

Widget Text Icon Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2

Last updatedMay 2, 2013

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings1

Active installs50

Alternatives

Widget Text Icon Alternatives

Social Icons Widget & Block – Social Media Icons & Share Buttons

social-icons-widget-by-wpzoom

Social media icons plugin for WordPress - Add 400+ social icons and share buttons. Gutenberg block, widget & Elementor support. GDPR compliant.

100K 3 CVEs

Social Media Share Buttons & Social Sharing Icons

ultimate-social-media-icons

Share buttons and pop up share icons for social media sharing

100K 11 CVEs

Lightweight Social Icons

lightweight-social-icons

Looking to add simple social icons to your widget areas? Choose the size and color of your icons, and then choose from 47 different social profiles.

30K No CVEs

Fuse Social Floating Sidebar

fuse-social-floating-sidebar

This plugin allows you to add social media floating sidebar icons connected with your social media profiles.

10K 2 CVEs

Meks Smart Social Widget

meks-smart-social-widget

Easily display more than 100 social icons inside your WordPress widget.

10K 4 CVEs

Developer Profile

Widget Text Icon Developer Profile

Arya

2 plugins · 70 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Widget Text Icon

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Version Parameters

/wp-content/plugins/widget-text-icon/widget-text-icon.php?ver=/wp-content/plugins/widget-text-icon/widget-text-icon.php

HTML / DOM Fingerprints

CSS Classes

widget-text-iconicon-textwidget-icon

Data Attributes

id="widget-text-icon"data-widget_id_base="widget-text-icon"

FAQ