Does Widgets for Twitter Feed have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Widgets for Twitter Feed compatible with WordPress 6.9.4?

According to WordPress.org data, Widgets for Twitter Feed 1.8 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Widgets for Twitter Feed compatible with PHP 7.0+?

Widgets for Twitter Feed requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Widgets for Twitter Feed updated?

Widgets for Twitter Feed was last updated on Mar 19, 2026. Frequent updates are generally a positive security signal.

What is Widgets for Twitter Feed's security score?

Widgets for Twitter Feed has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Widgets for Twitter Feed Security & Risk Analysis

wordpress.org/plugins/widgets-for-twitter-feed

Twitter Feed Widgets. Display your Twitter feed on your website to increase engagement, sales and SEO.

0 active installs v1.8 PHP 7.0+ WP 6.2+ Updated Mar 19, 2026

feedgallerypoststwitterwidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Widgets for Twitter Feed Safe to Use in 2026?

Generally Safe

Score 100/100

Widgets for Twitter Feed has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The "widgets-for-twitter-feed" plugin version 1.8 exhibits a generally strong security posture based on the provided static analysis. The absence of any identified dangerous functions, raw SQL queries, or unescaped output are particularly positive signs, indicating adherence to core WordPress security best practices. Furthermore, the plugin has a clean vulnerability history with zero recorded CVEs, which is a strong indicator of robust development and diligent maintenance over time. The presence of numerous nonce and capability checks also suggests an effort to secure its entry points, even though the static analysis shows zero unprotected entry points.

However, a significant concern arises from the taint analysis, which revealed two flows with unsanitized paths. While the severity was not classified as critical or high, unsanitized paths can still lead to vulnerabilities if user-supplied data is not properly validated or escaped before being used in file operations or other sensitive contexts. Although the static analysis did not identify any direct file operations, the presence of these unsanitized paths warrants careful review. The plugin also makes seven external HTTP requests, which, while not inherently a vulnerability, could be an attack vector if the target endpoints are compromised or if the data being sent is sensitive and not properly handled.

Key Concerns

Flows with unsanitized paths found
External HTTP requests (7)

Vulnerabilities

None known

Widgets for Twitter Feed Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Widgets for Twitter Feed Release Timeline

v1.8Current

v1.7.9

v1.7.8

v1.7.7

v1.7.6

v1.7.5

v1.6.7

Code Analysis

Analyzed Apr 16, 2026

Widgets for Twitter Feed Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

458 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped460 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

5 flows2 with unsanitized paths

<admin> (include/admin.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Widgets for Twitter Feed Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 27

filterrocket_minify_excluded_external_jsinclude/cache-plugin-filters.php:13

filterrocket_exclude_jsinclude/cache-plugin-filters.php:14

filterrocket_delay_js_exclusionsinclude/cache-plugin-filters.php:15

filterlitespeed_optimize_js_excludesinclude/cache-plugin-filters.php:16

filtersgo_javascript_combine_excluded_external_pathsinclude/cache-plugin-filters.php:17

filtersgo_css_combine_excludeinclude/cache-plugin-filters.php:18

filterrocket_rucss_safelistinclude/cache-plugin-filters.php:58

filterscript_loader_taginclude/cache-plugin-filters.php:63

filterstyle_loader_taginclude/cache-plugin-filters.php:78

actionwp_footertrustindex-feed-plugin.class.php:4832

actionadmin_footertrustindex-feed-plugin.class.php:4833

filterfilesystem_methodtrustindex-feed-plugin.class.php:4917

actionadmin_noticestrustindex-feed-plugin.class.php:4942

actionplugins_loadedwidgets-for-twitter-feed.php:34

actionadmin_menuwidgets-for-twitter-feed.php:35

filterplugin_action_linkswidgets-for-twitter-feed.php:36

filterplugin_row_metawidgets-for-twitter-feed.php:37

actioninitwidgets-for-twitter-feed.php:38

actionadmin_enqueue_scriptswidgets-for-twitter-feed.php:39

actioninitwidgets-for-twitter-feed.php:41

actioninitwidgets-for-twitter-feed.php:57

filterscript_loader_tagwidgets-for-twitter-feed.php:58

actionrest_api_initwidgets-for-twitter-feed.php:64

actionadmin_noticeswidgets-for-twitter-feed.php:105

actionelementor/widgets/widgets_registeredwidgets-for-twitter-feed.php:147

actionelementor/elements/categories_registeredwidgets-for-twitter-feed.php:151

actionwp_enqueue_scriptswidgets-for-twitter-feed.php:160

Maintenance & Trust

Widgets for Twitter Feed Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 19, 2026

PHP min version7.0

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Widgets for Twitter Feed Alternatives

Widgets for Social Post Feed

widgets-for-social-post-feed

100

Facebook Feed Widgets. Display your Facebook feed on your website to increase engagement, sales and SEO.

300 No CVEs

Widgets for Google Feed

widgets-for-google-feed

100

Google Feed Widgets. Display your Google feed on your website to increase engagement, sales and SEO.

0 No CVEs

Smash Balloon Social Photo Feed – Easy Social Feeds Plugin

instagram-feed

Formerly "Instagram Feed". Display clean, customizable, and responsive Instagram feeds from multiple accounts. Supports Instagram oEmbeds.

1.0M 4 CVEs

Custom Twitter Feeds – A Tweets Widget or X Feed Widget

custom-twitter-feeds

Display X posts (Twitter tweets) from any public user account in a clean, attractive looking feed that updates weekly.

100K 8 CVEs

Feeds for YouTube (YouTube video, channel, and gallery plugin)

feeds-for-youtube

The Feeds for YouTube plugin allows you to display customizable YouTube feeds from any YouTube channel.

100K 4 CVEs

Developer Profile

Widgets for Twitter Feed Developer Profile

Trustindex

34 plugins · 975K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

71 days

View full developer profile

Detection Fingerprints

How We Detect Widgets for Twitter Feed

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/widgets-for-twitter-feed/assets/css/frontend-notifictions.css/wp-content/plugins/widgets-for-twitter-feed/assets/js/frontend-notifictions.js

Version Parameters

widgets-for-twitter-feed/assets/css/frontend-notifictions.css?ver=widgets-for-twitter-feed/assets/js/frontend-notifictions.js?ver=

HTML / DOM Fingerprints

CSS Classes

trustindex-notification-rowtrustindex-star-rowti-close-notificationti-button-primaryti-remind-laterti-hide-notificationtrustindex-noticetrustindex-notice-dismiss

HTML Comments

Data Attributes

data-close-urldata-redirect-url

JS Globals

TRUSTINDEX_Feed_Twitter

REST Endpoints

/wp-json/widgets-for-twitter-feed/v1/get-token/wp-json/widgets-for-twitter-feed/v1/troubleshooting/wp-json/widgets-for-twitter-feed/v1/refresh-data

FAQ