Does WP Bitbucket have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Bitbucket have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Bitbucket compatible with WordPress 3.5.2?

According to WordPress.org data, WP Bitbucket 0.2.1 has been tested up to WordPress 3.5.2. Check the plugin's changelog for the latest compatibility information.

How often is WP Bitbucket updated?

WP Bitbucket was last updated on Jul 22, 2013. Frequent updates are generally a positive security signal.

What is WP Bitbucket's security score?

WP Bitbucket has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Bitbucket Security & Risk Analysis

wordpress.org/plugins/wp-bitbucket

Use shortcodes to embed blocks from a bitbucket project page.

10 active installs v0.2.1 PHP + WP 3.5+ Updated Jul 22, 2013

bitbucketshortcode

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Bitbucket Safe to Use in 2026?

Generally Safe

Score 85/100

WP Bitbucket has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The wp-bitbucket plugin v0.2.1 exhibits a generally strong security posture based on the provided static analysis. The absence of dangerous functions, proper use of prepared statements for SQL queries, and 100% output escaping indicate good coding practices in these critical areas. Furthermore, the plugin has no recorded vulnerabilities, which suggests a history of secure development or diligent patching by its maintainers.

However, there are areas for improvement. The plugin has one entry point (a shortcode) without any explicit capability checks or nonce verification. While the static analysis didn't find any taint flows indicating immediate exploitability, this lack of authentication on the shortcode presents a potential attack vector. Any data processed or displayed by this shortcode, if not handled internally with strict validation, could be manipulated by unauthenticated users.

In conclusion, the plugin demonstrates a good foundation in secure coding. The absence of past vulnerabilities is a positive sign. The primary concern is the unprotected shortcode entry point. Addressing this by implementing appropriate capability checks and nonce verification would significantly enhance the plugin's overall security and mitigate potential risks.

Key Concerns

Shortcode without capability checks
Shortcode without nonce checks

Vulnerabilities

None known

WP Bitbucket Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

WP Bitbucket Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

WP Bitbucket Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[wp-bitbucket] wp-bitbucket.php:96

WordPress Hooks 3

actioninitwp-bitbucket.php:89

actionplugins_loadedwp-bitbucket.php:91

actioninitwp-bitbucket.php:94

Maintenance & Trust

WP Bitbucket Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2

Last updatedJul 22, 2013

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

WP Bitbucket Alternatives

WP Shortcodes Plugin — Shortcodes Ultimate

shortcodes-ultimate

A comprehensive collection of visual components for your site

400K 35 CVEs

MW WP Form

mw-wp-form

MW WP Form is shortcode base contact form plugin. This plugin have many features. For example you can use many validation rules, inquiry data saving, …

200K 6 CVEs

Shortcoder — Create Shortcodes for Anything

shortcoder

Create custom "Shortcodes" easily for HTML, JavaScript, CSS code snippets and use the shortcodes within posts, pages & widgets

100K 2 CVEs

Display Posts – Easy lists, grids, navigation, and more

display-posts-shortcode

Add a listing of content on your website using a simple shortcode. Filter the results by category, author, and more.

80K No CVEs

WP Show Posts

wp-show-posts

Add posts to your website from any post type using a simple shortcode.

70K 3 CVEs

Developer Profile

WP Bitbucket Developer Profile

grosbouff

16 plugins · 380 total installs

trust score

Avg Security Score

88/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Bitbucket

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-bitbucket/_inc/css/newsfeed.css

Version Parameters

wp-bitbucket-newsfeed

HTML / DOM Fingerprints

CSS Classes

wp-bitbucket

Shortcode Output

[wp-bitbucket user="" project="" section=""]

FAQ