WP Filter Posts – List Posts by Categories, Tags, Authors and dates Security & Risk Analysis
wordpress.org/plugins/wp-filter-postsGenerate shortcode to list posts based on ids, categories, authors, tags or dates.
Is WP Filter Posts – List Posts by Categories, Tags, Authors and dates Safe to Use in 2026?
Generally Safe
Score 85/100WP Filter Posts – List Posts by Categories, Tags, Authors and dates has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The wp-filter-posts v1.1 plugin exhibits a generally good security posture, with a notable absence of critical vulnerabilities in its static analysis and vulnerability history. The plugin demonstrates strong adherence to best practices by implementing prepared statements for a high percentage of its SQL queries and performing proper output escaping. Furthermore, the absence of file operations and external HTTP requests reduces potential attack vectors. The presence of nonce and capability checks, while not exhaustive across all entry points, is a positive sign. However, the analysis does highlight potential areas for improvement. With 3 AJAX handlers, the lack of explicit authentication checks on all of them, although reported as 0 unprotected in the static analysis, warrants careful scrutiny during runtime to ensure all AJAX endpoints are adequately secured against unauthorized access. The relatively high number of SQL queries (45) means that even a small percentage of improperly handled queries could introduce risks, though the 78% prepared statement usage is encouraging. The plugin's clean vulnerability history is a significant strength, suggesting a proactive approach to security or a lack of historical exploitable flaws.
Key Concerns
- No explicit auth checks on all AJAX handlers
- Output escaping not fully implemented on all outputs
- Capability checks present on only 1 of 4 entry points
WP Filter Posts – List Posts by Categories, Tags, Authors and dates Security Vulnerabilities
WP Filter Posts – List Posts by Categories, Tags, Authors and dates Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
WP Filter Posts – List Posts by Categories, Tags, Authors and dates Attack Surface
AJAX Handlers 3
Shortcodes 1
WordPress Hooks 5
Maintenance & Trust
WP Filter Posts – List Posts by Categories, Tags, Authors and dates Maintenance & Trust
Maintenance Signals
Community Trust
WP Filter Posts – List Posts by Categories, Tags, Authors and dates Alternatives
Simple Custom Post Order
simple-custom-post-order
Easily reorder posts, pages, custom post types, and taxonomies with intuitive drag-and-drop sorting in the WordPress admin.
Filter Everything — Product Filter & WordPress Filter
filter-everything
The most universal filters plugin for WordPress and WooCommerce products.
Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX
ultimate-post
A highly customizable plugin to create news, magazines, and any kind of blog site with post grid, post filter, post slider, and post blocks.
Post Grid
post-grid
Post Grid is a powerful WordPress plugin for creating customizable post grid layouts with advanced query options, allowing users to display posts dyna …
Advanced Post Block – Showcase Posts with Grid, List, Card Layouts and Filters
advanced-post-block
Advanced Post Block lets you add dynamic post grids, lists, sliders, and tickers. Filter content by category, tag, author, or custom post type.
WP Filter Posts – List Posts by Categories, Tags, Authors and dates Developer Profile
15 plugins · 142K total installs
How We Detect WP Filter Posts – List Posts by Categories, Tags, Authors and dates
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/wp-filter-posts/admin/style.css/wp-content/plugins/wp-filter-posts/admin/notice.js/wp-content/plugins/wp-filter-posts/admin/notice.jswp-filter-posts/admin/style.css?ver=wp-filter-posts/admin/notice.js?ver=HTML / DOM Fingerprints
[xyz_wpf_shortcode]