Does WP Gist Embed have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Gist Embed have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Gist Embed compatible with WordPress 4.8.28?

According to WordPress.org data, WP Gist Embed 0.2 has been tested up to WordPress 4.8.28. Check the plugin's changelog for the latest compatibility information.

How often is WP Gist Embed updated?

WP Gist Embed was last updated on Jun 19, 2017. Frequent updates are generally a positive security signal.

What is WP Gist Embed's security score?

WP Gist Embed has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Gist Embed Security & Risk Analysis

wordpress.org/plugins/wp-gist-embed

This plugin provides Gist embedding via shortcode as well as adding Gist embed buttons to the visual and text editors.

10 active installs v0.2 PHP + WP 3.0.1+ Updated Jun 19, 2017

gistgithubshortcode

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Gist Embed Safe to Use in 2026?

Generally Safe

Score 85/100

WP Gist Embed has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The wp-gist-embed plugin version 0.2 exhibits a strong security posture based on the provided static analysis and vulnerability history. The code demonstrates good practices with all identified SQL queries utilizing prepared statements and all outputs being properly escaped. Furthermore, there are no recorded vulnerabilities (CVEs) for this plugin, indicating a history of stability and diligent security maintenance by the developers. The plugin's attack surface is minimal, consisting solely of a single shortcode, and importantly, it lacks any unprotected entry points. The analysis also shows a complete absence of critical or high severity taint flows, dangerous functions, file operations, and external HTTP requests, which further reinforces its secure design.

Vulnerabilities

None known

WP Gist Embed Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

WP Gist Embed Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

WP Gist Embed Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[gist] embed-gist.php:74

WordPress Hooks 5

actionadmin_initembed-gist.php:30

filtermce_buttonsembed-gist.php:34

filtermce_external_pluginsembed-gist.php:35

actionadmin_print_scriptsembed-gist.php:55

filterplugin_row_metaembed-gist.php:87

Maintenance & Trust

WP Gist Embed Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28

Last updatedJun 19, 2017

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

WP Gist Embed Alternatives

DobsonDev Shortcodes

dobsondev-shortcodes

Add a collection of helpful shortcodes to your site.

100 1 unpatched

Gist for Robots WordPress Plugin

gist-for-robots-wordpress

Makes embedding Github.com gists SEO friendly and super awesomely easy.

10 No CVEs

GitHub Gist WordPress Plugin

github-gist

GitHub Gist Wordpress Plugin allows you to embed GitHub Gist snippets with a [gist] tag, instead of copying and pasting HTML.

10 No CVEs

WP GoToWebinar

wp-gotowebinar

WP GoToWebinar displays a listing or calendar of upcoming webinars using a shortcode or widget which can link to a registration form on your website.

700 5 CVEs

Gist GitHub Shortcode

gist-github-shortcode

Adds Github Gists in your posts via shortcode

200 No CVEs

Developer Profile

WP Gist Embed Developer Profile

James Robinson

2 plugins · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Gist Embed

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-gist-embed/mce-gist.js/wp-content/plugins/wp-gist-embed/quicktags-gist.js

Script Paths

mce-gist.jsquicktags-gist.js

HTML / DOM Fingerprints

CSS Classes

gist

Shortcode Output

<script src="

FAQ