WP-Safety

The Awesome Photo Feed for Social Media Network Security & Risk Analysis

wordpress.org/plugins/wp-instagram-feed

Instagram Feed Display beautifully clean, customizable, and responsive feeds from Instagram accounts.

200 active installs v2.1.4 PHP + WP 4.0+ Updated May 30, 2022
custom-instagram-feedinstagram-feedinstagram-feed-for-wordpressinstagram-photosresponsive-instagram
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is The Awesome Photo Feed for Social Media Network Safe to Use in 2026?

Generally Safe

Score 85/100

The Awesome Photo Feed for Social Media Network has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The plugin "wp-instagram-feed" v2.1.4 exhibits a generally good security posture with no recorded vulnerabilities or known CVEs. The static analysis reveals a small attack surface, consisting of a single shortcode. Importantly, there are no unprotected entry points, and all SQL queries are properly prepared, which are excellent security practices. The absence of dangerous functions, file operations, and external HTTP requests further strengthens its security. However, a significant concern arises from the output escaping, where only 8% of outputs are properly escaped. This leaves a considerable portion of the plugin's output potentially vulnerable to cross-site scripting (XSS) attacks. Additionally, the taint analysis identified one flow with an unsanitized path, though it was not flagged as critical or high severity, it warrants attention as it could indicate a potential, albeit low-risk, information disclosure or manipulation vector. The lack of nonce checks and capability checks on any entry points, although there are no unprotected ones currently, suggests a potential for future vulnerabilities if new entry points are added or existing ones modified without proper security controls. In conclusion, while the plugin has a clean vulnerability history and good foundational security, the poor output escaping and the single unsanitized path represent notable weaknesses that should be addressed.

Key Concerns

  • Low percentage of properly escaped output
  • Taint flow with unsanitized path
  • Missing nonce checks
  • Missing capability checks
Vulnerabilities
None known

The Awesome Photo Feed for Social Media Network Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

The Awesome Photo Feed for Social Media Network Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
186
16 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

jQuery

Output Escaping

8% escaped202 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<ifba-support-process> (includes\ifba-support-process.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

The Awesome Photo Feed for Social Media Network Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[arrow_feed] includes\ifba-shortcode.php:2
WordPress Hooks 13
filtermanage_ifba_instagram_feed_posts_columnsincludes\ifba-custom-columns.php:1
actionmanage_ifba_instagram_feed_posts_custom_columnincludes\ifba-custom-columns.php:3
actionwp_enqueue_scriptsincludes\ifba-enqueue-scripts.php:1
actionadmin_enqueue_scriptsincludes\ifba-enqueue-scripts.php:1
actionadd_meta_boxesincludes\ifba-post-meta-boxes.php:1
actioninitincludes\ifba-post-type.php:3
actionadmin_menuincludes\ifba-post-type.php:3
actionadmin_menuincludes\ifba-post-type.php:4
actionadmin_menuincludes\ifba-post-type.php:5
actionedit_form_after_titleincludes\ifba-post-type.php:67
actionload-post-new.phpincludes\ifba-post-type.php:69
actionsave_postincludes\ifba-save-post.php:1
filterwidget_textincludes\ifba-shortcode.php:1
Maintenance & Trust

The Awesome Photo Feed for Social Media Network Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11
Last updatedMay 30, 2022
PHP min version
Downloads33K

Community Trust

Rating82/100
Number of ratings28
Active installs200
Alternatives

The Awesome Photo Feed for Social Media Network Alternatives

Smash Balloon Social Photo Feed – Easy Social Feeds Plugin

Smash Balloon Social Photo Feed – Easy Social Feeds Plugin

instagram-feed

A
98

Formerly "Instagram Feed". Display clean, customizable, and responsive Instagram feeds from multiple accounts. Supports Instagram oEmbeds.

1.0M 4 CVEs
WPZOOM Social Feed Widget & Block

WPZOOM Social Feed Widget & Block

instagram-widget-by-wpzoom

A
99

Instagram feed plugin for WordPress: Display your Instagram photos, videos & reels. Easy setup with Gutenberg block, widget, shortcode & Elementor

60K 1 CVE
Easy Social Feed – Social Photos Gallery and Post Feed for WordPress

Easy Social Feed – Social Photos Gallery and Post Feed for WordPress

easy-facebook-likebox

A
96

Display Instagram, Facebook & YouTube feeds with photos, videos, reels, events & galleries. Fast, responsive & easy to set up.

30K 10 CVEs
Widgets for Social Photo Feed

Widgets for Social Photo Feed

social-photo-feed-widget

B
78

Instagram Feed Widgets. Display your Instagram feed on your website to increase engagement, sales and SEO.

10K 1 unpatched
Intagrate Lite

Intagrate Lite

instagrate-to-wordpress

A
99

Automatically post your Instagram images to your WordPress site. Create new WordPress posts from your Instagram images, save the Instagram image to th &hellip;

4K 1 CVE
Developer Profile

The Awesome Photo Feed for Social Media Network Developer Profile

Arrow Plugins

5 plugins · 550 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect The Awesome Photo Feed for Social Media Network

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-instagram-feed/bower_components/codebird-js/codebird.js/wp-content/plugins/wp-instagram-feed/bower_components/doT/doT.min.js/wp-content/plugins/wp-instagram-feed/bower_components/jquery/dist/jquery.min.js/wp-content/plugins/wp-instagram-feed/bower_components/moment/min/moment.min.js/wp-content/plugins/wp-instagram-feed/css/jquery.socialfeed.css/wp-content/plugins/wp-instagram-feed/js/ifba-script.js/wp-content/plugins/wp-instagram-feed/js/jquery.socialfeed.js
Script Paths
/wp-content/plugins/wp-instagram-feed/bower_components/codebird-js/codebird.js/wp-content/plugins/wp-instagram-feed/bower_components/doT/doT.min.js/wp-content/plugins/wp-instagram-feed/bower_components/jquery/dist/jquery.min.js/wp-content/plugins/wp-instagram-feed/bower_components/moment/min/moment.min.js/wp-content/plugins/wp-instagram-feed/js/ifba-script.js/wp-content/plugins/wp-instagram-feed/js/jquery.socialfeed.js
Version Parameters
wp-instagram-feed/css/jquery.socialfeed.css?ver=1.0.0

HTML / DOM Fingerprints

CSS Classes
social-feed-container-social-feed-elementsocial-feed-textpull-leftpull-righttext-wrappercontentmedia-body+1 more
Data Attributes
_ifba_show_photos_from_ifba_number_of_photos_ifba_date_posted_ifba_profile_picture_ifba_caption_text_ifba_show_photos_only+8 more
Shortcode Output
[arrow_feed<style> .social-feed-container-
FAQ

Frequently Asked Questions about The Awesome Photo Feed for Social Media Network