WP-Safety

WP LinkedIn Auto Publish Security & Risk Analysis

wordpress.org/plugins/wp-linkedin-auto-publish

WP LinkedIn Auto Publish automatically publishes posts, custom posts and pages to your LinkedIn profile and/or company pages.

8K active installs v8.23 PHP + WP 3.0.1+ Updated Mar 31, 2026
auto-publishlinkedinlinkedin-companieslinkedin-companylinkedin-profile
100
A · Safe
CVEs total1
Unpatched0
Last CVEApr 22, 2024
Plugin page Download
Safety Verdict

Is WP LinkedIn Auto Publish Safe to Use in 2026?

Generally Safe

Score 100/100

WP LinkedIn Auto Publish has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Apr 22, 2024Updated 1mo ago
Risk Assessment

The wp-linkedin-auto-publish plugin version 8.22 exhibits a mixed security posture. While it demonstrates good practices such as using prepared statements for all SQL queries and a relatively low number of external HTTP requests, significant concerns arise from its attack surface and code quality signals. The presence of one AJAX handler without authentication checks, coupled with two taint flows with unsanitized paths, presents a notable risk of unauthorized access and potential code execution or data manipulation. The historical vulnerability data, though currently showing no unpatched issues, indicates a past medium-severity vulnerability, specifically related to missing authorization. This pattern, combined with the current lack of authorization on an AJAX endpoint, suggests a recurring weakness in secure input handling and access control within the plugin.

Despite the positive aspects like the absence of critical or high severity taint flows and a decent number of capability checks, the identified vulnerabilities and code signals point to areas requiring immediate attention. The high percentage of improperly escaped outputs also raises concerns about potential cross-site scripting (XSS) vulnerabilities, although these were not explicitly flagged as critical in the taint analysis. The overall risk is moderate, primarily driven by the direct entry point without authentication and the potential for exploit through unsanitized data flows, exacerbated by past authorization issues. Addressing the unprotected AJAX handler and improving output escaping are crucial steps towards enhancing the plugin's security.

Key Concerns

  • AJAX handler without auth check
  • Taint flows with unsanitized paths (2)
  • Output escaping (38% properly escaped)
  • Dangerous function (unserialize)
  • Total known CVEs (1 medium)
Vulnerabilities
1 published

WP LinkedIn Auto Publish Security Vulnerabilities

CVEs by Year

1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2024-32797medium · 4.3Missing Authorization

WP LinkedIn Auto Publish <= 8.11 - Missing Authorization

Apr 22, 2024 Patched in 8.12 (8d)
Version History

WP LinkedIn Auto Publish Release Timeline

v8.23Current
v8.22
v8.21
v8.20
v8.19
v8.18
v8.17
v8.16
v8.15
v8.14
v8.13
v8.12
v8.101 CVE
CVE-2024-32797
v8.91 CVE
CVE-2024-32797
v8.81 CVE
CVE-2024-32797
v8.71 CVE
CVE-2024-32797
v8.61 CVE
CVE-2024-32797
v8.41 CVE
CVE-2024-32797
v8.31 CVE
CVE-2024-32797
v8.21 CVE
CVE-2024-32797
Code Analysis
Analyzed Mar 16, 2026

WP LinkedIn Auto Publish Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
45
28 escaped
Nonce Checks
2
Capability Checks
8
File Operations
2
External Requests
11
Bundled Libraries
0

Dangerous Functions Found

unserialize$returned_object = unserialize(wp_remote_retrieve_body($response));inc\nbw.php:174

Output Escaping

38% escaped73 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths
wp_linkedin_autopublish_post_to_linkedin_instantly (wp-linkedin-auto-publish.php:1088)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

WP LinkedIn Auto Publish Attack Surface

Entry Points6
Unprotected1

AJAX Handlers 6

authwp_ajax_save_linkedin_access_tokenwp-linkedin-auto-publish.php:238
authwp_ajax_post_to_linkedinwp-linkedin-auto-publish.php:1107
authwp_ajax_dismiss_welcome_messagewp-linkedin-auto-publish.php:1489
authwp_ajax_update_linkedin_post_metawp-linkedin-auto-publish.php:1691
authwp_ajax_delete_all_linkedin_settingswp-linkedin-auto-publish.php:1759
authwp_ajax_update_dont_sharewp-linkedin-auto-publish.php:1783
WordPress Hooks 16
actionadmin_menuwp-linkedin-auto-publish.php:35
actionadmin_initwp-linkedin-auto-publish.php:36
filterplugin_row_metawp-linkedin-auto-publish.php:76
actionadmin_enqueue_scriptswp-linkedin-auto-publish.php:143
actionadd_meta_boxeswp-linkedin-auto-publish.php:509
actionsave_postwp-linkedin-auto-publish.php:660
actiontransition_post_statuswp-linkedin-auto-publish.php:724
actionsave_postwp-linkedin-auto-publish.php:1130
actionpublish_to_publishwp-linkedin-auto-publish.php:1141
actionadmin_noticeswp-linkedin-auto-publish.php:1202
filtermanage_posts_columnswp-linkedin-auto-publish.php:1251
filtermanage_page_posts_columnswp-linkedin-auto-publish.php:1253
actionmanage_posts_custom_columnwp-linkedin-auto-publish.php:1292
actionmanage_page_posts_custom_columnwp-linkedin-auto-publish.php:1295
actionplugins_loadedwp-linkedin-auto-publish.php:1303
actionadmin_noticeswp-linkedin-auto-publish.php:1733
Maintenance & Trust

WP LinkedIn Auto Publish Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 31, 2026
PHP min version
Downloads334K

Community Trust

Rating96/100
Number of ratings101
Active installs8K
Alternatives

WP LinkedIn Auto Publish Alternatives

Social Media Auto Publish

Social Media Auto Publish

social-media-auto-publish

A
99

Publish posts automatically to social media networks like Facebook, Twitter, Instagram, Tumblr, LinkedIn, Threads and Telegram.

7K 1 CVE
WP to LinkedIn Auto Publish

WP to LinkedIn Auto Publish

linkedin-auto-publish

A
99

Publish posts automatically to LinkedIn.

1K 1 CVE
XT Feed for LinkedIn

XT Feed for LinkedIn

xt-feed-for-linkedin

A
100

XT Feed for LinkedIn auto-shares WordPress posts to LinkedIn with one click, making content distribution easy and boosting your reach effortlessly.

10 No CVEs
OG — Better Share on Social Media

OG — Better Share on Social Media

og

A
100

The simple method to add Open Graph metadata to your entries so that they look great when shared on sites.

30K No CVEs
Social Media Widget

Social Media Widget

social-media-widget

A
87

Adds links to all of your social media and sharing site profiles. Tons of icons come in 3 sizes, 4 icon styles, and 4 animations.

30K 3 CVEs
Developer Profile

WP LinkedIn Auto Publish Developer Profile

Northern Beaches Websites

6 plugins · 50K total installs

82
trust score
Avg Security Score
91/100
Avg Patch Time
69 days
View full developer profile
Detection Fingerprints

How We Detect WP LinkedIn Auto Publish

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-linkedin-auto-publish/inc/poststyle.css/wp-content/plugins/wp-linkedin-auto-publish/inc/external/font-awesome.min.css/wp-content/plugins/wp-linkedin-auto-publish/inc/adminstyle.css
Script Paths
/wp-content/plugins/wp-linkedin-auto-publish/inc/postscript.js/wp-content/plugins/wp-linkedin-auto-publish/inc/adminscript.js
Version Parameters
wp-linkedin-auto-publish/inc/postscript.js?ver=wp-linkedin-auto-publish/inc/poststyle.css?ver=wp-linkedin-auto-publish/inc/adminscript.js?ver=wp-linkedin-auto-publish/inc/adminstyle.css?ver=

HTML / DOM Fingerprints

CSS Classes
wp_linkedin_autopublish_settings
Data Attributes
data-wp-feedgen-target
JS Globals
wp_linkedin_autopublish_settings_page
FAQ

Frequently Asked Questions about WP LinkedIn Auto Publish