Does HT Politic – For Political WordPress Themes / Website have any unpatched vulnerabilities?

No. All known vulnerabilities in HT Politic – For Political WordPress Themes / Website have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is HT Politic – For Political WordPress Themes / Website compatible with WordPress 6.9.4?

According to WordPress.org data, HT Politic – For Political WordPress Themes / Website 2.4.8 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

What is HT Politic – For Political WordPress Themes / Website's security score?

HT Politic – For Political WordPress Themes / Website has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

HT Politic – For Political WordPress Themes / Website Security & Risk Analysis

wordpress.org/plugins/wp-politic

HT Politic is a Political WordPress Plugin.

300 active installs v2.4.8 PHP + WP 5.0+ Updated Dec 4, 2025

advisorcampaigncandidateeventpolitical

A · Safe

CVEs total2

Unpatched0

Last CVENov 1, 2024

Plugin page Download

Safety Verdict

Is HT Politic – For Political WordPress Themes / Website Safe to Use in 2026?

Generally Safe

Score 99/100

HT Politic – For Political WordPress Themes / Website has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Nov 1, 2024Updated 4mo ago

Risk Assessment

The "wp-politic" v2.4.8 plugin exhibits a generally strong security posture based on the static analysis, with no identified dangerous functions, raw SQL queries, or insecure file operations. The extensive output escaping (86%) and robust implementation of nonce and capability checks on its entry points (AJAX handlers) are commendable practices that significantly reduce the likelihood of common web vulnerabilities. The absence of REST API routes and shortcodes further limits the potential attack surface.

However, the plugin's vulnerability history presents a significant concern. With two previously disclosed medium-severity vulnerabilities, one being a Cross-Site Scripting (XSS) and the other a Cross-Site Request Forgery (CSRF), there is a clear pattern of past security weaknesses. Although these vulnerabilities are reported as currently unpatched, the fact that there are no *currently* unpatched CVEs suggests that at least some historical issues have been addressed. This history, coupled with the complete absence of taint analysis results (which may indicate a lack of thorough dynamic testing or reporting scope), warrants caution. Users should remain vigilant and ensure they are running the latest available version, as past patterns can sometimes recur.

In conclusion, while the current static analysis of version 2.4.8 reveals good coding practices and a limited attack surface, the historical vulnerability data necessitates a degree of caution. The plugin demonstrates strengths in code sanitization and input validation for its direct entry points but has a track record that suggests a need for continued monitoring and prompt updates.

Key Concerns

Two historical medium severity CVEs

Vulnerabilities

HT Politic – For Political WordPress Themes / Website Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2024-51673medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

HT Politic <= 2.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Nov 1, 2024 Patched in 2.4.5 (6d)

CVE-2023-0504medium · 4.3Cross-Site Request Forgery (CSRF)

HT Politic <= 2.3.7 - Cross-Site Request Forgery leading to Arbitrary Plugin Activation

Feb 28, 2023 Patched in 2.3.8 (329d)

Code Analysis

Analyzed Mar 16, 2026

HT Politic – For Political WordPress Themes / Website Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

104

656 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

86% escaped760 total outputs

Attack Surface

HT Politic – For Political WordPress Themes / Website Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_myfilterinit.php:143

noprivwp_ajax_myfilterinit.php:144

WordPress Hooks 38

actionadmin_menuadmin\admin-init.php:17

actionpre_get_postsadmin\admin-init.php:43

actionadmin_enqueue_scriptsadmin\class.settings-api.php:30

filterregister_post_type_argsadmin\init.php:106

actioninitadmin\init.php:110

actionadmin_initadmin\plugin-options.php:18

actionadmin_menuadmin\plugin-options.php:19

actioninitadmin\plugin-options.php:21

actionadmin_menuadmin\Recommended_Plugins.php:78

actionadmin_enqueue_scriptsadmin\Recommended_Plugins.php:79

filtercmb2_initadmin\wppolitic_custom-metabox.php:5

actioninitadmin\wppolitic_custom-post-type.php:368

actionelementor/initincludes\helper-function.php:21

actionelementor/widgets/registerinit.php:13

actionelementor/widgets/widgets_registeredinit.php:15

actionwp_enqueue_scriptsinit.php:82

actioninitinit.php:131

actioninitinit.php:188

filtersingle_templatewppolitic.php:27

filterarchive_templatewppolitic.php:42

filtersingle_templatewppolitic.php:58

filtersingle_templatewppolitic.php:73

filtersingle_templatewppolitic.php:89

filtersingle_templatewppolitic.php:104

actionadmin_initwppolitic.php:168

actionadmin_initwppolitic.php:195

filterviews_edit-wpcampaignwppolitic.php:256

actionwpcampaign_cat_pre_add_formwppolitic.php:257

filterviews_edit-wppolitic_gallerywppolitic.php:315

actionwppolitic_gallery_cat_pre_add_formwppolitic.php:316

filterviews_edit-wppolitic_teamwppolitic.php:375

actionwppolitic_team_cat_pre_add_formwppolitic.php:376

actionwsa_form_bottom_wppolitic_pro_themeswppolitic.php:378

filterviews_edit-wppolitic_portfoliowppolitic.php:437

actionwppolitic_portfolio_cat_pre_add_formwppolitic.php:438

filterviews_edit-wppolitic_missionwppolitic.php:498

actionwppolitic_mission_cat_pre_add_formwppolitic.php:499

actionwsa_form_bottom_wppolitic_pro_themeswppolitic.php:501

Maintenance & Trust

HT Politic – For Political WordPress Themes / Website Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 4, 2025

PHP min version

Downloads19K

Community Trust

Rating20/100

Number of ratings1

Active installs300

Alternatives

HT Politic – For Political WordPress Themes / Website Alternatives

The Events Calendar

the-events-calendar

The Events Calendar: #1 calendar plugin for WordPress. Create/manage events (virtual too!) on your site with the free plugin.

700K 25 CVEs

Simple History – Track, Log, and Audit WordPress Changes

simple-history

Track changes and user activities on your WordPress site. See who created a page, uploaded an attachment, and more, for a complete audit trail.

300K 4 CVEs

WP Activity Log

wp-security-audit-log

The #1 user-rated activity log plugin for event logging, activity monitoring and change tracking.

300K 11 CVEs

LatePoint – Calendar Booking Plugin for Appointments and Events

latepoint

Optimize your appointment scheduling with our plugin. Sync calendars, automate reminders, and keep your bookings organized.

100K 2 unpatched

WP Content Copy Protection & No Right Click

wp-content-copy-protector

This WP plugin protects posts from being copied (content copy protection). Keep your content safe from unauthorized distribution!

100K 4 CVEs

Developer Profile

HT Politic – For Political WordPress Themes / Website Developer Profile

DevItems

13 plugins · 179K total installs

trust score

Avg Security Score

94/100

Avg Patch Time

93 days

View full developer profile

Detection Fingerprints

How We Detect HT Politic – For Political WordPress Themes / Website

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-politic/assets/css/frontend.css/wp-content/plugins/wp-politic/assets/css/slick.css/wp-content/plugins/wp-politic/assets/css/slick-theme.css/wp-content/plugins/wp-politic/assets/css/magnific-popup.css/wp-content/plugins/wp-politic/assets/css/responsive.css/wp-content/plugins/wp-politic/assets/js/jquery.js/wp-content/plugins/wp-politic/assets/js/slick.js/wp-content/plugins/wp-politic/assets/js/magnific-popup.js+1 more

Script Paths

/wp-content/plugins/wp-politic/assets/js/jquery.js/wp-content/plugins/wp-politic/assets/js/slick.js/wp-content/plugins/wp-politic/assets/js/magnific-popup.js/wp-content/plugins/wp-politic/assets/js/custom.js

Version Parameters

wp-politic/assets/css/frontend.css?ver=wp-politic/assets/css/slick.css?ver=wp-politic/assets/css/slick-theme.css?ver=wp-politic/assets/css/magnific-popup.css?ver=wp-politic/assets/css/responsive.css?ver=wp-politic/assets/js/jquery.js?ver=wp-politic/assets/js/slick.js?ver=wp-politic/assets/js/magnific-popup.js?ver=wp-politic/assets/js/custom.js?ver=

HTML / DOM Fingerprints

CSS Classes

wppolitic-sliderwppolitic-single-campaignwppolitic-donation-sectionwppolitic-team-memberwppolitic-portfolio-itemwppolitic-mission-contentwppolitic-gallery-itemwppolitic-admin-notice

HTML Comments

+10 more

Data Attributes

data-wppolitic-slider-iddata-wppolitic-item-iddata-campaign-iddata-team-iddata-portfolio-iddata-mission-id+1 more

JS Globals

wppolitic_frontend_paramswppolitic_slider_optionswppolitic_magnific_popup_options

REST Endpoints

/wp-json/wppolitic/v1/campaigns/wp-json/wppolitic/v1/teams/wp-json/wppolitic/v1/portfolios/wp-json/wppolitic/v1/missions/wp-json/wppolitic/v1/galleries

Shortcode Output

[wppolitic_slider[wppolitic_campaign_single[wppolitic_donation_section[wppolitic_team

FAQ