WP-Safety

Wp Social Feeds Security & Risk Analysis

wordpress.org/plugins/wp-social-feeds

Social feeds generator for youtube

0 active installs v2.0.0 PHP + WP 3.0.1+ Updated Jan 17, 2020
feedleaddevssocial-feedsyoutube
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Wp Social Feeds Safe to Use in 2026?

Generally Safe

Score 85/100

Wp Social Feeds has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

The wp-social-feeds v2.0.0 plugin exhibits a generally good security posture in several key areas, with a notable absence of known historical vulnerabilities and a commitment to using prepared statements for all SQL queries. The code analysis indicates a relatively small attack surface with no identified vulnerabilities in REST API routes or cron events. However, the significant concern lies in the output escaping, where 41% of outputs are not properly escaped, potentially leading to Cross-Site Scripting (XSS) vulnerabilities if malicious data is introduced through the plugin's functionality. Furthermore, while taint analysis shows a low number of flows with a high severity, the presence of one flow with an unsanitized path warrants attention as it could indicate a pathway for unexpected data manipulation. The plugin's lack of explicit capability checks on its entry points, particularly its AJAX handlers, is a weakness that could be exploited if an attacker can bypass other security measures.

Key Concerns

  • Poor output escaping
  • Unsanitized path in taint flow
  • Missing capability checks on AJAX
Vulnerabilities
None known

Wp Social Feeds Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Wp Social Feeds Release Timeline

No version history available.
Code Analysis
Analyzed Mar 17, 2026

Wp Social Feeds Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
30
43 escaped
Nonce Checks
4
Capability Checks
0
File Operations
0
External Requests
4
Bundled Libraries
0

Output Escaping

59% escaped73 total outputs
Data Flows · Security
1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths
sfwp_social_feeds_generate_feed (wp-social-feeds.php:115)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Wp Social Feeds Attack Surface

Entry Points6
Unprotected0

AJAX Handlers 5

authwp_ajax_sfwp_get_feed_merchant_viewwp-social-feeds.php:159
authwp_ajax_sfwp_youtube_load_more_feedswp-social-feeds.php:346
noprivwp_ajax_sfwp_youtube_load_more_feedswp-social-feeds.php:347
authwp_ajax_sfwp_youtube_manage_feedwp-social-feeds.php:481
authwp_ajax_sfwp_youtube_generate_codewp-social-feeds.php:513

Shortcodes 1

[youtube-feeds] wp-social-feeds.php:185
WordPress Hooks 7
actionplugins_loadedsrc\includes\Wp_Social_Feeds.php:150
actionadmin_enqueue_scriptssrc\includes\Wp_Social_Feeds.php:165
actionadmin_enqueue_scriptssrc\includes\Wp_Social_Feeds.php:166
actionadmin_menusrc\includes\Wp_Social_Feeds.php:167
actionwp_enqueue_scriptssrc\includes\Wp_Social_Feeds.php:182
actionwp_enqueue_scriptssrc\includes\Wp_Social_Feeds.php:183
actionwp_footerwp-social-feeds.php:462
Maintenance & Trust

Wp Social Feeds Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21
Last updatedJan 17, 2020
PHP min version
Downloads959

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

Wp Social Feeds Alternatives

EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more

EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more

embedpress

A
94

EmbedPress lets you embed videos, pages, social feeds, embed PDF 3D flipbooks & other content on WordPress without coding & enhance storytelling.

100K 27 CVEs
SocialFeeds

SocialFeeds

socialfeeds

A
100

YouTube feeds for WordPress with simple Setup and Settings options.

10K No CVEs
Feeds for YouTube (YouTube video, channel, and gallery plugin)

Feeds for YouTube (YouTube video, channel, and gallery plugin)

feeds-for-youtube

A
96

The Feeds for YouTube plugin allows you to display customizable YouTube feeds from any YouTube channel.

100K 4 CVEs
WP Social Ninja – Embed Social Feeds, User Reviews & Chat Widgets

WP Social Ninja – Embed Social Feeds, User Reviews & Chat Widgets

wp-social-reviews

A
96

Add Facebook feeds, Instagram feeds, TikTok feeds, Facebook reviews, WhatsApp Chat, Messenger chat, Testimonial, and others using a single dashboard.

30K 3 CVEs
Social Slider Feed

Social Slider Feed

instagram-slider-widget

A
88

Display Instagram, Facebook and YouTube feeds in widgets, posts, pages, or anywhere else on your website.

20K 11 CVEs
Developer Profile

Wp Social Feeds Developer Profile

Najmul

2 plugins · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Wp Social Feeds

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-social-feeds/src/assets/css/main.css/wp-content/plugins/wp-social-feeds/src/assets/js/main.js/wp-content/plugins/wp-social-feeds/src/admin/js/sfwp-social-feeds-admin.js
Version Parameters
wp-social-feeds/src/assets/css/main.css?ver=wp-social-feeds/src/assets/js/main.js?ver=wp-social-feeds/src/admin/js/sfwp-social-feeds-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
sfwp-youtube-feed-containersfwp-youtube-feed-itemsfwp-youtube-feed-headersfwp-youtube-feed-video
HTML Comments
<!-- Manage feed setting page display --><!-- ************************************************************************************************** --><!-- Feeds templating --><!-- -->+13 more
Data Attributes
data-sfwp-merchantdata-sfwp-merchant-id
JS Globals
sfwp_ajax_object
REST Endpoints
/wp-json/sfwp/v1/get-feeds/wp-json/sfwp/v1/get-playlist
Shortcode Output
[youtube-feeds]
FAQ

Frequently Asked Questions about Wp Social Feeds