Does WP Truncate Content have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Truncate Content have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Truncate Content compatible with WordPress 3.9.40?

According to WordPress.org data, WP Truncate Content 1.0 has been tested up to WordPress 3.9.40. Check the plugin's changelog for the latest compatibility information.

How often is WP Truncate Content updated?

WP Truncate Content was last updated on Jun 14, 2014. Frequent updates are generally a positive security signal.

What is WP Truncate Content's security score?

WP Truncate Content has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Truncate Content Security & Risk Analysis

wordpress.org/plugins/wp-truncate-content

A plugin that truncate and hide longer content but retains its html for search engine optimization. Good for longer content post and pages that wanted …

10 active installs v1.0 PHP + WP 3.8+ Updated Jun 14, 2014

content-hiddenhide-contentpartially-display-contenttruncate-contentvisible-content

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Truncate Content Safe to Use in 2026?

Generally Safe

Score 85/100

WP Truncate Content has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The wp-truncate-content plugin v1.0, based on this static analysis, exhibits a generally good security posture in several key areas. The absence of direct SQL queries (all are prepared), file operations, and external HTTP requests, along with no recorded vulnerabilities, suggests a developer who is mindful of common security pitfalls. The limited attack surface, consisting solely of one shortcode and no unprotected AJAX handlers or REST API routes, is also a positive indicator. However, a significant concern arises from the output escaping. With only 17% of outputs properly escaped, there is a substantial risk of Cross-Site Scripting (XSS) vulnerabilities, especially if user-supplied data is processed and rendered without adequate sanitization. The lack of nonce checks is another potential area of weakness, although its impact is mitigated by the absence of unprotected AJAX or REST API endpoints. The two capability checks, while present, should be thoroughly reviewed to ensure they are robust and correctly implemented.

Key Concerns

Low output escaping rate (17%)
No nonce checks present

Vulnerabilities

None known

WP Truncate Content Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP Truncate Content Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

17% escaped6 total outputs

Attack Surface

WP Truncate Content Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[truncate_content] class\wp-truncate-class.php:33

WordPress Hooks 6

actionadmin_initclass\shortcode-gen.php:15

filtermce_external_pluginsclass\shortcode-gen.php:30

filtermce_buttonsclass\shortcode-gen.php:31

actionwp_enqueue_scriptsclass\wp-truncate-class.php:36

actionwp_footerclass\wp-truncate-class.php:37

actionadmin_enqueue_scriptsclass\wp-truncate-class.php:39

Maintenance & Trust

WP Truncate Content Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40

Last updatedJun 14, 2014

PHP min version

Downloads2K

Community Trust

Rating80/100

Number of ratings2

Active installs10

Alternatives

WP Truncate Content Alternatives

Show-Hide / Collapse-Expand

show-hidecollapse-expand

Save space on your pages, posts, sidebars. Hide the content before user clicks to see it. Collapse long lists, create FAQs & more.

10K 2 CVEs

Anonymous Restricted Content

anonymous-restricted-content

Simple but yet effective plugin to hide selected posts and pages from anonymous users.

1K 2 CVEs

Responsive Block Control – Hide blocks based on display width

responsive-block-control

Responsive Block Control adds responsive toggles to a "Visibility" panel of the block editor, to show or hide blocks according to screen width.

1K 1 CVE

Restrict for Elementor

restrict-for-elementor

Show or hide Elementor sections, columns and widgets with ease using many different criteria

1K 1 CVE

Visibility Control for LearnDash

visibility-control-for-learndash

100

Visibility Control for LearnDash helps you hide messages and content for specific criterion anywhere on your WordPress page.

1K No CVEs

Developer Profile

WP Truncate Content Developer Profile

crea8xion

2 plugins · 210 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Truncate Content

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-truncate-content/assets/css/admin.css

Script Paths

/wp-content/plugins/wp-truncate-content/assets/js/readmore.min.js

Version Parameters

wp-truncate-content/assets/js/readmore.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

hide_content

Data Attributes

data-readmore-expanddata-readmore-text

JS Globals

jQuery$

Shortcode Output

<div id="hide_content"

FAQ