Does WP Tweet have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Tweet have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Tweet compatible with WordPress 3.1.4?

According to WordPress.org data, WP Tweet 0.1-RC1 has been tested up to WordPress 3.1.4. Check the plugin's changelog for the latest compatibility information.

How often is WP Tweet updated?

WP Tweet was last updated on Unknown. Frequent updates are generally a positive security signal.

What is WP Tweet's security score?

WP Tweet has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Tweet Security & Risk Analysis

wordpress.org/plugins/wp-tweet

Adds the official Tweet Button from Twitter.

10 active installs v0.1-RC1 PHP + WP 3.0+ Updated Unknown

buttonretweettweettweet-buttontwitter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Tweet Safe to Use in 2026?

Generally Safe

Score 100/100

WP Tweet has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The 'wp-tweet' v0.1-RC1 plugin exhibits a strong security posture based on the provided static analysis. The absence of dangerous functions, SQL queries, file operations, external HTTP requests, and a zero-volume of taint flows with unsanitized paths are all positive indicators. Furthermore, the plugin appears to handle its limited output correctly, with a majority of outputs being properly escaped, which mitigates risks related to Cross-Site Scripting (XSS).

However, the analysis reveals a significant concern: a complete lack of nonce checks and capability checks across all entry points. While the current attack surface appears minimal with zero identified entry points, this absence of authorization and security tokens is a critical weakness. Should any new entry points be introduced or discovered in the future, they would be inherently unprotected, leaving the plugin vulnerable to various attacks.

The vulnerability history is also reassuring, with no recorded CVEs, suggesting a history of secure development or a lack of targeted exploitation. In conclusion, the plugin's code is generally clean and well-written, but the fundamental lack of nonce and capability checks is a substantial risk that requires immediate attention to ensure robust security.

Key Concerns

Missing nonce checks
Missing capability checks
Unescaped output detected

Vulnerabilities

None known

WP Tweet Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP Tweet Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

60% escaped5 total outputs

Attack Surface

WP Tweet Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actionadmin_initwp-tweet.php:37

actionthe_contentwp-tweet.php:40

actionadmin_menuwp-tweet.php:43

Maintenance & Trust

WP Tweet Maintenance & Trust

Maintenance Signals

WordPress version tested3.1.4

Last updatedUnknown

PHP min version

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

WP Tweet Alternatives

TweetMeme Button

tweetmeme-button

The TweetMeme Retweet button is the defacto standard in retweeting - used by some of the biggest websites in the world including Techcrunch.

30 No CVEs

TweetButton

tweetbutton-for-wordpress

Easily allows your blog post or page to be retweeted. Currently being used by SocialBrite and other members of the social media community.

20 No CVEs

Personal Tweet Me Button

personal-tweet-me

Adds the official tweet button, to your site as a sidebar widget. You can use a twitter account for the entire site, or use personal accounts per auth …

10 No CVEs

Quotable Tweets by DraftPress

quotable-tweets

The Quotable Tweets plugin gives you an easy way to add a beautiful actionable tweet link to your sidebar.

10 No CVEs

rsh-Tweet

rsh-tweet-button

Adds the official Tweet Button from Twitter.com.

10 No CVEs

Developer Profile

WP Tweet Developer Profile

Pete Mall

2 plugins · 20 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Tweet

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Script Paths

http://platform.twitter.com/widgets.js

HTML / DOM Fingerprints

CSS Classes

wp-tweet

Data Attributes

data-countdata-textdata-langdata-viadata-relateddata-related-desc

FAQ

WP Tweet Security & Risk Analysis

Is WP Tweet Safe to Use in 2026?

Generally Safe

Key Concerns

WP Tweet Security Vulnerabilities

WP Tweet Code Analysis

Output Escaping

WP Tweet Attack Surface

WP Tweet Maintenance & Trust

Maintenance Signals

Community Trust

WP Tweet Alternatives

TweetMeme Button

TweetButton

Personal Tweet Me Button

Quotable Tweets by DraftPress

rsh-Tweet

WP Tweet Developer Profile

How We Detect WP Tweet

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about WP Tweet