WP-TwitterBadge Security & Risk Analysis
wordpress.org/plugins/wp-twitterbadgeWP-TwitterBadge is a simple plugin that allows you to display a Twitter "Follow" Badge on your site or blog.
Is WP-TwitterBadge Safe to Use in 2026?
Generally Safe
Score 85/100WP-TwitterBadge has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The wp-twitterbadge v1.0 plugin exhibits a seemingly strong security posture based on the provided static analysis. There are no identified AJAX handlers, REST API routes, shortcodes, or cron events, significantly limiting the plugin's attack surface and potential entry points for malicious actors. Furthermore, the absence of dangerous functions, raw SQL queries, file operations, external HTTP requests, and the lack of known vulnerabilities in its history are positive indicators. However, a critical concern arises from the very low percentage of properly escaped output (7%). This suggests a high likelihood of cross-site scripting (XSS) vulnerabilities, as user-supplied data is likely being rendered directly into the HTML without sufficient sanitization. While taint analysis shows no flows, this is likely due to the limited scope of the analysis or the absence of complex data interactions. The lack of nonce and capability checks, coupled with the minimal output escaping, presents a significant risk that is not fully captured by the limited attack surface analysis.
Key Concerns
- Low output escaping percentage
- Missing nonce checks
- Missing capability checks
WP-TwitterBadge Security Vulnerabilities
WP-TwitterBadge Code Analysis
Output Escaping
WP-TwitterBadge Attack Surface
WordPress Hooks 3
Maintenance & Trust
WP-TwitterBadge Maintenance & Trust
Maintenance Signals
Community Trust
WP-TwitterBadge Alternatives
Social Media Widget
social-media-widget
Adds links to all of your social media and sharing site profiles. Tons of icons come in 3 sizes, 4 icon styles, and 4 animations.
miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn)
miniorange-login-openid
Social Login with Discord, Facebook, Google, Twitter, LinkedIn and 40+ apps. Social login with social share and comments. Free, fast & easy! WooCo …
Social Media Auto Publish
social-media-auto-publish
Publish posts automatically to social media networks like Facebook, Twitter, Instagram, Tumblr, LinkedIn, Threads and Telegram.
Custom Share Buttons with Floating Sidebar
custom-share-buttons-with-floating-sidebar
Share buttons with extra features to sharing your website posts/pages on Facebook, Twitter, Instagram, Whatsapp, Pinterest etc.
Social Login
oa-social-login
With Social Login your users can login, register and comment with 40+ Social Networks. Maintenance Free. Uptime Guarantee. Fulltime devs
WP-TwitterBadge Developer Profile
2 plugins · 240 total installs
How We Detect WP-TwitterBadge
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/wp-twitterbadge/js/badge.js/wp-content/plugins/wp-twitterbadge/js/badge.jsHTML / DOM Fingerprints
wp-twitterbadge<!-- twitter follow badge by go2web20 --><!-- end of twitter follow badge --><!-- WP-TwitterBadge: Disabled while the default WPtouch theme is in use --><!-- WP-TwitterBadge: You must first enter a twitter account name before your TwitterBadge will be displayed -->+1 moretfbSkipInittfb