WP-Safety

WP Weixin Broadcast Security & Risk Analysis

wordpress.org/plugins/wp-weixin-broadcast

WeChat Broadcast for WordPress

10 active installs v1.3.15 PHP 7.0+ WP 4.9.5+ Updated May 16, 2020
wechat-broadcastwechat-share%e5%be%ae%e4%bf%a1%e5%be%ae%e4%bf%a1%e5%88%86%e4%ba%ab
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WP Weixin Broadcast Safe to Use in 2026?

Generally Safe

Score 85/100

WP Weixin Broadcast has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The wp-weixin-broadcast plugin version 1.3.15 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of any known CVEs and a low count of potentially risky code signals are positive indicators. The plugin demonstrates good practices in input validation and output sanitization, with a high percentage of SQL queries using prepared statements and outputs being properly escaped. The presence of nonce and capability checks on its AJAX handlers further mitigates the risk of common web vulnerabilities.

However, a few areas warrant attention. While the attack surface is moderate, all entry points are reported as protected, which is a positive. The single file operation, external HTTP requests, and the bundled Select2 library, while not flagged as problematic, represent potential areas for deeper scrutiny if specific issues arise. The plugin's history of zero vulnerabilities is encouraging, suggesting a stable and secure codebase to date. Overall, this version appears to be well-secured, but continuous monitoring and adherence to secure coding practices remain crucial for any WordPress plugin.

Key Concerns

  • File operations detected
  • Bundled library (Select2)
Vulnerabilities
None known

WP Weixin Broadcast Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

WP Weixin Broadcast Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
17 prepared
Unescaped Output
10
145 escaped
Nonce Checks
10
Capability Checks
4
File Operations
1
External Requests
0
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

89% prepared19 total queries

Output Escaping

94% escaped155 total outputs
Data Flows
All sanitized

Data Flow Analysis

1 flows
<class-wp-weixin-article> (inc\class-wp-weixin-article.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

WP Weixin Broadcast Attack Surface

Entry Points6
Unprotected0

AJAX Handlers 6

authwp_ajax_wp_weixin_broadcast_get_itemsinc\class-wp-weixin-broadcast-message.php:89
authwp_ajax_wp_weixin_broadcast_get_tagsinc\class-wp-weixin-broadcast-message.php:91
authwp_ajax_wp_weixin_broadcast_get_wp_wechat_usersinc\class-wp-weixin-broadcast-message.php:93
authwp_ajax_wp_weixin_broadcast_previewinc\class-wp-weixin-broadcast-message.php:95
authwp_ajax_wp_weixin_broadcast_statusinc\class-wp-weixin-broadcast-message.php:97
authwp_ajax_wp_weixin_broadcast_delete_remote_materialinc\class-wp-weixin-broadcast-message.php:99
WordPress Hooks 41
actioninitinc\class-wp-weixin-article.php:28
actionsave_postinc\class-wp-weixin-article.php:30
actionsave_postinc\class-wp-weixin-article.php:32
actionadd_meta_boxesinc\class-wp-weixin-article.php:34
actionadmin_initinc\class-wp-weixin-article.php:36
actionadmin_action_wechat_broadcast_article_clone_postinc\class-wp-weixin-article.php:38
actionadmin_noticesinc\class-wp-weixin-article.php:40
actionedit_form_after_editorinc\class-wp-weixin-article.php:42
actionmedia_buttonsinc\class-wp-weixin-article.php:44
filterwp_default_editorinc\class-wp-weixin-article.php:47
filteradmin_post_thumbnail_htmlinc\class-wp-weixin-article.php:49
filterpost_row_actionsinc\class-wp-weixin-article.php:51
filteruse_block_editor_for_post_typeinc\class-wp-weixin-article.php:53
actionadd_meta_boxesinc\class-wp-weixin-broadcast-logger.php:18
actioninitinc\class-wp-weixin-broadcast-message.php:65
actionadmin_initinc\class-wp-weixin-broadcast-message.php:67
actionpost_submitbox_minor_actionsinc\class-wp-weixin-broadcast-message.php:69
actionadd_meta_boxesinc\class-wp-weixin-broadcast-message.php:71
actionwp_weixin_broadcast_targets_type_settingsinc\class-wp-weixin-broadcast-message.php:73
actionpost_submitbox_startinc\class-wp-weixin-broadcast-message.php:75
actionsave_postinc\class-wp-weixin-broadcast-message.php:77
actiondelete_postinc\class-wp-weixin-broadcast-message.php:79
actionpublish_future_postinc\class-wp-weixin-broadcast-message.php:81
actionadmin_noticesinc\class-wp-weixin-broadcast-message.php:85
actioncurrent_screeninc\class-wp-weixin-broadcast-message.php:87
actionwp_weixin_responderinc\class-wp-weixin-broadcast-message.php:103
filterwp_weixin_broadcast_no_duplicate_post_typesinc\class-wp-weixin-broadcast-message.php:106
filterpost_row_actionsinc\class-wp-weixin-broadcast-message.php:108
filterpost_updated_messagesinc\class-wp-weixin-broadcast-message.php:112
filterwp_insert_post_datainc\class-wp-weixin-broadcast-message.php:116
filtergettextinc\class-wp-weixin-broadcast-message.php:676
actionpre_user_queryinc\class-wp-weixin-broadcast-message.php:922
actionpre_user_queryinc\class-wp-weixin-broadcast-message.php:1324
actioninitinc\class-wp-weixin-broadcast.php:19
actioninitinc\class-wp-weixin-broadcast.php:21
actionadmin_enqueue_scriptsinc\class-wp-weixin-broadcast.php:23
actionadmin_menuinc\class-wp-weixin-broadcast.php:25
filterquery_varsinc\class-wp-weixin-broadcast.php:28
actionadmin_noticesinc\class-wp-weixin-broadcast.php:138
actionwp_weixin_extensionswp-weixin-broadcast.php:53
actionplugins_loadedwp-weixin-broadcast.php:55
Maintenance & Trust

WP Weixin Broadcast Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19
Last updatedMay 16, 2020
PHP min version7.0
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

WP Weixin Broadcast Alternatives

WP Weixin

WP Weixin

wp-weixin

A
92

WordPress WeChat integration

400 No CVEs
[凹凸曼]微信分享有图-WeChat Page Sharing

[凹凸曼]微信分享有图-WeChat Page Sharing

apoyl-weixinshare

A
100

这是一款解决在微信里首页、文章、单页等页面(如post, page, attachment, revision, menu)分享到朋友或朋友圈,图标无法显示,描述更改为部分文章内容或者文章摘要. This is a solution to share to Chat or share on Mome &hellip;

200 No CVEs
胖鼠采集(Fat Rat Collect)

胖鼠采集(Fat Rat Collect)

fat-rat-collect

A
99

胖鼠采集(Fat Rat Collect) 是一款能够帮助你网站自动化的采集工具. 支持采集、微信、简书、知乎、自定义列表页、自定义详情页面、还有许多特色功能、 还可一键采集历史文章, 一键设置自动采集, 自动发布, 为您节省精力, 快来体验一下吧!

1K 2 CVEs
WxSync-标准云微信公众号文章免费采集-任意公众号自动采集付费购买

WxSync-标准云微信公众号文章免费采集-任意公众号自动采集付费购买

wxsync

A
92

标准云微信公众号文章采集与自动同步插件,手动采集永久免费,自动同步采集可按月收费

500 1 CVE
Wenprise WeChatPay Payment Gateway For WooCommerce

Wenprise WeChatPay Payment Gateway For WooCommerce

wenprise-wechatpay-checkout-for-woocommerce

A
92

WeChat payment gateway for WooCommerce, WooCommerce 微信免费全功能支付网关。

400 No CVEs
Developer Profile

WP Weixin Broadcast Developer Profile

Alexandre Froger

11 plugins · 8K total installs

71
trust score
Avg Security Score
88/100
Avg Patch Time
110 days
View full developer profile
Detection Fingerprints

How We Detect WP Weixin Broadcast

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-weixin-broadcast/css/admin/main.css/wp-content/plugins/wp-weixin-broadcast/css/admin/main.min.css/wp-content/plugins/wp-weixin-broadcast/js/admin/main.js/wp-content/plugins/wp-weixin-broadcast/js/admin/main.min.js
Version Parameters
wp-weixin-broadcast/css/admin/main.css?ver=wp-weixin-broadcast/css/admin/main.min.css?ver=wp-weixin-broadcast/js/admin/main.js?ver=wp-weixin-broadcast/js/admin/main.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
wp-weixin-broadcast
JS Globals
wp_weixin_broadcast_localize
FAQ

Frequently Asked Questions about WP Weixin Broadcast