Does WPCT Drag & Drop Recent Posts have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is WPCT Drag & Drop Recent Posts compatible with WordPress 5.3.21?

According to WordPress.org data, WPCT Drag & Drop Recent Posts 1.11 has been tested up to WordPress 5.3.21. Check the plugin's changelog for the latest compatibility information.

How often is WPCT Drag & Drop Recent Posts updated?

WPCT Drag & Drop Recent Posts was last updated on Dec 27, 2019. Frequent updates are generally a positive security signal.

What is WPCT Drag & Drop Recent Posts's security score?

WPCT Drag & Drop Recent Posts has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WPCT Drag & Drop Recent Posts Security & Risk Analysis

wordpress.org/plugins/wpct-drag-drop-recent-posts

You can display image slides with title, image, author name, date, description, and read more linked to posts from the selected category.

0 active installs v1.11 PHP + WP 5.0+ Updated Dec 27, 2019

category-postslatest-postslatest-posts-widgetposts-sliderposts-widget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WPCT Drag & Drop Recent Posts Safe to Use in 2026?

Generally Safe

Score 85/100

WPCT Drag & Drop Recent Posts has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The plugin "wpct-drag-drop-recent-posts" v1.11 presents a generally strong security posture based on the provided static analysis and vulnerability history. The absence of AJAX handlers, REST API routes, shortcodes, cron events, and file operations significantly limits the potential attack surface. Furthermore, the code employs prepared statements for all SQL queries and avoids external HTTP requests, which are excellent security practices. However, a critical concern arises from the extremely low percentage of properly escaped output. With 145 total outputs and only 1% being properly escaped, this indicates a high likelihood of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the website. The lack of nonce and capability checks, while not directly problematic given the absence of entry points, means that if any entry points were to be introduced in the future, they would lack crucial authentication and authorization measures.

Key Concerns

Poor output escaping
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

WPCT Drag & Drop Recent Posts Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

WPCT Drag & Drop Recent Posts Release Timeline

v1.11Current

v1.1

v1.0

Code Analysis

Analyzed Mar 17, 2026

WPCT Drag & Drop Recent Posts Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

144

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

1% escaped145 total outputs

Attack Surface

WPCT Drag & Drop Recent Posts Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionwp_enqueue_scriptswpct-drag-drop-recent-posts.php:795

actionwp_enqueue_scriptswpct-drag-drop-recent-posts.php:807

actionwidgets_initwpct-drag-drop-recent-posts.php:815

actionplugins_loadedwpct-drag-drop-recent-posts.php:823

actionadmin_enqueue_scriptswpct-drag-drop-recent-posts.php:834

Maintenance & Trust

WPCT Drag & Drop Recent Posts Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21

Last updatedDec 27, 2019

PHP min version

Downloads1K

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

WPCT Drag & Drop Recent Posts Alternatives

Widget Post Slider

widget-post-slider

Widget Post Slider to display posts image in a slider from category.

1K 1 CVE

Latest Posts

latest-posts

100

Latest posts widget to display recent posts from category.

5K No CVEs

Latest News Widget

latest-news-widget

A customizable latest news widget.

200 No CVEs

Latest Posts Widget

latest-posts-widget

Adds a widget that shows the most recent posts of your site with excerpt, featured image, date by sorting & ordering feature

200 No CVEs

Custom latest posts widget

custom-latest-posts-widget

Improve your sidebar a widget that shows the most recent posts of your site with excerpt, featured image, post type

10 No CVEs

Developer Profile

WPCT Drag & Drop Recent Posts Developer Profile

wpcodetips

1 plugin · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WPCT Drag & Drop Recent Posts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wpct-drag-drop-recent-posts/css/slider.css/wp-content/plugins/wpct-drag-drop-recent-posts/js/slider.js

Script Paths

/wp-content/plugins/wpct-drag-drop-recent-posts/js/slider.js

Version Parameters

wpct-drag-drop-recent-posts/css/slider.css?ver=wpct-drag-drop-recent-posts/js/slider.js?ver=

HTML / DOM Fingerprints

CSS Classes

WPCTrecentPostswpct-excerpt-textwpct-slider-container

HTML Comments

Data Attributes

data-intervaldata-slider-pausedata-columnsdata-rowsdata-grid-spacingdata-navigation-way+20 more

JS Globals

wpct_slider_config

Shortcode Output

[wpct_recent_posts

FAQ