Does Seattle WordPress Functionality have any unpatched vulnerabilities?

No. All known vulnerabilities in Seattle WordPress Functionality have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Seattle WordPress Functionality compatible with WordPress 4.1.0?

According to WordPress.org data, Seattle WordPress Functionality 0.8.2 has been tested up to WordPress 4.1.0. Check the plugin's changelog for the latest compatibility information.

How often is Seattle WordPress Functionality updated?

Seattle WordPress Functionality was last updated on May 17, 2015. Frequent updates are generally a positive security signal.

What is Seattle WordPress Functionality's security score?

Seattle WordPress Functionality has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Seattle WordPress Functionality Security & Risk Analysis

wordpress.org/plugins/wpsea-functionality

A functionality plugin is one that provides a common set of functionality that is

10 active installs v0.8.2 PHP + WP 3.0+ Updated May 17, 2015

analyticsgooglemetashortcodewidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Seattle WordPress Functionality Safe to Use in 2026?

Generally Safe

Score 85/100

Seattle WordPress Functionality has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The wpsea-functionality plugin v0.8.2 demonstrates a mixed security posture. On the positive side, it has a very small attack surface with only one entry point (a shortcode) and no AJAX handlers or REST API routes that appear to be unprotected. The absence of known CVEs and a clean vulnerability history is also a strong indicator of good security practices to date. However, significant concerns arise from the static code analysis. The plugin performs SQL queries without using prepared statements, which is a critical security flaw that could lead to SQL injection vulnerabilities. Furthermore, a very low percentage (4%) of output is properly escaped, indicating a high risk of cross-site scripting (XSS) vulnerabilities. The taint analysis, while not reporting critical or high severity issues, does show flows with unsanitized paths, reinforcing the concerns about XSS and other injection attacks due to inadequate sanitization and escaping.

Key Concerns

SQL queries not using prepared statements
Low percentage of output properly escaped
Taint flows with unsanitized paths
No nonce checks
No capability checks

Vulnerabilities

None known

Seattle WordPress Functionality Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Seattle WordPress Functionality Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

4% escaped25 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths

wpsea_func_contact_form (wpsea-functionality.php:939)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Seattle WordPress Functionality Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[wpsea_contactform] wpsea-functionality.php:85

WordPress Hooks 8

actionwp_enqueue_scriptswpsea-functionality.php:73

actionadmin_initwpsea-functionality.php:75

actionadmin_initwpsea-functionality.php:76

actionadmin_menuwpsea-functionality.php:77

actionwp_dashboard_setupwpsea-functionality.php:79

actionwp_dashboard_setupwpsea-functionality.php:80

actionwp_footerwpsea-functionality.php:83

actionwidgets_initwpsea-functionality.php:1375

Maintenance & Trust

Seattle WordPress Functionality Maintenance & Trust

Maintenance Signals

WordPress version tested4.1.0

Last updatedMay 17, 2015

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Seattle WordPress Functionality Alternatives

Esen Trends Dashboard

esen-trends-dashboard

100

Display Google Trends RSS data directly in your WordPress dashboard and post editor.

10 No CVEs

PixelYourSite – Your smart PIXEL (TAG) & API Manager

pixelyoursite

Add Meta Pixel with Conversion API, Google Analytics (GA4) + Consent Mode, Google Tag Manager, and Head & Footer scripts.

500K 11 CVEs

Analytics Insights – Google Analytics Dashboard for WordPress

analytics-insights

100

A full-featured and entirely free Google Analytics Dashboard plugin for WordPress. Displays stats to help you to better understand your site content.

10K 1 CVE

Lara's Google Analytics (GA4)

lara-google-analytics

100

Full width Google Analytics dashboard widget for Wordpress admin interface, which also inserts latest Google Analytics (GA4) tracking code to your pag …

9K 1 CVE

Local Google Analytics for WordPress – caches external requests

simple-google-analytics

100

Plugs in Google Analytics code to your website pages and caches it, so the website loads faster.

4K No CVEs

Developer Profile

Seattle WordPress Functionality Developer Profile

Ben Lobaugh (blobaugh)

11 plugins · 11K total installs

trust score

Avg Security Score

86/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Seattle WordPress Functionality

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wpsea-functionality/wpsea-functionality.php

HTML / DOM Fingerprints

Shortcode Output

wpsea_func_contact_form

FAQ