Follow Us Badges Security & Risk Analysis
wordpress.org/plugins/wpsite-follow-us-badgesFollow Us Badges by 99 Robots showcases your Facebook, Twitter, LinkedIn. YouTube, Tumblr and other social media badges.
Is Follow Us Badges Safe to Use in 2026?
Use With Caution
Score 63/100Follow Us Badges has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.
The plugin "wpsite-follow-us-badges" v3.1.11 presents a mixed security posture. While the static analysis shows a generally good level of output escaping and no critical taint flows, there are notable areas of concern. The lack of capability checks on any entry points is a significant weakness, meaning that potentially sensitive actions could be accessed by any user. Furthermore, all SQL queries are executed without prepared statements, which introduces a risk of SQL injection, even if not immediately apparent in the taint analysis for this specific version.
The vulnerability history reveals a pattern of medium-severity Cross-Site Scripting vulnerabilities, with one CVE remaining unpatched. This ongoing history of XSS issues, coupled with the raw SQL queries and lack of capability checks, suggests a recurring oversight in secure coding practices. While the current version appears to have addressed some previous issues and has a controlled attack surface, the historical context and the identified coding practices warrant caution. The absence of external HTTP requests and file operations is a positive indicator, but it does not mitigate the risks posed by unhandled input and historical vulnerabilities.
Key Concerns
- Unpatched CVE (Medium)
- SQL queries lack prepared statements
- No capability checks on entry points
Follow Us Badges Security Vulnerabilities
CVEs by Year
Severity Breakdown
2 total CVEs
Follow Us Badges <= 3.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting
Follow Us Badges <= 3.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpsite_follow_us_badges Shortcode
Follow Us Badges Release Timeline
Follow Us Badges Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Follow Us Badges Attack Surface
AJAX Handlers 1
Shortcodes 1
WordPress Hooks 6
Maintenance & Trust
Follow Us Badges Maintenance & Trust
Maintenance Signals
Community Trust
Follow Us Badges Alternatives
Business Badges
business-badges
Business Badges allows you to display customizable social badges on your website, like Google Business badge, facebook badge. Google+ badge Widget.
Follow us on widget
follow-us-on-widget
This plugin is the most efficient way to integrate the important social media links in your blog/website through widget.
Joinchat
creame-whatsapp-me
WhatsApp, Messenger, Telegram, Phone call… capture users through their favorite Apps and turn into clients
Meta for WooCommerce
facebook-for-woocommerce
Get the Official Meta for WooCommerce plugin for powerful ways to help grow your business.
Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty
chaty
WhatsApp chat, Facebook Messenger, Telegram, TikTok, Instagram, Email, Line, WeChat Phone call, SMS, 20+ live chat icons & WhatsApp chat pop up 💬
Follow Us Badges Developer Profile
12 plugins · 613K total installs
How We Detect Follow Us Badges
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/wpsite-follow-us-badges/css/wpsite-follow-us-badges.csswpsite-follow-us-badges/css/wpsite-follow-us-badges.css?ver=HTML / DOM Fingerprints
wpsite-follow-us-badgesdata-typedata-userdata-show-screen-namedata-countdata-layoutdata-size+2 morewpsite_follow_us_badges_widget_css[wpsite_follow_us_badges]