WP-Safety

Social Profiles Security & Risk Analysis

wordpress.org/plugins/zerowp-social-profiles

Create links to profiles from 170+ social networks

30 active installs v1.2.1 PHP + WP 4.7+ Updated Jun 27, 2019
facebookgooglesocialtwitterwidget
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Social Profiles Safe to Use in 2026?

Generally Safe

Score 85/100

Social Profiles has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

The "zerowp-social-profiles" v1.2.1 plugin exhibits a strong security posture based on the provided static analysis and vulnerability history. The absence of any identified attack surface (AJAX handlers, REST API routes, shortcodes, cron events) significantly limits potential entry points for malicious actors. Furthermore, the code signals indicate good development practices, with 100% of SQL queries utilizing prepared statements, a reasonable 64% of output escaping, and the presence of capability checks. The lack of dangerous functions, file operations, external HTTP requests, and the absence of any taint flows with unsanitized paths further bolster its security. The plugin's vulnerability history is also clean, with no known CVEs, indicating a track record of security. Overall, this plugin appears to be well-secured with no immediate, apparent risks based on the provided data. Its strengths lie in its minimal attack surface and diligent use of secure coding practices.

Key Concerns

  • Output escaping is not fully implemented
  • Missing nonce checks on AJAX/REST endpoints
  • No known vulnerabilities recorded
  • No critical/high severity taint flows
  • No SQL queries without prepared statements
  • No dangerous functions detected
  • No file operations detected
  • No external HTTP requests detected
  • No bundled libraries detected
  • Minimal attack surface
Vulnerabilities
None known

Social Profiles Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Social Profiles Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
16
29 escaped
Nonce Checks
0
Capability Checks
3
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

64% escaped45 total outputs
Attack Surface

Social Profiles Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 15
actionzsp:author_infocomponents\AuthorBox\component.php:8
actionzsp:initcomponents\ExampleComponent\component.php:19
actionzsp:initcomponents\UserForm\component.php:8
actionzsp:widgets_initcomponents\Widget\component.php:8
filterzsp_form_field_typesengine\GeneralForm\RegisterFieldType.class.php:13
actionshow_user_profileengine\User\BaseForm.class.php:20
actionedit_user_profileengine\User\BaseForm.class.php:21
actionpersonal_options_updateengine\User\BaseForm.class.php:22
actionedit_user_profile_updateengine\User\BaseForm.class.php:23
actionwidgets_initplugin.php:89
actionwp_enqueue_scriptsplugin.php:93
actionadmin_enqueue_scriptsplugin.php:94
actionadmin_menuwarnings\abstract-warning.php:10
actionadmin_enqueue_scriptswarnings\abstract-warning.php:11
actionplugins_loadedzerowp-social-profiles.php:164
Maintenance & Trust

Social Profiles Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21
Last updatedJun 27, 2019
PHP min version
Downloads3K

Community Trust

Rating100/100
Number of ratings1
Active installs30
Alternatives

Social Profiles Alternatives

Metro Style Social Widget

Metro Style Social Widget

metro-style-social-widget

A
85

Metro Style Social Network Widget

300 No CVEs
All-Social FW Style

All-Social FW Style

all-social-fw-style-widget

A
85

Todos tus sitios web en un solo widget: Facebook, Twitter, Google Plus y FeedBurner.

10 No CVEs
Beautiful Social Widget

Beautiful Social Widget

beautiful-social-widget

A
85

With Beautiful Social Widget, you can link to your social media profile through Sidebar Widget.

10 No CVEs
RS Social Sidebar

RS Social Sidebar

rs-social-sidebar

A
85

Another social plugin :). Difference is the hover effect.

10 No CVEs
Nextend Social Login and Register

Nextend Social Login and Register

nextend-facebook-connect

A
89

One click registration & login plugin for Facebook, Google, X (formerly Twitter) and more. Quick setup and easy configuration.

200K 6 CVEs
Developer Profile

Social Profiles Developer Profile

Andrei Surdu

5 plugins · 10K total installs

86
trust score
Avg Security Score
88/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Social Profiles

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/zerowp-social-profiles/assets/css/widget-frontend.css/wp-content/plugins/zerowp-social-profiles/assets/css/widget-backend.css/wp-content/plugins/zerowp-social-profiles/assets/js/widget-frontend.js/wp-content/plugins/zerowp-social-profiles/assets/js/widget-backend.js
Version Parameters
zerowp-social-profiles/assets/css/widget-frontend.css?ver=zerowp-social-profiles/assets/css/widget-backend.css?ver=zerowp-social-profiles/assets/js/widget-frontend.js?ver=zerowp-social-profiles/assets/js/widget-backend.js?ver=

HTML / DOM Fingerprints

CSS Classes
zsp-social-profiles
HTML Comments
<!-- Social Profiles by ZeroWP -->
Data Attributes
data-zsp-iddata-zsp-type
JS Globals
zsp_widget_frontend_params
Shortcode Output
[social_profiles][social_profiles id='']
FAQ

Frequently Asked Questions about Social Profiles