Post WordPress Plugins That Need Review
143 indexed plugins
Plugins
143
Active Installs
1m+
Average Score
59
Audited
142
Needs Review
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #51 | Content Widget | 41 | 72 | 9 | 400 | Output is not escaped | ||
| #52 | Insert JavaScript and CSS | 41 | 64 | 19 | 400 | Text Domain Mismatch | ||
| #53 | Post Cloner | 41 | 25 | 15 | 1k+ | Text Domain Mismatch | ||
| #54 | Revision Control | 41 | 60 | 28 | 40k+ | Output is not escaped | ||
| #55 | Share a Draft | 41 | 39 | 6 | 3k+ | Output is not escaped | ||
| #56 | Simple Revision Control | 41 | 34 | 43 | 1k+ | Dynamic hook name | ||
| #57 | Sticky Posts – Switch | 41 | 84 | 5 | 6k+ | Output is not escaped | ||
| #58 | WP Lorem ipsum | 41 | 37 | 29 | 500 | Unsafe printing function | ||
| #59 | Change Background Color for Pages, Posts, Widgets | 42 | 35 | 7 | 500 | Text Domain Mismatch | ||
| #60 | Companion Revision Manager – Revision Control | 42 | 18 | 28 | 4k+ | Unsafe printing function | ||
| #61 | Hide Featured Image | 42 | 26 | 12 | 10k+ | Unsafe printing function | ||
| #62 | Posts Like Dislike | 42 | 157 | 39 | 6k+ | Non Singular String Literal Domain | ||
| #63 | Post title marquee scroll | 43 | 43 | 25 | 1k+ | Output is not escaped | ||
| #64 | User Posts Limit | 44 | 82 | 22 | 2k+ | Output is not escaped | ||
| #65 | Extended Post Status | 45 | 27 | 27 | 1k+ | Output is not escaped | ||
| #66 | LINE Auto Post | 45 | 19 | 11 | 500 | Heredoc Output Not Escaped | ||
| #67 | DX Delete Attached Media | 46 | 32 | 8 | 4k+ | Output is not escaped | ||
| #68 | Custom Background Extended | 48 | 13 | 23 | 800 | Input is not validated | ||
| #69 | Custom Header Extended | 48 | 19 | 11 | 1k+ | Unsafe printing function | ||
| #70 | Disable Author Pages | 48 | 23 | 5 | 6k+ | Unsafe printing function | ||
| #71 | Simple Regenerate Slug | 48 | 18 | 6 | 400 | Unsafe printing function | ||
| #72 | WP Hide Show Featured Image | 50 | 36 | 5 | 4k+ | Unsafe printing function | ||
| #73 | Post Notification by Email | 52 | 36 | 13 | 2k+ | Output is not escaped | ||
| #74 | Stealth Publish | 52 | 7 | 22 | 900 | Missing nonce verification | ||
| #75 | Simple Copy Post Button | 53 | 14 | 24 | 400 | Input is not sanitized | ||
| #76 | Auto Image Alt Attribute | 55 | 26 | 7 | 6k+ | Unsafe printing function | ||
| #77 | Quick Bulk Post & Page Creator | 55 | 43 | 1 | 2k+ | Text Domain Mismatch | ||
| #78 | Replace Protected Password | 56 | 6 | 18 | 600 | Input is not sanitized | ||
| #79 | Require Featured Image | 56 | 20 | 6 | 3k+ | Output is not escaped | ||
| #80 | WP Old Post Date Remover | 57 | 25 | 7 | 2k+ | Unsafe printing function | ||
| #81 | Cresta Posts Box | 59 | 10 | 13 | 1k+ | Output is not escaped | ||
| #82 | Post Duplicator | 60 | 33 | 24 | 200k+ | Missing direct file access protection | ||
| #83 | Multiple Post Passwords | 61 | 13 | 15 | 2k+ | Output is not escaped | ||
| #84 | PRyC WP: Add custom content to post and page (top/bottom) | 61 | 63 | 7 | 1k+ | Text Domain Mismatch | ||
| #85 | WP-UTF8-Excerpt | 61 | 17 | 10 | 700 | Unsafe printing function | ||
| #86 | XPoster – Share to Bluesky and Mastodon | 62 | 26 | 36 | 10k+ | Missing nonce verification | ||
| #87 | Category Sticky Post | 63 | 4 | 24 | 3k+ | Missing nonce verification | ||
| #88 | Email Post Changes | 63 | 43 | 8 | 500 | Missing Arg Domain | ||
| #89 | Master Post Advert | 64 | 26 | 4 | 1k+ | Unsafe printing function | ||
| #90 | HiFi (Head Injection, Foot Injection) | 66 | 13 | 11 | 2k+ | Output is not escaped | ||
| #91 | WP Post Branches | 67 | 16 | 12 | 4k+ | Nonce verification recommended | ||
| #92 | Category Featured Images | 68 | 5 | 12 | 600 | Input is not sanitized | ||
| #93 | Ambrosite Next/Previous Post Link Plus | 69 | 12 | 24 | 5k+ | Interpolated SQL is not prepared | ||
| #94 | Embed Iframe | 69 | 25 | 6 | 2k+ | wp function not compatible with requires wp | ||
| #95 | Press This | 70 | 1 | 44 | 5k+ | Non-prefixed hook name | ||
| #96 | Search and Replace | 70 | 7 | 9 | 10k+ | Input is not sanitized | ||
| #97 | WP Image Borders | 70 | 47 | 6 | 2k+ | Text Domain Mismatch | ||
| #98 | Disable Title | 72 | 20 | 15 | 2k+ | Text Domain Mismatch | ||
| #99 | Post Type Switcher | 75 | 3 | 18 | 200k+ | Direct Query | ||
| #100 | Post slider elementor addons | 78 | 45 | 8 | 3k+ | Text Domain Mismatch |
