Most Installed Posts WordPress Plugins
129 indexed plugins
Plugins
129
Active Installs
1m+
Average Score
61
Audited
129
Most Installed
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #1 | GenerateBlocks | 97 | 9 | 8 | 200k+ | file system operations is writable | ||
| #2 | Post Duplicator | 60 | 33 | 24 | 200k+ | Missing direct file access protection | ||
| #3 | Public Post Preview | 57 | 8 | 11 | 100k+ | Nonce verification recommended | ||
| #4 | WP Popular Posts | 29 | 77 | 300 | 100k+ | Non-prefixed global variable | ||
| #5 | YARPP – Yet Another Related Posts Plugin | 27 | 191 | 331 | 100k+ | Non-prefixed global variable | ||
| #6 | WP Meta and Date Remover | 24 | 665 | 1,314 | 90k+ | Non-prefixed global variable | ||
| #7 | Display Posts – Easy lists, grids, navigation, and more | 92 | 11 | 23 | 80k+ | Non-prefixed function | ||
| #8 | List category posts | 36 | 162 | 17 | 80k+ | Output is not escaped | ||
| #9 | Category Posts Widget | 38 | 153 | 26 | 40k+ | Output is not escaped | ||
| #10 | Reading Time WP | 89 | 5 | 33 | 30k+ | Non-prefixed global variable | ||
| #11 | Ultimate Post Kit Addons for Elementor | 25 | 182 | 412 | 30k+ | Missing nonce verification | ||
| #12 | WP Admin UI Customize | 30 | 629 | 390 | 30k+ | Non-prefixed global variable | ||
| #13 | WP Telegram (Auto Post and Notifications) | 95 | 8 | 15 | 30k+ | Non-prefixed function | ||
| #14 | Advanced Queries | 86 | 6 | 11 | 10k+ | Non-prefixed constant | ||
| #15 | Bulk Post Update Date | 36 | 96 | 66 | 10k+ | Unsafe printing function | ||
| #16 | Essential Widgets | 99 | 3 | 10k+ | Non-prefixed function | |||
| #17 | JSM Show Post Metadata | 40 | 15 | 66 | 10k+ | Nonce verification recommended | ||
| #18 | MB Custom Post Types & Custom Taxonomies | 52 | 9 | 49 | 10k+ | Nonce verification recommended | ||
| #19 | Newpost Catch | 97 | 2 | 15 | 10k+ | Non-prefixed hook name | ||
| #20 | No Page Comment | 98 | 3 | 1 | 10k+ | Discouraged text-domain loading | ||
| #21 | Posts in Page | 95 | 10 | 12 | 10k+ | date date | ||
| #22 | Public Post Preview Configurator | 84 | 14 | 6 | 10k+ | Non Singular String Literal Domain | ||
| #23 | RaraTheme Companion | 34 | 430 | 71 | 10k+ | Output is not escaped | ||
| #24 | Raw HTML | 66 | 17 | 35 | 10k+ | Non-prefixed function | ||
| #25 | Related Posts by Taxonomy | 35 | 131 | 97 | 10k+ | Output is not escaped | ||
| #26 | Subscribe2 – Form, Email Subscribers & Newsletters | 32 | 32 | 410 | 10k+ | Direct Query | ||
| #27 | WP Missed Schedule Posts | 87 | 7 | 9 | 10k+ | trademarked term | ||
| #28 | Flexible Posts Widget | 41 | 136 | 33 | 8k+ | Output is not escaped | ||
| #29 | TypePad emoji for TinyMCE | 38 | 100 | 24 | 8k+ | Text Domain Mismatch | ||
| #30 | Add Widget After Content | 70 | 6 | 11 | 7k+ | Setting is missing a sanitization callback | ||
| #31 | Posts List | 77 | 11 | 15 | 7k+ | Non-prefixed hook name | ||
| #32 | WP Display Header | 98 | 15 | 3 | 7k+ | Text Domain Mismatch | ||
| #33 | Bulk Datetime Change | 96 | 3 | 18 | 6k+ | Non-prefixed global variable | ||
| #34 | No External Links | 85 | 7 | 26 | 6k+ | Database parameter is not escaped | ||
| #35 | Superb Recent Posts With Thumbnail Images | 98 | 6 | 6 | 6k+ | Non-prefixed global variable | ||
| #36 | Redirect | 51 | 26 | 12 | 5k+ | Output is not escaped | ||
| #37 | WP Smart Preloader | 68 | 27 | 10 | 5k+ | Output is not escaped | ||
| #38 | Bulk Edit Categories and Tags – Create Thousands Quickly on the Editor | 24 | 1,025 | 984 | 4k+ | Text Domain Mismatch | ||
| #39 | Custom Layouts – Post + Product grids made easy | 89 | 23 | 22 | 4k+ | Missing Translators Comment | ||
| #40 | Hierarchical HTML Sitemap | 97 | 3 | 5 | 4k+ | Post Not In exclude | ||
| #41 | Publish to Schedule | 37 | 195 | 43 | 4k+ | Text Domain Mismatch | ||
| #42 | Advanced Posts Listing – Show Post List Easily | 98 | 31 | 5 | 3k+ | Missing Arg Domain | ||
| #43 | Expanding Archives | 54 | 37 | 9 | 3k+ | Output is not escaped | ||
| #44 | LH Archived Post Status | 37 | 150 | 64 | 3k+ | Text Domain Mismatch | ||
| #45 | Search in Place | 49 | 74 | 57 | 3k+ | wp function not compatible with requires wp | ||
| #46 | Share a Draft | 41 | 39 | 6 | 3k+ | Output is not escaped | ||
| #47 | Auto Affiliate Links | 24 | 375 | 407 | 3k+ | Output is not escaped | ||
| #48 | SEO Auto Linker | 39 | 97 | 62 | 3k+ | Unsafe printing function | ||
| #49 | Automatic Post Tagger | 38 | 592 | 307 | 2k+ | Output is not escaped | ||
| #50 | HiFi (Head Injection, Foot Injection) | 66 | 13 | 11 | 2k+ | Output is not escaped |
