MM Author Box Security & Risk Analysis
wordpress.org/plugins/about-post-authorDisplay a box About Post Author with author name, avatar and description after each blog post.
Is MM Author Box Safe to Use in 2026?
Generally Safe
Score 100/100MM Author Box has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'about-post-author' plugin, version 1.4.1, demonstrates a strong security posture based on the provided static analysis. The absence of any identified dangerous functions, raw SQL queries, file operations, external HTTP requests, or unsanitized taint flows is highly commendable. Furthermore, the 100% output escaping and the presence of at least one capability check indicate good development practices for protecting against common web vulnerabilities. The plugin's vulnerability history being completely clear, with no recorded CVEs, further bolsters its security reputation.
However, the analysis does reveal a potential area for improvement. The complete lack of nonce checks across all entry points, combined with zero unprotected AJAX handlers and zero unprotected REST API routes, might suggest a very limited attack surface but also a potential oversight in a crucial security mechanism. While the current version might not suffer from issues due to its minimal entry points, future additions or complex integrations could inadvertently expose vulnerabilities if nonce validation is not a standard practice. Overall, this plugin appears robust and secure for its current functionality, with the primary caution revolving around the consistent application of nonces for enhanced security, especially as the plugin evolves.
Key Concerns
- No nonce checks implemented
MM Author Box Security Vulnerabilities
MM Author Box Code Analysis
Output Escaping
MM Author Box Attack Surface
WordPress Hooks 11
Maintenance & Trust
MM Author Box Maintenance & Trust
Maintenance Signals
Community Trust
MM Author Box Alternatives
Smart Author Box
smart-author-box
Smart Author Box will show the author's biography below articles.
Simple Author Box
simple-author-box
Add a responsive author box or guest author box with social icons to any post. Great author box for any site!
Molongui Authorship – Author Boxes, Guest Authors & Co-Authors for WordPress
molongui-authorship
All-in-One Authorship Solution: Seamless Author Box, Guest Authors, and Co-Authors to enhance your site's authority, credibility, engagement, and SEO.
Starbox – the Author Box for Humans
starbox
Starbox is the Author Box for Humans. Professional Themes to choose from, HTML5, Social Media Profiles, Google Authorship
WP Post Author – Author Box, Co-Authors & Guest Authors
wp-post-author
WP Post Author provides a complete solution for displaying author information, managing multiple authors, collecting post ratings, and creating user r …
MM Author Box Developer Profile
3 plugins · 150 total installs
How We Detect MM Author Box
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/about-post-author/assets/images/facebook.png/wp-content/plugins/about-post-author/assets/images/twitter.png/wp-content/plugins/about-post-author/assets/images/linkedin.png/wp-content/plugins/about-post-author/assets/images/instagram.png/wp-content/plugins/about-post-author/assets/js/admin-script.jsabout-post-author/assets/css/author-box.css?ver=about-post-author/assets/css/admin-styles.css?ver=about-post-author/assets/js/admin-script.js?ver=HTML / DOM Fingerprints
about-post-author-sectionauthor-avatarauthor-detailssocial-media-iconssocial-iconabout-post-author-settings-wrapabout-post-author-tabsabout-post-author-tab-contentid="about-post-author-background-color"name="about-post-author-background-color"id="about-post-author-text-color"name="about-post-author-text-color"id="about-post-author-font-size"name="about-post-author-font-size"+4 more