Does Add Functions have any unpatched vulnerabilities?

No. All known vulnerabilities in Add Functions have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Add Functions compatible with WordPress 3.2.1?

According to WordPress.org data, Add Functions 0.2 has been tested up to WordPress 3.2.1. Check the plugin's changelog for the latest compatibility information.

How often is Add Functions updated?

Add Functions was last updated on Jan 12, 2012. Frequent updates are generally a positive security signal.

What is Add Functions's security score?

Add Functions has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Add Functions Security & Risk Analysis

wordpress.org/plugins/add-functions

With this plugin you can add new functions through admin menu, without editing your themes functions.php

10 active installs v0.2 PHP + WP 3.0+ Updated Jan 12, 2012

apifunctionstheme

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Add Functions Safe to Use in 2026?

Generally Safe

Score 85/100

Add Functions has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 14yr ago

Risk Assessment

The "add-functions" plugin version 0.2 exhibits a strong security posture in several key areas, particularly with its zero-count of dangerous functions, external HTTP requests, and file operations. The complete absence of SQL queries without prepared statements is also a significant strength. However, the static analysis reveals a critical concern regarding output escaping, with 100% of outputs being unescaped. This indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, as any data processed by the plugin and then displayed to users could potentially be injected with malicious scripts. The plugin's vulnerability history is clean, showing no recorded CVEs, which is positive. Despite the lack of known vulnerabilities and a seemingly small attack surface (0 entry points), the unescaped output poses a substantial immediate risk that needs to be addressed.

Key Concerns

Unescaped output detected

Vulnerabilities

None known

Add Functions Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Add Functions Release Timeline

No version history available.

Code Analysis

Analyzed Mar 17, 2026

Add Functions Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped3 total outputs

Attack Surface

Add Functions Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actionadmin_initadd-functions.php:124

actionplugins_loadedadd-functions.php:130

actionadmin_menuadd-functions.php:131

Maintenance & Trust

Add Functions Maintenance & Trust

Maintenance Signals

WordPress version tested3.2.1

Last updatedJan 12, 2012

PHP min version

Downloads3K

Community Trust

Rating20/100

Number of ratings2

Active installs10

Alternatives

Add Functions Alternatives

WPS Child Theme Generator

wps-child-theme-generator

Create your child theme with options. Customize it many options.

6K 1 CVE

Conditional Themes

wp-conditional-themes

A simple API to switch the themes on certain conditions.

50 No CVEs

Advanced Event Manager

advanced-event-manager

Calendar plugin by Stachethemes

20 1 unpatched

REST API Extender

rest-api-extender

The REST API Extender is a WordPress plugin that extends the functionality of the WordPress REST API.

20 No CVEs

Extended Theme Option

extended-theme-option

Extended Theme Option is an advanced plugin to add more fields in the site. Field values can be retrived by using auto generated functions.

10 No CVEs

Developer Profile

Add Functions Developer Profile

TIgor4eg

3 plugins · 80 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Add Functions

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Script Paths

/wp-content/plugins/add-functions/codepress/codepress.js

HTML / DOM Fingerprints

CSS Classes

codepressphp

JS Globals

myCpWindow

FAQ