WP-Safety

Ascendoor Metadata Manager Security & Risk Analysis

wordpress.org/plugins/ascendoor-metadata-manager

A great plugin to display all metadata related to the posts, pages, custom post types, terms, custom taxonomy terms, users and comments that can be us …

30 active installs v1.0.0 PHP 7.0+ WP 5.0+ Updated Oct 28, 2021
custom-post-type-metametametadatapost-metaterm-meta
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Ascendoor Metadata Manager Safe to Use in 2026?

Generally Safe

Score 85/100

Ascendoor Metadata Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago
Risk Assessment

The ascendoor-metadata-manager plugin v1.0.0 presents a generally positive security posture based on the provided static analysis and vulnerability history. The plugin demonstrates good security practices by implementing nonce checks and capability checks for all identified AJAX entry points, and it has no recorded vulnerabilities or CVEs. The absence of dangerous functions, file operations, and external HTTP requests further strengthens its security. However, a significant concern lies in the handling of SQL queries. With 4 total SQL queries and 0% using prepared statements, this plugin is highly susceptible to SQL injection vulnerabilities. This is a critical weakness that outweighs the otherwise good practices observed. While the plugin has no recorded vulnerability history, the potential for SQL injection remains a serious risk that should be addressed immediately. The output escaping rate of 83% is good but not perfect, leaving a small potential for cross-site scripting (XSS) vulnerabilities if the unescaped outputs are user-controlled.

Key Concerns

  • Raw SQL queries without prepared statements
  • Unescaped output present
Vulnerabilities
None known

Ascendoor Metadata Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Ascendoor Metadata Manager Code Analysis

Dangerous Functions
0
Raw SQL Queries
4
0 prepared
Unescaped Output
13
65 escaped
Nonce Checks
8
Capability Checks
10
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

0% prepared4 total queries

Output Escaping

83% escaped78 total outputs
Attack Surface

Ascendoor Metadata Manager Attack Surface

Entry Points8
Unprotected0

AJAX Handlers 8

authwp_ajax_amdm-comment-meta-deleteadmin\includes\class-ascendoor-metadata-manager-admin-comment-metas.php:63
authwp_ajax_amdm-comment-meta-updateadmin\includes\class-ascendoor-metadata-manager-admin-comment-metas.php:64
authwp_ajax_amdm-post-meta-deleteadmin\includes\class-ascendoor-metadata-manager-admin-post-metas.php:66
authwp_ajax_amdm-post-meta-updateadmin\includes\class-ascendoor-metadata-manager-admin-post-metas.php:67
authwp_ajax_amdm-term-meta-deleteadmin\includes\class-ascendoor-metadata-manager-admin-term-metas.php:65
authwp_ajax_amdm-term-meta-updateadmin\includes\class-ascendoor-metadata-manager-admin-term-metas.php:66
authwp_ajax_amdm-user-meta-deleteadmin\includes\class-ascendoor-metadata-manager-admin-user-metas.php:66
authwp_ajax_amdm-user-meta-updateadmin\includes\class-ascendoor-metadata-manager-admin-user-metas.php:67
WordPress Hooks 17
actionadmin_enqueue_scriptsadmin\class-ascendoor-metadata-manager-admin.php:85
filterascendoor_metadata_manager_ignore_posttypeadmin\class-ascendoor-metadata-manager-admin.php:87
filterascendoor_metadata_manager_ignore_taxonomyadmin\class-ascendoor-metadata-manager-admin.php:88
filterascendoor_metadata_manager_ignore_useradmin\class-ascendoor-metadata-manager-admin.php:89
filterascendoor_metadata_manager_ignore_commentadmin\class-ascendoor-metadata-manager-admin.php:90
actionadd_meta_boxes_commentadmin\includes\class-ascendoor-metadata-manager-admin-comment-metas.php:61
actionload-post.phpadmin\includes\class-ascendoor-metadata-manager-admin-post-metas.php:63
actionload-post-new.phpadmin\includes\class-ascendoor-metadata-manager-admin-post-metas.php:64
actionadd_meta_boxesadmin\includes\class-ascendoor-metadata-manager-admin-post-metas.php:76
actionadmin_menuadmin\includes\class-ascendoor-metadata-manager-admin-settings.php:39
actionadmin_initadmin\includes\class-ascendoor-metadata-manager-admin-settings.php:40
filterplugin_action_links_ascendoor-metadata-manager/ascendoor-metadata-manager.phpadmin\includes\class-ascendoor-metadata-manager-admin-settings.php:42
actionadmin_initadmin\includes\class-ascendoor-metadata-manager-admin-term-metas.php:63
actionedit_user_profileadmin\includes\class-ascendoor-metadata-manager-admin-user-metas.php:63
actionshow_user_profileadmin\includes\class-ascendoor-metadata-manager-admin-user-metas.php:64
actionascendoor_metadata_manager_plugin_initascendoor-metadata-manager.php:91
actioninitincludes\class-ascendoor-metadata-manager-i18n.php:31
Maintenance & Trust

Ascendoor Metadata Manager Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13
Last updatedOct 28, 2021
PHP min version7.0
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs30
Alternatives

Ascendoor Metadata Manager Alternatives

Metadata Viewer

Metadata Viewer

metadata-viewer

A
100

A plugin or theme developer can view metadata by this plugin easily.

300 No CVEs
Custom Metadata Manager

Custom Metadata Manager

custom-metadata

A
85

An easy way to add custom fields to your object types (post, pages, custom post types, users)

800 No CVEs
Advanced Term Images

Advanced Term Images

advanced-term-fields-featured-images

A
85

Easily add featured images to your categories, tags, and custom taxonomy terms. Supports all taxonomies!

200 No CVEs
Post Meta Manager

Post Meta Manager

post-meta-manager

A
85

A simple utility plugin for changing or deleting post or user meta (custom fields) keys in bulk.

100 No CVEs
PureDevs Any Meta Inspector

PureDevs Any Meta Inspector

puredevs-any-meta-inspector

A
100

PureDevs Any Meta Inspector shows all the meta keys and their unserialized values in a metabox for posts, pages, terms, comments, and users.

100 No CVEs
Developer Profile

Ascendoor Metadata Manager Developer Profile

Ascendoor

127 plugins · 26K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Ascendoor Metadata Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ascendoor-metadata-manager/admin/css/ascendoor-metadata-manager-admin.css/wp-content/plugins/ascendoor-metadata-manager/admin/js/ascendoor-metadata-manager-admin.js
Script Paths
/wp-content/plugins/ascendoor-metadata-manager/admin/js/ascendoor-metadata-manager-admin.js
Version Parameters
ascendoor-metadata-manager-admin

HTML / DOM Fingerprints

JS Globals
amdm
FAQ

Frequently Asked Questions about Ascendoor Metadata Manager