AW WordPress Yearly Category Archives Security & Risk Analysis
wordpress.org/plugins/aw-yearly-category-archivesThis plugin will allow for yearly archives of specific categories from all post types and "Posts".
Is AW WordPress Yearly Category Archives Safe to Use in 2026?
Generally Safe
Score 85/100AW WordPress Yearly Category Archives has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "aw-yearly-category-archives" plugin version 1.2.8 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries, performing nonce checks, and having no known vulnerabilities in its history. The static analysis also indicates no dangerous function usage, file operations, or external HTTP requests, contributing to a generally low risk profile in these areas. However, there are notable concerns. The output escaping is significantly lacking, with only 20% of outputs being properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if untrusted data is displayed. Furthermore, the taint analysis revealed one flow with an unsanitized path, which, although not rated as critical or high severity, still represents a potential area for exploitation if it involves user-controllable input leading to file system access or other sensitive operations.
Key Concerns
- Low output escaping percentage
- Unsanitized path in taint analysis
AW WordPress Yearly Category Archives Security Vulnerabilities
AW WordPress Yearly Category Archives Code Analysis
Output Escaping
Data Flow Analysis
AW WordPress Yearly Category Archives Attack Surface
Shortcodes 2
WordPress Hooks 3
Maintenance & Trust
AW WordPress Yearly Category Archives Maintenance & Trust
Maintenance Signals
Community Trust
AW WordPress Yearly Category Archives Alternatives
Disable Author Archives
disable-author-archives
Disable Author Archives completely removes author archives and makes the web server return status code 404 ('Not Found') instead.
Simple Yearly Archive
simple-yearly-archive
Simple Yearly Archive is a rather neat and simple Wordpress plugin that allows you to display your archives in a year-based list.
Advanced Posts/Page
advanced-posts-per-page
Fine grained control of how many of your posts appear on each of the various WordPress archive pages.
Collapsing Archives
collapsing-archives
This plugin uses Javascript to dynamically expand or collapse the set of months for each year and posts for each month in the archive listing of your …
Sitekit
sitekit
Widgets: search, archives and categories. Shortcodes: archives, bloginfo, iframe and categories.
AW WordPress Yearly Category Archives Developer Profile
1 plugin · 100 total installs
How We Detect AW WordPress Yearly Category Archives
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/aw-yearly-category-archives/css/aw_yearly_category.css/wp-content/plugins/aw-yearly-category-archives/js/aw_wp_yca_js.js/wp-content/plugins/aw-yearly-category-archives/css/aw_frontend.css/wp-content/plugins/aw-yearly-category-archives/js/frontend.js/wp-content/plugins/aw-yearly-category-archives/js/aw_wp_yca_js.js/wp-content/plugins/aw-yearly-category-archives/js/frontend.jsaw-yearly-category-archives/css/aw_yearly_category.css?ver=aw-yearly-category-archives/js/aw_wp_yca_js.js?ver=aw-yearly-category-archives/css/aw_frontend.css?ver=aw-yearly-category-archives/js/frontend.js?ver=HTML / DOM Fingerprints
awYearsDropdownawDropdownOptionawDatesULawDatesLIid="aw_wp_yca_form"id="codeTextArea"aw_wp_yca_jsfrontend_js<select class="awYearsDropdown"><option class="awDropdownOption" value="