Does Beautiful taxonomy filters have any unpatched vulnerabilities?

No. All known vulnerabilities in Beautiful taxonomy filters have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Beautiful taxonomy filters compatible with WordPress 6.9.4?

According to WordPress.org data, Beautiful taxonomy filters 2.4.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Beautiful taxonomy filters updated?

Beautiful taxonomy filters was last updated on Dec 5, 2025. Frequent updates are generally a positive security signal.

What is Beautiful taxonomy filters's security score?

Beautiful taxonomy filters has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Beautiful taxonomy filters Security & Risk Analysis

wordpress.org/plugins/beautiful-taxonomy-filters

Supercharge your custom post type archives by letting visitors filter posts by their terms/categories. This plugin handles the whole thing for you!

3K active installs v2.4.6 PHP + WP 4.3.0+ Updated Dec 5, 2025

filterpretty-permalinkstaxonomytermswidget

A · Safe

CVEs total1

Unpatched0

Last CVEDec 6, 2024

Plugin page Download

Safety Verdict

Is Beautiful taxonomy filters Safe to Use in 2026?

Generally Safe

Score 98/100

Beautiful taxonomy filters has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Dec 6, 2024Updated 3mo ago

Risk Assessment

The "beautiful-taxonomy-filters" plugin v2.4.6 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices by using prepared statements for all SQL queries, has a high percentage of properly escaped output, and no file operations or external HTTP requests are present. The taint analysis also reveals no critical or high severity issues, indicating a generally safe code base regarding data sanitization for paths and commands.

However, significant concerns arise from the attack surface. Two of the four identified entry points are AJAX handlers that lack authentication checks, presenting a direct risk of unauthorized access or execution of potentially sensitive functions. While the plugin has a history of known vulnerabilities, specifically one high-severity SQL injection, it's currently unpatched. This history, combined with the unprotected AJAX handlers, suggests a potential for attackers to exploit weaknesses if they emerge.

In conclusion, while the plugin has strengths in data handling and sanitization, the unprotected AJAX endpoints and a recent high-severity SQL injection vulnerability in its history warrant caution. The lack of authentication on these critical entry points is a notable weakness that could be leveraged in conjunction with discovered vulnerabilities.

Key Concerns

Unprotected AJAX handlers
High severity vulnerability in history (unpatched)

Vulnerabilities

Beautiful taxonomy filters Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

High

1 total CVE

CVE-2024-12270high · 7.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Beautiful Taxonomy Filters <= 2.4.3 - Unauthenticated SQL Injection

Dec 6, 2024 Patched in 2.4.4 (334d)

Code Analysis

Analyzed Mar 16, 2026

Beautiful taxonomy filters Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

235 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

100% prepared3 total queries

Output Escaping

93% escaped254 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

update_filters_callback (public\class-beautiful-taxonomy-filters-public.php:278)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Beautiful taxonomy filters Attack Surface

Entry Points4

Unprotected2

AJAX Handlers 2

authwp_ajax_update_filters_callbackincludes\class-beautiful-taxonomy-filters.php:212

noprivwp_ajax_update_filters_callbackincludes\class-beautiful-taxonomy-filters.php:213

Shortcodes 2

[show_beautiful_filters] public\class-beautiful-taxonomy-filters-shortcodes.php:46

[show_beautiful_filters_info] public\class-beautiful-taxonomy-filters-shortcodes.php:47

WordPress Hooks 17

actionplugins_loadedincludes\class-beautiful-taxonomy-filters.php:170

actionadmin_enqueue_scriptsincludes\class-beautiful-taxonomy-filters.php:185

actiongenerate_rewrite_rulesincludes\class-beautiful-taxonomy-filters.php:186

actionadmin_menuincludes\class-beautiful-taxonomy-filters.php:187

actionadmin_initincludes\class-beautiful-taxonomy-filters.php:188

actionadmin_initincludes\class-beautiful-taxonomy-filters.php:189

actionwidgets_initincludes\class-beautiful-taxonomy-filters.php:190

actionadmin_noticesincludes\class-beautiful-taxonomy-filters.php:191

actionwp_enqueue_scriptsincludes\class-beautiful-taxonomy-filters.php:206

actionwp_enqueue_scriptsincludes\class-beautiful-taxonomy-filters.php:207

actionwp_headincludes\class-beautiful-taxonomy-filters.php:208

actionloop_startincludes\class-beautiful-taxonomy-filters.php:209

filterwp_dropdown_catsincludes\class-beautiful-taxonomy-filters.php:210

filtertemplate_redirectincludes\class-beautiful-taxonomy-filters.php:211

filterbody_classincludes\class-beautiful-taxonomy-filters.php:214

actionshow_beautiful_filtersincludes\class-beautiful-taxonomy-filters.php:217

actionshow_beautiful_filters_infoincludes\class-beautiful-taxonomy-filters.php:218

Maintenance & Trust

Beautiful taxonomy filters Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 5, 2025

PHP min version

Downloads152K

Community Trust

Rating98/100

Number of ratings68

Active installs3K

Alternatives

Beautiful taxonomy filters Alternatives

Taxonomy Term Widget

taxonomy-term-widget

Add an advanced widget to your WordPress blog, like an extension of the Categories widget.

300 No CVEs

Posts By Taxonomy Widget

posts-by-taxonomy-widget

Display a list of taxonomy terms with recent posts in those terms in a simple to use widget

20 No CVEs

Gimme Filter

gimme-filter

Flexible and simple WordPress taxonomy filter

0 No CVEs

Category Order and Taxonomy Terms Order

taxonomy-terms-order

Drag-and-drop ordering for Categories & any taxonomy (hierarchically) using a Drag and Drop Sortable JavaScript capability.

500K 2 CVEs

Search & Filter

search-filter

Search and Filtering for Custom Posts, Categories, Tags, Taxonomies, Post Dates and Post Types

50K 2 CVEs

Developer Profile

Beautiful taxonomy filters Developer Profile

Jonathandejong

2 plugins · 3K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

334 days

View full developer profile

Detection Fingerprints

How We Detect Beautiful taxonomy filters

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/beautiful-taxonomy-filters/css/beautiful-taxonomy-filters-admin.css/wp-content/plugins/beautiful-taxonomy-filters/public/css/beautiful-taxonomy-filters-public.css/wp-content/plugins/beautiful-taxonomy-filters/public/js/beautiful-taxonomy-filters-public.js

Script Paths

/wp-content/plugins/beautiful-taxonomy-filters/public/js/beautiful-taxonomy-filters-public.js

Version Parameters

beautiful-taxonomy-filters/css/beautiful-taxonomy-filters-admin.css?ver=beautiful-taxonomy-filters/css/beautiful-taxonomy-filters-public.css?ver=beautiful-taxonomy-filters/js/beautiful-taxonomy-filters-public.js?ver=

HTML / DOM Fingerprints

CSS Classes

btf-filter-containerbtf-filter-dropdownbtf-filter-multiselectbtf-filter-checkboxbtf-filter-radiobtf-filter-search

HTML Comments

Data Attributes

data-btf-filterdata-btf-taxonomydata-btf-post-type

JS Globals

btf_public_ajax_object

REST Endpoints

/wp-json/btf/v1/filters

Shortcode Output

[beautiful_taxonomy_filters]

FAQ