Does Bleep Filter have any unpatched vulnerabilities?

No. All known vulnerabilities in Bleep Filter have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Bleep Filter compatible with WordPress 3.9.40?

According to WordPress.org data, Bleep Filter 1.2 has been tested up to WordPress 3.9.40. Check the plugin's changelog for the latest compatibility information.

How often is Bleep Filter updated?

Bleep Filter was last updated on Jul 19, 2014. Frequent updates are generally a positive security signal.

What is Bleep Filter's security score?

Bleep Filter has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Bleep Filter Security & Risk Analysis

wordpress.org/plugins/bleep-filter

An advanced word and content filter perfect for passively eliminating profanity and spoilers.

10 active installs v1.2 PHP + WP 3.5.1+ Updated Jul 19, 2014

content-filterphonetic-filterprofanity-filterswear-filterword-filter

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Bleep Filter Safe to Use in 2026?

Generally Safe

Score 85/100

Bleep Filter has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The bleep-filter v1.2 plugin exhibits a strong security posture based on the static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the potential attack surface. Furthermore, the code signals indicate good security practices, with no dangerous functions, all SQL queries using prepared statements, and the presence of nonce and capability checks. The vulnerability history is also clear, with no known CVEs, suggesting a mature and well-maintained codebase.

However, there is one area of concern identified in the taint analysis: a flow with an unsanitized path. While no critical or high severity issues were flagged, this represents a potential entry point for attacks if not properly handled. The single file operation, without further context, also warrants attention as it could be a vector for malicious activity if not secured. The output escaping, while mostly proper, has a quarter of outputs not being escaped, which could lead to cross-site scripting vulnerabilities if user-controlled data is displayed without sanitization.

Overall, bleep-filter v1.2 is a securely coded plugin with a clean vulnerability history. The lack of known vulnerabilities and the generally robust security practices are commendable. The primary areas for improvement are addressing the identified unsanitized path flow and ensuring all outputs are properly escaped to mitigate potential XSS risks.

Key Concerns

Flow with unsanitized path
Output escaping not fully implemented

Vulnerabilities

None known

Bleep Filter Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Bleep Filter Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

75% escaped4 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

bleep_filter_import (wpadmin.class.php:259)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Bleep Filter Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 26

filterthe_contentphoneticbleepfilter.class.php:15

filterthe_excerptphoneticbleepfilter.class.php:16

filterthe_titlephoneticbleepfilter.class.php:17

filterthe_content_rssphoneticbleepfilter.class.php:20

filterthe_excerpt_rssphoneticbleepfilter.class.php:21

filterthe_title_rssphoneticbleepfilter.class.php:22

filtercomment_textphoneticbleepfilter.class.php:26

filtercomment_excerptphoneticbleepfilter.class.php:27

filtercomment_text_rssphoneticbleepfilter.class.php:31

filtercomment_excerpt_rssphoneticbleepfilter.class.php:32

filterbbp_get_topic_contentphoneticbleepfilter.class.php:37

filterbbp_get_topic_titlephoneticbleepfilter.class.php:38

filterbbp_get_reply_contentphoneticbleepfilter.class.php:39

filterbbp_get_reply_titlephoneticbleepfilter.class.php:40

actioninitwpadmin.class.php:10

actioninitwpadmin.class.php:13

actionadmin_menuwpadmin.class.php:16

actionadmin_initwpadmin.class.php:19

actionadmin_menuwpadmin.class.php:22

actionadmin_menuwpadmin.class.php:25

filterplugin_action_linkswpadmin.class.php:28

actionwp_enqueue_scriptswpadmin.class.php:31

actionadd_meta_boxeswpadmin.class.php:34

actionsave_postwpadmin.class.php:37

filterenter_title_herewpadmin.class.php:40

actionadmin_initwpadmin.class.php:103

Maintenance & Trust

Bleep Filter Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40

Last updatedJul 19, 2014

PHP min version

Downloads3K

Community Trust

Rating100/100

Number of ratings3

Active installs10

Alternatives

Bleep Filter Alternatives

Post Filter

post-filter-filter-any-contents-with-specific-words

Post Filter allows you to replace all bad words with good ones in all post types with simple settings and easy to use interface.

10 No CVEs

String Replacer

string-replacer

100

Replace any string visible to site visitors or found in outgoing emails—titles, content, footers, and more. Comes with a dynamic admin interface.

100 No CVEs

Spam Filter For Elementor Form

spam-filter-for-elementor-form

100

A simple yet powerful plugin that adds advanced spam and content filtration to your Elementor Pro forms.

90 No CVEs

Anti-Spam Filter for Gravity Forms

anti-spam-filter-gravity-forms

A lightweight anti-spam solution for Gravity Forms that blocks unwanted submissions using keyword filtering and Cyrillic text detection.

30 No CVEs

WP-Infobox

wp-infobox

Add an info box to individual posts

20 No CVEs

Developer Profile

Bleep Filter Developer Profile

nathanlampe

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Bleep Filter

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bleep-filter/css/bleep_style.css

Version Parameters

bleep-filter/css/bleep_style.css?ver=

HTML / DOM Fingerprints

Data Attributes

id="bleep_replace_field"name="bleep_replace_field"

FAQ