BMI Adult & Kid Calculator Security & Risk Analysis
wordpress.org/plugins/bmi-adultkid-calculatorWe have developed a free Wordpress plugin with our BMI Calculator that you can use completely free of charge.
Is BMI Adult & Kid Calculator Safe to Use in 2026?
High Risk
Score 47/100BMI Adult & Kid Calculator carries significant security risk with 3 known CVEs, 2 still unpatched. Consider switching to a maintained alternative.
The "bmi-adultkid-calculator" plugin v1.2.2 exhibits a mixed security posture. On the positive side, the static analysis reveals strong adherence to secure coding practices, with no dangerous functions, all SQL queries using prepared statements, and an exceptionally high rate of output escaping. The plugin also correctly implements nonce and capability checks on its AJAX handlers, and there are no identified critical or high severity taint flows. However, the plugin's vulnerability history is a significant concern. With three known CVEs, two of which remain unpatched, and common vulnerability types including Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF), this indicates a recurring pattern of security weaknesses. The most recent vulnerability being in late 2025 further suggests ongoing issues.
While the current version's code appears to be cleaner than in the past, the history of exploitable vulnerabilities, particularly XSS and CSRF, suggests that developers may struggle with thoroughly sanitizing user inputs or correctly implementing security measures across all code paths. The presence of unpatched vulnerabilities, even if medium severity, represents a direct and actionable risk to WordPress sites running this plugin. Therefore, despite the improvements in static analysis findings for this specific version, the historical context strongly advises caution.
Key Concerns
- Two unpatched CVEs found
- Medium severity vulnerabilities in history (3 total)
- History of XSS vulnerabilities
- History of CSRF vulnerabilities
BMI Adult & Kid Calculator Security Vulnerabilities
CVEs by Year
Severity Breakdown
3 total CVEs
BMI Adult & Kid Calculator <= 1.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
BMI Adult & Kid Calculator <= 1.2.2 - Reflected Cross-Site Scripting
BMI Adult & Kid Calculator <= 1.2.1 - Cross-Site Request Forgery to Cross-Site Scripting
BMI Adult & Kid Calculator Code Analysis
Output Escaping
Data Flow Analysis
BMI Adult & Kid Calculator Attack Surface
AJAX Handlers 4
Shortcodes 2
WordPress Hooks 3
Maintenance & Trust
BMI Adult & Kid Calculator Maintenance & Trust
Maintenance Signals
Community Trust
BMI Adult & Kid Calculator Alternatives
BMI / IMC Calculator
bmi-imc-calculator
A simple calculator to show your users BMI (Body Mass Index)
Responsive BMI Calculator
responsive-bmi-calculator
A BMI (Body Mass Index) calculator, free, responsive and easy to use. The user receives his BMI and medical advices according to the World Health Orga …
Simple BMI Form
simple-bmi-form
BMI calculator form. The visitor may select Imperial, US or Metric units.
FitCalc – BMI Calculator
fitcalc-bmi-calculator
Lightweight BMI calculator with Metric and Imperial units. Use the shortcode [fitcalc_bmi].
Health Check & Troubleshooting
health-check
Health Check identifies common problems, and helps you troubleshoot plugin and theme conflicts.
BMI Adult & Kid Calculator Developer Profile
2 plugins · 2K total installs
How We Detect BMI Adult & Kid Calculator
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/bmi-adultkid-calculator/images/bmiberegner.pngbmi-adultkid-calculator/style.css?ver=bmi-adultkid-calculator/bmi-adultkid-calculator.php?ver=HTML / DOM Fingerprints
calc_wrappercalc_headercalc_header_leftcalc_header_titlecalc_header_desccalc_header_rightcustom_flex_calc_wrappercalc_data+7 more<!-- If this file is called directly, abort. -->id="calc_wrapper"name="units_checkbox"for="metric"for="imperial"<div class="calc_wrapper" id="calc_wrapper">