WP-Safety

Breadcrumb – Breadcrumb for WooCommerce and Custom Post Types Security & Risk Analysis

wordpress.org/plugins/breadcrumb

Super light weight & easy breadcrumb navigation for wordpress site.

20K active installs v1.5.54 PHP + WP 3.8+ Updated Dec 17, 2025
breadcrumbbreadcrumb-navbreadcrumbstrailwoocommerce-breadcrumb
100
A · Safe
CVEs total1
Unpatched0
Last CVEJan 11, 2023
Plugin page Download
Safety Verdict

Is Breadcrumb – Breadcrumb for WooCommerce and Custom Post Types Safe to Use in 2026?

Generally Safe

Score 100/100

Breadcrumb – Breadcrumb for WooCommerce and Custom Post Types has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Jan 11, 2023Updated 5mo ago
Risk Assessment

The 'breadcrumb' plugin v1.5.54 exhibits a generally strong security posture based on the provided static analysis. The absence of dangerous functions, file operations, and external HTTP requests, coupled with the extensive use of prepared statements for SQL queries and a high percentage of properly escaped output, are commendable practices. The presence of a nonce check and a single capability check also suggests some level of security awareness in its development. However, the taint analysis reveals a concerning finding: two flows with unsanitized paths, even though they are not currently classified as critical or high severity. This indicates a potential for vulnerabilities if these paths are exploited or if the sanitization logic is insufficient for certain inputs. Furthermore, the plugin has a history of one known CVE, specifically Cross-Site Scripting, with the last vulnerability being in early 2023. While there are currently no unpatched vulnerabilities, this history suggests that the plugin has been susceptible to certain attack vectors in the past, warranting continued vigilance. Overall, the plugin is well-implemented in many areas, but the unsanitized paths and past XSS vulnerability are points that require attention and potential mitigation.

Key Concerns

  • Flows with unsanitized paths identified
  • Past XSS vulnerability history
Vulnerabilities
1 published

Breadcrumb – Breadcrumb for WooCommerce and Custom Post Types Security Vulnerabilities

CVEs by Year

1 CVE in 2023
2023
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2022-4836medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Breadcrumb <= 1.5.32 - Authenticated (Contributor+) Stored Cross-Site Scripting

Jan 11, 2023 Patched in 1.5.33 (377d)
Version History

Breadcrumb – Breadcrumb for WooCommerce and Custom Post Types Release Timeline

v1.5.54Current
v1.5.53
v1.5.52
v1.5.51
v1.5.50
v1.5.49
v1.5.48
v1.5.47
v1.5.46
v1.5.45
v1.5.44
v1.5.43
v1.5.42
v1.5.42-a
v1.5.41
v1.5.40
v1.5.38
v1.5.37
v1.5.36
v1.5.35
Code Analysis
Analyzed Mar 16, 2026

Breadcrumb – Breadcrumb for WooCommerce and Custom Post Types Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
522 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

99% escaped526 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths
breadcrumb_settings_save (includes\functions-settings.php:1187)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Breadcrumb – Breadcrumb for WooCommerce and Custom Post Types Attack Surface

Entry Points2
Unprotected0

Shortcodes 2

[breadcrumb] includes\class-shortcodes.php:18
[breadcrumb_update_elements] includes\functions-upgrade.php:5
WordPress Hooks 80
actionwp_enqueue_scriptsbreadcrumb.php:43
actionadmin_enqueue_scriptsbreadcrumb.php:44
filterwidget_textbreadcrumb.php:45
actionplugins_loadedbreadcrumb.php:46
actionbefore_woocommerce_initbreadcrumb.php:47
actionadmin_menuincludes\class-settings.php:10
filterbreadcrumb_items_arrayincludes\functions-hooks.php:4
filterbreadcrumb_permalink_front_textincludes\functions-hooks.php:499
filterbreadcrumb_permalink_custom_textincludes\functions-hooks.php:519
filterbreadcrumb_permalink_homeincludes\functions-hooks.php:537
filterbreadcrumb_permalink_post_titleincludes\functions-hooks.php:556
filterbreadcrumb_permalink_post_ancestorsincludes\functions-hooks.php:569
filterbreadcrumb_permalink_post_authorincludes\functions-hooks.php:597
filterbreadcrumb_permalink_post_categoryincludes\functions-hooks.php:616
filterbreadcrumb_permalink_product_catincludes\functions-hooks.php:710
filterbreadcrumb_permalink_category_ancestorsincludes\functions-hooks.php:812
filterbreadcrumb_permalink_post_termincludes\functions-hooks.php:942
filterbreadcrumb_permalink_product_tagincludes\functions-hooks.php:1067
filterbreadcrumb_permalink_wc_shopincludes\functions-hooks.php:1183
filterbreadcrumb_permalink_post_tagincludes\functions-hooks.php:1196
filterbreadcrumb_permalink_term_titleincludes\functions-hooks.php:1224
filterbreadcrumb_permalink_term_parentincludes\functions-hooks.php:1243
filterbreadcrumb_permalink_term_ancestorsincludes\functions-hooks.php:1271
filterbreadcrumb_permalink_post_dateincludes\functions-hooks.php:1311
filterbreadcrumb_permalink_post_monthincludes\functions-hooks.php:1330
filterbreadcrumb_permalink_post_yearincludes\functions-hooks.php:1347
filterbreadcrumb_permalink_date_textincludes\functions-hooks.php:1365
filterbreadcrumb_permalink_month_textincludes\functions-hooks.php:1388
filterbreadcrumb_permalink_year_textincludes\functions-hooks.php:1411
filterbreadcrumb_permalink_post_idincludes\functions-hooks.php:1435
filterbreadcrumb_permalink_search_wordincludes\functions-hooks.php:1448
actionbreadcrumb_settings_tabs_content_optionsincludes\functions-settings.php:6
actionbreadcrumb_settings_tabs_content_builderincludes\functions-settings.php:253
actionbreadcrumb_settings_tabs_content_styleincludes\functions-settings.php:492
actionbreadcrumb_settings_tabs_content_custom_scriptsincludes\functions-settings.php:696
actionbreadcrumb_settings_tabs_content_help_supportincludes\functions-settings.php:755
actionbreadcrumb_settings_tabs_content_buy_proincludes\functions-settings.php:907
actionbreadcrumb_settings_tabs_right_panel_optionsincludes\functions-settings.php:1128
actionbreadcrumb_settings_tabs_right_panel_builderincludes\functions-settings.php:1129
actionbreadcrumb_settings_tabs_right_panel_styleincludes\functions-settings.php:1130
actionbreadcrumb_settings_tabs_right_panel_custom_scriptsincludes\functions-settings.php:1131
actionbreadcrumb_settings_tabs_right_panel_help_supportincludes\functions-settings.php:1132
actionbreadcrumb_settings_tabs_right_panel_buy_proincludes\functions-settings.php:1133
actionbreadcrumb_settings_saveincludes\functions-settings.php:1182
filterbreadcrumb_tagsincludes\functions.php:116
filterbreadcrumb_tagsincludes\functions.php:159
actionbreadcrumb_tag_options_post_idincludes\functions.php:324
actionbreadcrumb_tag_options_post_ancestorsincludes\functions.php:372
actionbreadcrumb_tag_options_post_yearincludes\functions.php:417
actionbreadcrumb_tag_options_post_monthincludes\functions.php:463
actionbreadcrumb_tag_options_post_dateincludes\functions.php:507
actionbreadcrumb_tag_options_post_tagincludes\functions.php:552
actionbreadcrumb_tag_options_front_textincludes\functions.php:596
actionbreadcrumb_tag_options_custom_textincludes\functions.php:657
actionbreadcrumb_tag_options_homeincludes\functions.php:739
actionbreadcrumb_tag_options_post_titleincludes\functions.php:821
actionbreadcrumb_tag_options_post_authorincludes\functions.php:867
actionbreadcrumb_tag_options_post_categoryincludes\functions.php:912
actionbreadcrumb_tag_options_post_termincludes\functions.php:958
actionbreadcrumb_tag_options_product_catincludes\functions.php:1029
actionbreadcrumb_tag_options_category_ancestorsincludes\functions.php:1075
actionbreadcrumb_tag_options_product_tagincludes\functions.php:1139
actionbreadcrumb_tag_options_wc_shopincludes\functions.php:1187
actionbreadcrumb_tag_options_term_titleincludes\functions.php:1234
actionbreadcrumb_tag_options_term_parentincludes\functions.php:1280
actionbreadcrumb_tag_options_term_ancestorsincludes\functions.php:1325
actionbreadcrumb_tag_options_404_textincludes\functions.php:1372
actionbreadcrumb_tag_options_date_textincludes\functions.php:1419
actionbreadcrumb_tag_options_month_textincludes\functions.php:1483
actionbreadcrumb_tag_options_year_textincludes\functions.php:1548
actionbreadcrumb_tag_options_search_wordincludes\functions.php:1615
actionbreadcrumb_tag_options_author_nameincludes\functions.php:1661
filterbreadcrumb_link_textincludes\functions.php:2304
actioninitincludes\functions.php:2366
actionbreadcrumb_maintemplates\breadcrumb\breadcrumb-hook.php:5
actionbreadcrumb_main_item_looptemplates\breadcrumb\breadcrumb-hook.php:38
actionbreadcrumb_main_endtemplates\breadcrumb\breadcrumb-hook.php:59
actionbreadcrumb_main_endtemplates\breadcrumb\breadcrumb-hook.php:104
actionbreadcrumb_main_endtemplates\breadcrumb\breadcrumb-hook.php:186
actionwp_footertemplates\breadcrumb\breadcrumb-hook.php:208
Maintenance & Trust

Breadcrumb – Breadcrumb for WooCommerce and Custom Post Types Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 17, 2025
PHP min version
Downloads407K

Community Trust

Rating90/100
Number of ratings35
Active installs20K
Alternatives

Breadcrumb – Breadcrumb for WooCommerce and Custom Post Types Alternatives

Breadcrumb NavXT Multidimension Extensions

Breadcrumb NavXT Multidimension Extensions

breadcrumb-navxt-multidimension-extensions

A
100

Automates the generation of multidimensional list breadcrumb trails with Breadcrumb NavXT.

200 No CVEs
Breadcrumb NavXT

Breadcrumb NavXT

breadcrumb-navxt

A
98

Adds breadcrumb navigation showing the visitor's path to their current location.

800K 2 CVEs
Catch Breadcrumb

Catch Breadcrumb

catch-breadcrumb

A
100

Catch Breadcrumb lets you display Breadcrumb Navigation anywhere on your website elegantly.

2K 1 CVE
Breadcrumb TMC

Breadcrumb TMC

breadcrumb-tmc

A
92

Use [breadcrumb-tmc] shortcode to display the breadcrumb trail.

300 No CVEs
SEO Breadcrumbs

SEO Breadcrumbs

seo-breadcrumbs

A
85

SEO Breadcrumbs is powerful and easy to use plugin that can add five different breadcrumbs navigation to your wordpress website.

300 No CVEs
Developer Profile

Breadcrumb – Breadcrumb for WooCommerce and Custom Post Types Developer Profile

PickPlugins

14 plugins · 94K total installs

67
trust score
Avg Security Score
83/100
Avg Patch Time
330 days
View full developer profile
Detection Fingerprints

How We Detect Breadcrumb – Breadcrumb for WooCommerce and Custom Post Types

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/breadcrumb/assets/admin/css/fontawesome.css/wp-content/plugins/breadcrumb/assets/settings-tabs/settings-tabs.css/wp-content/plugins/breadcrumb/assets/settings-tabs/settings-tabs.js/wp-content/plugins/breadcrumb/assets/admin/js/jquery.lazy.js
Script Paths
/wp-content/plugins/breadcrumb/assets/admin/css/fontawesome.css/wp-content/plugins/breadcrumb/assets/settings-tabs/settings-tabs.css/wp-content/plugins/breadcrumb/assets/settings-tabs/settings-tabs.js/wp-content/plugins/breadcrumb/assets/admin/js/jquery.lazy.js
Version Parameters
breadcrumb/assets/admin/css/fontawesome.css?ver=breadcrumb/assets/settings-tabs/settings-tabs.css?ver=breadcrumb/assets/settings-tabs/settings-tabs.js?ver=breadcrumb/assets/admin/js/jquery.lazy.js?ver=

HTML / DOM Fingerprints

Data Attributes
data-depends
JS Globals
settings_tabs_field
FAQ

Frequently Asked Questions about Breadcrumb – Breadcrumb for WooCommerce and Custom Post Types