Does Brozzme Switch and Duplicate have any unpatched vulnerabilities?

No. All known vulnerabilities in Brozzme Switch and Duplicate have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Brozzme Switch and Duplicate compatible with WordPress 5.8.13?

According to WordPress.org data, Brozzme Switch and Duplicate 1.6 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

How often is Brozzme Switch and Duplicate updated?

Brozzme Switch and Duplicate was last updated on Oct 28, 2021. Frequent updates are generally a positive security signal.

What is Brozzme Switch and Duplicate's security score?

Brozzme Switch and Duplicate has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Brozzme Switch and Duplicate Security & Risk Analysis

wordpress.org/plugins/brozzme-switch-duplicate

A set of tools dedicated to post type, Post-type Switcher and Post Duplicate (works with any custom post-type).

100 active installs v1.6 PHP + WP 4.0+ Updated Oct 28, 2021

admincptduplicatepost-typeswitcher

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Brozzme Switch and Duplicate Safe to Use in 2026?

Generally Safe

Score 85/100

Brozzme Switch and Duplicate has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The "brozzme-switch-duplicate" plugin v1.6 exhibits a generally good security posture, with no known vulnerabilities (CVEs) recorded. The static analysis reveals a minimal attack surface, with zero AJAX handlers, REST API routes, shortcodes, or cron events exposed. Furthermore, all identified code signals, such as capability checks and nonce checks, are present, indicating an effort to implement basic WordPress security practices.

However, a significant concern arises from the presence of the `unserialize()` function without explicit checks for serialized data origin or integrity. While taint analysis shows no flows, the `unserialize()` function is inherently risky if user-controlled data is passed to it, potentially leading to remote code execution or denial-of-service vulnerabilities. The moderate rate of properly escaped output (49%) also suggests a potential for cross-site scripting (XSS) vulnerabilities, although no specific instances were flagged in the taint analysis.

Despite the absence of a vulnerability history, the identified `unserialize()` function represents a latent risk that should be addressed. The plugin's strengths lie in its limited attack surface and the presence of security checks. The primary weakness is the unchecked use of `unserialize()`, which, combined with less-than-ideal output escaping, warrants careful consideration.

Key Concerns

Use of unserialize() without clear input validation
Less than half of output is properly escaped

Vulnerabilities

None known

Brozzme Switch and Duplicate Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Brozzme Switch and Duplicate Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

17 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$body = unserialize($body['body']);includes\brozzme_plugins_page.php:313

SQL Query Safety

50% prepared2 total queries

Output Escaping

49% escaped35 total outputs

Attack Surface

Brozzme Switch and Duplicate Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 24

actionadmin_enqueue_scriptsbrozzme_switch_duplicate.php:46

filterplugin_action_linksbrozzme_switch_duplicate.php:88

actionplugins_loadedbrozzme_switch_duplicate.php:90

actionadmin_menuincludes\brozzme_plugins_page.php:21

actionadmin_footer_textincludes\brozzme_plugins_page.php:44

actionplugins_loadedincludes\brozzme_plugins_page.php:48

actionadmin_action_duplicate_post_as_draftincludes\brozzme_switch_duplicate_duplicator.php:34

filterpost_row_actionsincludes\brozzme_switch_duplicate_duplicator.php:36

filterpage_row_actionsincludes\brozzme_switch_duplicate_duplicator.php:37

actionadmin_headincludes\brozzme_switch_duplicate_duplicator.php:39

actionadmin_initincludes\brozzme_switch_duplicate_settings.php:18

actionadmin_menuincludes\brozzme_switch_duplicate_settings.php:19

actionadmin_initincludes\brozzme_switch_duplicate_switcher.php:18

actionmanage_posts_columnsincludes\brozzme_switch_duplicate_switcher.php:40

actionmanage_pages_columnsincludes\brozzme_switch_duplicate_switcher.php:41

actionmanage_posts_custom_columnincludes\brozzme_switch_duplicate_switcher.php:42

actionmanage_pages_custom_columnincludes\brozzme_switch_duplicate_switcher.php:43

actionadmin_headincludes\brozzme_switch_duplicate_switcher.php:47

actionpost_submitbox_misc_actionsincludes\brozzme_switch_duplicate_switcher.php:48

actionquick_edit_custom_boxincludes\brozzme_switch_duplicate_switcher.php:49

actionbulk_edit_custom_boxincludes\brozzme_switch_duplicate_switcher.php:50

actionadmin_enqueue_scriptsincludes\brozzme_switch_duplicate_switcher.php:51

filterwp_insert_attachment_dataincludes\brozzme_switch_duplicate_switcher.php:54

filterwp_insert_post_dataincludes\brozzme_switch_duplicate_switcher.php:55

Maintenance & Trust

Brozzme Switch and Duplicate Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedOct 28, 2021

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings4

Active installs100

Alternatives

Brozzme Switch and Duplicate Alternatives

CPT Toggle – Disable Custom Post Types

cpt-toggle-disable-custom-post-types

100

Enable or disable any post type. Tabs group post types by source (Core, theme, plugin) for a tidy WordPress admin.

20 No CVEs

Enter Title Here Changer

enter-title-here-changer

Replace the default Add Title (Gutenberg) or Enter title here (Legacy) placeholder when creating a new post.

10 No CVEs

ARPCSO Page CPT-Style Organizer

arpcso-page-cpt-style-organizer

100

Organize Custom Post Types (CPT) and Custom Taxonomies (CT) in pages.

0 No CVEs

Post Types Unlimited

post-types-unlimited

100

Create unlimited custom post types and custom taxonomies.

10K No CVEs

Sticky Posts – Switch

sticky-posts-switch

This plugin adds a sticky post switch functionality to the admin list post/custom post type pages.

6K No CVEs

Developer Profile

Brozzme Switch and Duplicate Developer Profile

Benoti

11 plugins · 11K total installs

trust score

Avg Security Score

88/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Brozzme Switch and Duplicate

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/brozzme-switch-duplicate/css/brozzme-admin-css.css

HTML / DOM Fingerprints

Data Attributes

data-postiddata-posttypedata-ajax-url

JS Globals

bsd_params

FAQ