Does BusinessPress have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is BusinessPress compatible with WordPress 6.8.5?

According to WordPress.org data, BusinessPress 1.5 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is BusinessPress compatible with PHP 5.6+?

BusinessPress requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is BusinessPress updated?

BusinessPress was last updated on Feb 13, 2026. Frequent updates are generally a positive security signal.

What is BusinessPress's security score?

BusinessPress has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

BusinessPress Security & Risk Analysis

wordpress.org/plugins/businesspress

BusinessPress lets you control the WordPress core updates and plugin installing/editing/upgrading to prevent issues with your business websites.

40 active installs v1.5 PHP 5.6+ WP 4.0+ Updated Feb 13, 2026

core-updateseditinginstallingpermissionsplugins

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is BusinessPress Safe to Use in 2026?

Generally Safe

Score 100/100

BusinessPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The businesspress plugin v1.5 presents a mixed security posture. While it boasts a clean vulnerability history with no recorded CVEs and a good percentage of SQL queries using prepared statements, significant concerns arise from the static analysis. The plugin has a notable attack surface with seven AJAX handlers, four of which lack authentication checks. This immediately introduces a risk of unauthorized actions if these handlers can be triggered by unauthenticated users. Furthermore, the taint analysis reveals two high-severity flows with unsanitized paths, indicating potential for code injection or path traversal vulnerabilities. Coupled with a low percentage of properly escaped output (39%), these findings suggest a lack of robust input validation and output sanitization in critical areas.

Key Concerns

AJAX handlers without auth checks
High severity taint flows with unsanitized paths
Low percentage of properly escaped output
Flows with unsanitized paths

Vulnerabilities

None known

BusinessPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

BusinessPress Release Timeline

v1.4.1

v1.2

v1.0

v0.9.13

v0.9.6

v0.9.4

v0.8.8

v0.8.5

v0.8.4

v0.8.3

v0.7.4

v0.7.3

v0.6.6

Code Analysis

Analyzed Mar 16, 2026

BusinessPress Code Analysis

Dangerous Functions

Raw SQL Queries

19 prepared

Unescaped Output

60 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2jQuery

SQL Query Safety

76% prepared25 total queries

Output Escaping

39% escaped153 total outputs

Data Flows · Security

6 unsanitized

Data Flow Analysis

9 flows6 with unsanitized paths

screen (businesspress-settings.class.php:60)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

BusinessPress Attack Surface

Entry Points7

Unprotected4

AJAX Handlers 7

authwp_ajax_businesspress_contact_adminbusinesspress.php:102

authwp_ajax_bpress_login_checkbusinesspress.php:195

noprivwp_ajax_bpress_login_checkbusinesspress.php:196

authwp_ajax_fv_foliopress_ajax_pointersbusinesspress.php:1593

authwp_ajax_fv_foliopress_ajax_pointersfp-api.php:53

authwp_ajax_fv_user_lock_out_unlockplugins\fv-user-lock-out.php:24

authwp_ajax_businesspress_surge_cache_purgeplugins\surge-cache-purge.php:90

WordPress Hooks 181

actionadmin_noticesbusinesspress-notices.class.php:10

actionnetwork_admin_noticesbusinesspress-notices.class.php:11

actionadmin_footerbusinesspress-notices.class.php:12

actionnetwork_admin_menubusinesspress-notices.class.php:22

actionadmin_menubusinesspress-notices.class.php:23

filteroption_gf_dismissed_upgradesbusinesspress-notices.class.php:25

actionadmin_footerbusinesspress-notices.class.php:27

actionbusinesspress_admin_noticesbusinesspress-notices.class.php:114

filterpre_option_gf_dismissed_upgradesbusinesspress-notices.class.php:139

actionall_admin_noticesbusinesspress-notices.class.php:501

actionin_plugin_update_message-businesspress/businesspress.phpbusinesspress.php:70

actionadmin_initbusinesspress.php:75

actionadmin_initbusinesspress.php:76

actionadmin_initbusinesspress.php:77

actionplugins_loadedbusinesspress.php:78

actionplugins_loadedbusinesspress.php:79

filterauto_update_corebusinesspress.php:87

actionadmin_initbusinesspress.php:88

actioncore_upgrade_preamblebusinesspress.php:89

actionload-update-core.phpbusinesspress.php:90

filtersend_core_update_notification_emailbusinesspress.php:92

filterauto_core_update_send_emailbusinesspress.php:93

actionadmin_enqueue_scriptsbusinesspress.php:99

actionadmin_initbusinesspress.php:100

filterplugin_action_linksbusinesspress.php:101

filterauth_cookie_expirationbusinesspress.php:103

actionwelcome_panelbusinesspress.php:106

actionwp_dashboard_setupbusinesspress.php:109

actionwp_dashboard_setupbusinesspress.php:112

filterheartbeat_settingsbusinesspress.php:118

filteradmin_footer_textbusinesspress.php:119

actionadmin_initbusinesspress.php:120

actionadmin_headbusinesspress.php:121

actionwp_before_admin_bar_renderbusinesspress.php:122

filterget_user_option_admin_colorbusinesspress.php:125

filterlogin_titlebusinesspress.php:126

actioninitbusinesspress.php:132

actioninitbusinesspress.php:133

actionwp_footerbusinesspress.php:134

filterwp_login_errorsbusinesspress.php:135

actiontemplate_redirectbusinesspress.php:143

actionwp_login_failedbusinesspress.php:144

filterxmlrpc_login_errorbusinesspress.php:145

filterxmlrpc_pingback_errorbusinesspress.php:146

actionlostpassword_postbusinesspress.php:147

filterlogin_redirectbusinesspress.php:156

filterlogout_redirectbusinesspress.php:157

filterlogin_redirectbusinesspress.php:159

actionafter_password_resetbusinesspress.php:165

actionpost_submitbox_startbusinesspress.php:170

actionsave_postbusinesspress.php:171

filteruser_can_richeditbusinesspress.php:172

filterthe_contentbusinesspress.php:173

filterwoocommerce_helper_suppress_connect_noticebusinesspress.php:180

filterwp_mail_from_namebusinesspress.php:182

filterwp_mailbusinesspress.php:188

actionwp_footerbusinesspress.php:194

actionadmin_initbusinesspress.php:201

actionbig_image_size_thresholdbusinesspress.php:202

actionpre_get_postsbusinesspress.php:207

filtergettextbusinesspress.php:212

filterrecovery_mode_emailbusinesspress.php:217

filterpre_option_link_manager_enabledbusinesspress.php:312

actionadmin_footerbusinesspress.php:315

filterplugin_action_linksbusinesspress.php:316

filtermap_meta_capbusinesspress.php:317

filteradmin_initbusinesspress.php:318

filterallow_major_auto_core_updatesbusinesspress.php:323

filterallow_minor_auto_core_updatesbusinesspress.php:325

filterautomatic_updater_disabledbusinesspress.php:327

filterautomatic_updates_is_vcs_checkoutbusinesspress.php:331

filtershow_admin_barbusinesspress.php:345

actionadmin_initbusinesspress.php:346

actionadmin_headbusinesspress.php:347

filterpre_site_option_dismissed_update_corebusinesspress.php:479

filterxmlrpc_enabledbusinesspress.php:585

filtertemplate_redirectbusinesspress.php:1307

actionbig_image_size_thresholdbusinesspress.php:1412

filtertemplate_includebusinesspress.php:1480

actionadmin_print_footer_scriptsbusinesspress.php:1590

actionphpmailer_initbusinesspress.php:2081

actionadmin_enqueue_scriptsfp-api.php:52

actionadmin_noticesfp-api.php:54

actionadmin_print_footer_scriptsfp-api.php:311

actiontemplate_redirectfv-search.php:25

filterthe_contentfv-search.php:26

filterthe_contentfv-search.php:29

actionpre_get_postsfv-search.php:31

filterswiftype_search_paramsfv-search.php:33

filterrocket_rucss_external_exclusionsfv-search.php:35

filterseopress_titles_robots_attrsfv-search.php:38

filtergenesis_pre_get_option_content_archivefv-search.php:76

actionwp_enqueue_scriptsfv-search.php:79

actionpre_get_postsplugins\admin-posts-yearly-dropdowns.php:16

filterdisable_months_dropdownplugins\admin-posts-yearly-dropdowns.php:19

filterpre_months_dropdown_queryplugins\admin-posts-yearly-dropdowns.php:22

actionrestrict_manage_postsplugins\admin-posts-yearly-dropdowns.php:32

filterwoocommerce_shop_order_search_fieldsplugins\admin-woocommerce-search-speed.php:14

filterwoocommerce_shop_subscription_search_fieldsplugins\admin-woocommerce-search-speed.php:21

filterwoocommerce_shop_order_search_resultsplugins\admin-woocommerce-search-speed.php:30

filterwoocommerce_shop_subscription_search_resultsplugins\admin-woocommerce-search-speed.php:44

actionload-edit.phpplugins\admin-woocommerce-search-speed.php:61

actionadmin_footerplugins\admin-woocommerce-search-speed.php:69

actionpublish_postplugins\auto-post-thumbnail.php:30

actiontransition_post_statusplugins\auto-post-thumbnail.php:33

filterredirect_post_locationplugins\auto-post-thumbnail.php:180

filterredirect_post_locationplugins\auto-post-thumbnail.php:196

actionswpmb_after_save_postplugins\auto-post-thumbnail.php:337

filterredirect_post_locationplugins\auto-post-thumbnail.php:359

actionadmin_noticesplugins\auto-post-thumbnail.php:378

filterremovable_query_argsplugins\auto-post-thumbnail.php:395

filterembed_oembed_discoverplugins\disable-embeds.php:36

filtertiny_mce_pluginsplugins\disable-embeds.php:46

actioninitplugins\disable-embeds.php:56

filterrewrite_rules_arrayplugins\disable-embeds.php:94

filtertiny_mce_pluginsplugins\disable-emojis.php:42

filterwp_resource_hintsplugins\disable-emojis.php:43

actioninitplugins\disable-emojis.php:45

filterrest_authentication_errorsplugins\disable-json-api.php:31

filterjson_enabledplugins\disable-json-api.php:42

filterjson_jsonp_enabledplugins\disable-json-api.php:43

filterrest_enabledplugins\disable-json-api.php:46

filterrest_jsonp_enabledplugins\disable-json-api.php:47

actionwpplugins\fv-clickjacking-protection.php:10

filterwp_pre_insert_user_dataplugins\fv-fix-new-user-nicenames.php:10

filterpre_get_postsplugins\fv-limit-search.php:9

actioninitplugins\fv-limit-search.php:10

filterpre_handle_404plugins\fv-limit-search.php:53

filtersearchwp_short_circuitplugins\fv-limit-search.php:56

filterposts_searchplugins\fv-limit-search.php:63

filterauthenticateplugins\fv-require-email-address-for-login.php:2

actionlogin_initplugins\fv-require-email-address-for-login.php:44

actionrcp_login_form_errorsplugins\fv-require-email-address-for-login.php:61

actionlogin_footerplugins\fv-require-email-address-for-login.php:74

filteredd_login_formplugins\fv-require-email-address-for-login.php:106

actionwp_error_addedplugins\fv-simpler-login-errors.php:8

filterwppb_login_wp_error_messageplugins\fv-simpler-login-errors.php:23

filterauthenticateplugins\fv-user-lock-out.php:7

actionlogin_form_unlockplugins\fv-user-lock-out.php:10

actionwp_login_failedplugins\fv-user-lock-out.php:13

filterwp_login_errorsplugins\fv-user-lock-out.php:16

actionpassword_resetplugins\fv-user-lock-out.php:19

filtermanage_users_columnsplugins\fv-user-lock-out.php:21

filtermanage_users_custom_columnplugins\fv-user-lock-out.php:22

filterpassword_reset_expirationplugins\fv-user-lock-out.php:27

actionadmin_footerplugins\fv-user-lock-out.php:58

actionshow_user_profileplugins\fv-user-login-sessions.php:7

actionedit_user_profileplugins\fv-user-login-sessions.php:8

filterauthenticateplugins\improve-user-activation.php:16

filterpassword_reset_expirationplugins\improve-user-activation.php:67

actionuser_new_formplugins\improve-user-activation.php:77

actionafter_password_resetplugins\login-after-password-reset.php:14

actionlogin_headplugins\login-logo.php:46

filterlogin_headerurlplugins\login-logo.php:225

filterlogin_headertitleplugins\login-logo.php:226

actionadmin_noticesplugins\remove-yarpp-rating-nag.php:7

filtersimple_history/core_dropinsplugins\simple-history-clean-up.php:12

filtersimple_history/SidebarDropin/default_sidebar_boxesplugins\simple-history-clean-up.php:23

actionadmin_headplugins\simple-history-clean-up.php:34

filtergettextplugins\simple-history-clean-up.php:72

filtersimple_history/admin_menu_locationplugins\simple-history-clean-up.php:94

filtersimple_history_show_in_admin_barplugins\simple-history-clean-up.php:102

actionsimple_history/settings_page/general_section_outputplugins\simple-history-clean-up.php:104

actionadmin_footer-post.phpplugins\social-warfare-pro-tweaks.php:9

actionadmin_footer-post-new.phpplugins\social-warfare-pro-tweaks.php:10

actionadmin_bar_menuplugins\surge-cache-purge.php:17

actionadmin_footerplugins\surge-cache-purge.php:34

filtermanage_users_columnsplugins\users-by-date-registered.php:37

filtermanage_users_custom_columnplugins\users-by-date-registered.php:77

filtermanage_users_sortable_columnsplugins\users-by-date-registered.php:90

actionrestrict_manage_usersplugins\users-by-date-registered.php:176

actionpre_user_queryplugins\users-by-date-registered.php:252

actionadmin_menuplugins\wp-admin-settings-sort.php:7

actionadmin_headplugins\wp-chosen\includes\admin.php:56

actionadmin_enqueue_scriptsplugins\wp-chosen\includes\hooks.php:13

actioncustomize_controls_enqueue_scriptsplugins\wp-chosen\includes\hooks.php:14

actionadmin_headplugins\wp-chosen\includes\hooks.php:17

actionload-options-reading.phpplugins\wp-chosen\includes\hooks.php:18

actionadmin_noticesplugins\wp-live-chat-software-for-wordpress.php:6

actionadmin_noticesplugins\wp-live-chat-software-for-wordpress.php:12

filterupload_dirupload-path-fix.php:9

Scheduled Events 1

businesspress_cron

Maintenance & Trust

BusinessPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedFeb 13, 2026

PHP min version5.6

Downloads14K

Community Trust

Rating100/100

Number of ratings1

Active installs40

Alternatives

BusinessPress Alternatives

Custom Access Roles

custom-access-roles

Create custom roles with editing capability for only specific pages, categories and post types.

200 No CVEs

Disable Complete WP Updates

disable-complete-wp-updates

Completely Disable theme, plugin and core update checking, the related cronjobs and notification system.

0 No CVEs

Custom Fonts – Host Your Fonts Locally

custom-fonts

Custom Fonts is a powerful WordPress plugin that allows you to upload your own custom fonts or choose from a vast collection of Google Fonts, all host …

400K 2 CVEs

Members – Membership & User Role Editor Plugin

members

The best WordPress membership and user role editor plugin. User Roles & Capabilities editor helps you restrict content in just a few clicks.

300K 1 CVE

WP Rollback – Rollback Plugins and Themes

wp-rollback

Rollback (or forward) any WordPress.org plugin, theme, or block like a boss.

300K 2 CVEs

Developer Profile

BusinessPress Developer Profile

FolioVision

19 plugins · 48K total installs

trust score

Avg Security Score

93/100

Avg Patch Time

1098 days

View full developer profile

Detection Fingerprints

How We Detect BusinessPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/businesspress/js/businesspress.js/wp-content/plugins/businesspress/css/businesspress.css

Script Paths

/wp-content/plugins/businesspress/js/businesspress.js

Version Parameters

businesspress/businesspress.php?ver=businesspress/css/businesspress.css?ver=businesspress/js/businesspress.js?ver=

HTML / DOM Fingerprints

CSS Classes

businesspress-logobp-admin-navbusinesspress-main-nav

HTML Comments

Data Attributes

data-businesspress-noncedata-businesspress-actiondata-businesspress-settings

JS Globals

BusinessPressbusinesspress_ajax_objectbp_admin_params

REST Endpoints

/wp-json/businesspress/v1/settings

Shortcode Output

<div class="businesspress-shortcode-wrapper">

FAQ