Does California State Grants have any unpatched vulnerabilities?

No. All known vulnerabilities in California State Grants have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is California State Grants compatible with WordPress 6.0.11?

According to WordPress.org data, California State Grants 2.0.8 has been tested up to WordPress 6.0.11. Check the plugin's changelog for the latest compatibility information.

Is California State Grants compatible with PHP 7.4+?

California State Grants requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is California State Grants updated?

California State Grants was last updated on Unknown. Frequent updates are generally a positive security signal.

What is California State Grants's security score?

California State Grants has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

California State Grants Security & Risk Analysis

wordpress.org/plugins/california-state-grants

The California State Grants Plugin is the official WordPress plugin allowing you to manage your grant data within your own site running WordPress.

0 active installs v2.0.8 PHP 7.4+ WP 5.0+ Updated Unknown

california-grants-portalgrantsloansstate-governmentsubmit-your-grants

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is California State Grants Safe to Use in 2026?

Generally Safe

Score 100/100

California State Grants has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "california-state-grants" v2.0.8 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of identified critical or high-severity taint flows, coupled with the extensive use of prepared statements for SQL queries, proper output escaping in the vast majority of cases, and the presence of nonce and capability checks on its entry points, are all positive indicators. The plugin also boasts a history free of known CVEs, suggesting a pattern of responsible development and maintenance. However, the presence of two flows with unsanitized paths, despite not reaching critical or high severity in the taint analysis, warrants attention as a potential area for subtle vulnerabilities. The small attack surface is a positive, but the existence of any unsanitized paths, however minor the current detected impact, always represents a risk.

While the plugin performs well in many security-critical areas, the two identified unsanitized path flows are the primary concern. Although the taint analysis did not classify these as critical or high, they represent potential vectors for exploitation if an attacker can manipulate input to influence file paths or operations. The lack of known vulnerabilities in its history is reassuring, but it's important to remember that this doesn't guarantee future immunity. The plugin demonstrates good practices in its general implementation, but the presence of even low-severity unsanitized path issues means it's not entirely without risk. Overall, the plugin appears to be well-secured, but the identified path issues should be investigated and remediated to further strengthen its security.

Key Concerns

Flows with unsanitized paths identified

Vulnerabilities

None known

California State Grants Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

California State Grants Release Timeline

No version history available.

Code Analysis

Analyzed Mar 17, 2026

California State Grants Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

443 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared4 total queries

Output Escaping

99% escaped447 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

wp_safe_remote_post_multipart (includes\functions\core.php:380)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

California State Grants Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_get_fiscal_years_by_grantincludes\classes\Meta\FiscalYearAJAX.php:35

noprivwp_ajax_get_fiscal_years_by_grantincludes\classes\Meta\FiscalYearAJAX.php:36

WordPress Hooks 46

actionadmin_menuincludes\classes\Admin\BulkUploadPage.php:61

actioncurrent_screenincludes\classes\Admin\BulkUploadPage.php:62

actionadmin_noticesincludes\classes\Admin\BulkUploadPage.php:63

actionadmin_noticesincludes\classes\Admin\Notices.php:40

actionadmin_noticesincludes\classes\Admin\Notices.php:41

actionadmin_initincludes\classes\Admin\Settings.php:40

actionadmin_menuincludes\classes\Admin\SettingsPage.php:53

actioncurrent_screenincludes\classes\Admin\SettingsPage.php:54

filterca_grants_taxonomy_argsincludes\classes\Admin\Taxonomies.php:19

actionadmin_menuincludes\classes\Admin\WelcomePage.php:53

actionadmin_initincludes\classes\Cron\BulkAwardImport.php:61

actiontrashed_postincludes\classes\Cron\GrantAwardsCleanup.php:49

actionuntrashed_postincludes\classes\Cron\GrantAwardsCleanup.php:50

actiondeleted_postincludes\classes\Cron\GrantAwardsCleanup.php:51

actioninitincludes\classes\PostTypes\AwardUploads.php:261

actioninitincludes\classes\PostTypes\AwardUploads.php:262

actionadmin_headincludes\classes\PostTypes\AwardUploads.php:263

actionload-post-new.phpincludes\classes\PostTypes\AwardUploads.php:264

actionadmin_footer-post.phpincludes\classes\PostTypes\AwardUploads.php:267

actionadmin_footer-edit.phpincludes\classes\PostTypes\AwardUploads.php:270

filterdisplay_post_statesincludes\classes\PostTypes\AwardUploads.php:272

actionadmin_headincludes\classes\PostTypes\BaseEdit.php:87

actioninitincludes\classes\PostTypes\GrantAwards.php:38

actionrestrict_manage_postsincludes\classes\PostTypes\GrantAwards.php:40

actionparse_queryincludes\classes\PostTypes\GrantAwards.php:41

filterep_indexable_post_typesincludes\classes\PostTypes\GrantAwards.php:43

filterep_searchable_post_typesincludes\classes\PostTypes\GrantAwards.php:44

filterposts_clausesincludes\classes\PostTypes\GrantAwards.php:50

actioninitincludes\classes\PostTypes\Grants.php:38

filteruse_block_editor_for_post_typeincludes\classes\PostTypes\Grants.php:39

actionrest_api_initincludes\classes\REST\AwardeeStatsEndpoint.php:80

filterrest_request_before_callbacksincludes\classes\REST\BaseEndpoint.php:51

actionrest_api_initincludes\classes\REST\BulkUploadEndpoint.php:81

filterupload_dirincludes\classes\REST\BulkUploadEndpoint.php:416

filterrest_request_before_callbacksincludes\classes\REST\GrantAwardsEndpoint.php:51

actionrest_api_initincludes\classes\REST\GrantAwardsValidation.php:79

actioninitincludes\functions\core.php:31

actioninitincludes\functions\core.php:32

actionwp_enqueue_scriptsincludes\functions\core.php:33

actionwp_enqueue_scriptsincludes\functions\core.php:34

actionadmin_enqueue_scriptsincludes\functions\core.php:35

actionadmin_enqueue_scriptsincludes\functions\core.php:36

actionpost_edit_form_tagincludes\functions\core.php:37

actiontiny_mce_before_initincludes\functions\core.php:44

filterscript_loader_tagincludes\functions\core.php:47

actionafter_setup_themeplugin.php:150

Maintenance & Trust

California State Grants Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11

Last updatedUnknown

PHP min version7.4

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

California State Grants Alternatives

Loan Comparison

loan-comparison

A simple way to compare loans from banks and other providers. Uses sliders to set the amount and term and display the number of matching banks.

400 3 CVEs

Easy Mortgage Rates

easy-mortgage-rates

This plugin will allow you to use [easy_mortgage_rates_table] as a template tag to insert a table of common real estate loan program interest rates in …

10 No CVEs

Grants for Nonprofits Widget

grants-for-nonprofits-widget

The Grants for Nonprofits Widget is an aggregation of new grant opportunities for nonprofits and other organizations.

10 No CVEs

Skeps Pay-Over-Time

skeps-pay-over-time

Skeps provides Pay-Over-Time options with monthly payment plans including no interest promos.

0 No CVEs

Developer Profile

California State Grants Developer Profile

castatelibrary

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect California State Grants

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/california-state-grants/dist/js/shared.js/wp-content/plugins/california-state-grants/dist/js/frontend.js/wp-content/plugins/california-state-grants/dist/css/frontend.css/wp-content/plugins/california-state-grants/dist/css/shared.css/wp-content/plugins/california-state-grants/dist/js/admin.js/wp-content/plugins/california-state-grants/dist/css/admin.css

Script Paths

dist/js/shared.jsdist/js/frontend.jsdist/js/admin.js

HTML / DOM Fingerprints

CSS Classes

form--validate

REST Endpoints

/wp-json/csl-grants/v2/grant-awards/wp-json/csl-grants/v2/bulk-upload/wp-json/csl-grants/v2/grant-awards-validation/wp-json/csl-grants/v2/awardee-stats/wp-json/csl-grants/v2/grants

FAQ