WP-Safety

Clever Mega Menu for Visual Composer Security & Risk Analysis

wordpress.org/plugins/clever-mega-menu

Fully control over WordPress navigation menus with ease of visual editing from Visual Composer.

1K active installs v1.0.1 PHP 5.6+ WP 5.2+ Updated Dec 3, 2019
flyout-menumega-menunavigation-menuvisual-composerwordpress-mega-menu
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Clever Mega Menu for Visual Composer Safe to Use in 2026?

Generally Safe

Score 85/100

Clever Mega Menu for Visual Composer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

The 'clever-mega-menu' v1.0.1 plugin presents a mixed security posture. While it boasts a clean vulnerability history with no recorded CVEs, indicating a potentially stable development process, the static analysis reveals significant concerns. The presence of an unprotected AJAX handler is a major vulnerability, creating a direct entry point for attackers. Furthermore, the plugin utilizes the dangerous `unserialize` function, which, when combined with unsanitized input, can lead to remote code execution. The analysis also highlights a very low percentage of properly escaped outputs and the complete absence of prepared statements for SQL queries, increasing the risk of cross-site scripting (XSS) and SQL injection vulnerabilities respectively. These code-level weaknesses, despite the lack of historical CVEs, pose a substantial risk to WordPress sites.

Key Concerns

  • Unprotected AJAX handler
  • Use of unserialize function
  • No prepared statements for SQL
  • Low output escaping rate
  • Unsanitized paths in taint flows
Vulnerabilities
None known

Clever Mega Menu for Visual Composer Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Clever Mega Menu for Visual Composer Code Analysis

Dangerous Functions
1
Raw SQL Queries
2
0 prepared
Unescaped Output
445
41 escaped
Nonce Checks
2
Capability Checks
1
File Operations
12
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

unserialize$imports = unserialize(file_get_contents($icache));includes\class-leafo-scss-compiler.php:4430

SQL Query Safety

0% prepared2 total queries

Output Escaping

8% escaped486 total outputs
Data Flows
5 unsanitized

Data Flow Analysis

5 flows5 with unsanitized paths
_render (includes\class-clever-mega-menu-item-meta.php:163)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Clever Mega Menu for Visual Composer Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_save_clever_menu_itemclever-mega-menu.php:429
WordPress Hooks 25
actioninitclever-mega-menu.php:123
actionadmin_menuclever-mega-menu.php:125
actionadmin_enqueue_scriptsclever-mega-menu.php:364
actionwp_enqueue_scriptsclever-mega-menu.php:366
actionadmin_menuclever-mega-menu.php:376
actionadmin_menuclever-mega-menu.php:386
actionadmin_initclever-mega-menu.php:388
actionadmin_initclever-mega-menu.php:390
actionadmin_noticesclever-mega-menu.php:392
actioninitclever-mega-menu.php:403
actioninitclever-mega-menu.php:405
filterpost_updated_messagesclever-mega-menu.php:407
filterpost_row_actionsclever-mega-menu.php:409
filterwpb_vc_js_status_filterclever-mega-menu.php:411
actionadd_meta_boxes_clever_menuclever-mega-menu.php:421
actionadmin_initclever-mega-menu.php:423
actionedit_form_topclever-mega-menu.php:425
actionin_admin_headerclever-mega-menu.php:427
actiondelete_postclever-mega-menu.php:439
actionadd_meta_boxes_clever_menu_themeclever-mega-menu.php:441
actionsave_post_clever_menu_themeclever-mega-menu.php:443
actionadmin_footer-nav-menus.phpclever-mega-menu.php:453
filterwp_nav_menu_argsclever-mega-menu.php:455
actionwp_update_nav_menuclever-mega-menu.php:458
actionplugins_loadedclever-mega-menu.php:535
Maintenance & Trust

Clever Mega Menu for Visual Composer Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21
Last updatedDec 3, 2019
PHP min version5.6
Downloads33K

Community Trust

Rating66/100
Number of ratings6
Active installs1K
Alternatives

Clever Mega Menu for Visual Composer Alternatives

Clever Mega Menu for Elementor

Clever Mega Menu for Elementor

clever-mega-menu-for-elementor

A
85

With ease of visual editing from Elementor Page Builder, Clever Mega Menu for Elementor helps you make stunning navigation menus easily without any coding knowledge. <a href="https://cleveraddon.com/clever-mega-menu-for-elementor">Documentation</a> | <a href="https://cleveraddon.com/clever-mega-menu-for-elementor">ChangeLogs</a></p>

2K No CVEs
RoarDev Mega Menu Builder

RoarDev Mega Menu Builder

mega-menu-builder

A
100

RoarDev Mega Menu Builder is a powerful and modern mega menu builder for WordPress. Create beautiful mega menus using WordPress native menus with Gute &hellip;

0 No CVEs
ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor

ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor

elementskit-lite

A
89

Join millions who empower their websites with ElementsKit Elementor Addons. Get templates, & 100+ widgets like header-footer, mega menu, custom widget

2.0M 21 CVEs
Premium Addons for Elementor – Powerful Elementor Templates & Widgets

Premium Addons for Elementor – Powerful Elementor Templates & Widgets

premium-addons-for-elementor

A
95

Elementor Carousel, Mega Menu, Posts List/Slider, Media Gallery, WooCommerce Widgets, Display Conditions, Premade Templates & more.

700K 35 CVEs
Happy Addons for Elementor

Happy Addons for Elementor

happy-elementor-addons

A
95

HappyAddons for Elementor-Get Header Footer, Single Post, Archive Page, Megamenu, Slider Builder & 143 Elementor Widgets.

400K 40 CVEs
Developer Profile

Clever Mega Menu for Visual Composer Developer Profile

zootemplate

2 plugins · 3K total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Clever Mega Menu for Visual Composer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/clever-mega-menu/assets/backend/css/clever-nav-menu.min.css/wp-content/plugins/clever-mega-menu/assets/backend/css/clever-menu-item.min.css/wp-content/plugins/clever-mega-menu/assets/backend/css/clever-menu-theme.min.css/wp-content/plugins/clever-mega-menu/assets/backend/css/clever-mega-menu-admin.min.css/wp-content/plugins/clever-mega-menu/assets/frontend/css/clever-mega-menu-theme-default-461836.min.css/wp-content/plugins/clever-mega-menu/assets/backend/js/wp-color-picker-alpha.min.js/wp-content/plugins/clever-mega-menu/assets/backend/js/clever-mega-menu-item-settings.min.js/wp-content/plugins/clever-mega-menu/assets/backend/js/clever-mega-menu-admin.min.js+4 more
Version Parameters
clever-mega-menu/assets/backend/css/clever-nav-menu.min.css?ver=clever-mega-menu/assets/backend/css/clever-menu-item.min.css?ver=clever-mega-menu/assets/backend/css/clever-menu-theme.min.css?ver=clever-mega-menu/assets/backend/css/clever-mega-menu-admin.min.css?ver=clever-mega-menu/assets/frontend/css/clever-mega-menu-theme-default-461836.min.css?ver=clever-mega-menu/assets/backend/js/clever-mega-menu-item-settings.min.js?ver=clever-mega-menu/assets/backend/js/clever-mega-menu-admin.min.js?ver=clever-mega-menu/assets/backend/js/clever-menu-item.min.js?ver=clever-mega-menu/assets/backend/js/clever-menu-theme.min.js?ver=clever-mega-menu/assets/frontend/js/clever-mega-menu.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
clever-mega-menucmenu-item-contentcmenu-item-titlecmenu-item-settingscmenu-item-mega-contentcmenu-item-tab-contentcmenu-item-iconcmenu-item-type+31 more
Data Attributes
data-clever-menu-item-iddata-clever-menu-item-typedata-clever-menu-item-parent-iddata-clever-menu-item-mega-enable
JS Globals
cleverMenuI18ncleverMenuData
FAQ

Frequently Asked Questions about Clever Mega Menu for Visual Composer