CaptureMyPage Security & Risk Analysis
wordpress.org/plugins/cmpThis plugin creates a website screenshot using only a website URL and save into your own wordpress media library.
Is CaptureMyPage Safe to Use in 2026?
Generally Safe
Score 85/100CaptureMyPage has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "cmp" v1.0.0 plugin exhibits a generally positive security posture due to the absence of known vulnerabilities and a seemingly controlled attack surface. The static analysis reveals no direct entry points like AJAX handlers, REST API routes, or shortcodes without authentication checks, which is a strong indicator of good initial design. Furthermore, the complete absence of dangerous functions and the use of prepared statements for all SQL queries are excellent security practices.
However, several areas raise concerns. The low percentage of properly escaped output (36%) is a significant weakness, indicating a high potential for cross-site scripting (XSS) vulnerabilities. The taint analysis revealing two unsanitized path flows, even if not classified as critical or high severity, warrants attention as these can sometimes lead to path traversal or file inclusion issues depending on the context. The lack of nonce checks and capability checks for any potential entry points (though none are explicitly listed, this is a general concern for any plugin, especially if the attack surface is later expanded) are critical omissions in WordPress security best practices.
Given the clean vulnerability history, it suggests that either the plugin is new, has not been widely used, or has successfully avoided past security oversights. Nevertheless, the identified code signals, particularly the poor output escaping and unsanitized path flows, present immediate risks that need to be addressed to improve the plugin's overall security. While the plugin has strengths in its limited attack surface and SQL handling, the identified weaknesses in output sanitization and the absence of security checks require remediation.
Key Concerns
- Low percentage of properly escaped output
- Unsanitized paths in taint analysis
- No nonce checks
- No capability checks
CaptureMyPage Security Vulnerabilities
CaptureMyPage Code Analysis
Output Escaping
Data Flow Analysis
CaptureMyPage Attack Surface
WordPress Hooks 5
Maintenance & Trust
CaptureMyPage Maintenance & Trust
Maintenance Signals
Community Trust
CaptureMyPage Alternatives
Usersnap
usersnap
Usersnap: The feedback platform designed to capture, organize, and respond to user feedback seamlessly.
Mopinion Feedback Form
mopinion-feedback-form
Easy add feedback buttons and feedback forms to your website with the Mopinion.com Wordpress Plugin. Easy install, fast user insights.
WEBphysiology Portfolio
webphysiology-portfolio
Allows for the creation of an expanded-list styled or a grid-styled page containing images and supporting detail, perfect for a portfolio presentation …
ShrinkTheWeb (STW) Website Previews Plugin
shrinktheweb-website-preview-plugin
This plugin accesses the ShrinkTheWeb API to automatically replace special tags in posts with website screenshots, where desired.
Open Link 图链
open-link
Use [wp-openlink] to output all your Blogroll in a Page, with website screenshot thumbnail and clicks countable, no database altered or images storage …
CaptureMyPage Developer Profile
1 plugin · 10 total installs
How We Detect CaptureMyPage
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/cmp/css/style.css/wp-content/plugins/cmp/js/cmp.js/wp-content/plugins/cmp/js/cmp.jscmp/style.css?ver=cmp/js/cmp.js?ver=HTML / DOM Fingerprints
captureMyPage-wrap<!--START captureMyPage--><!--END captureMyPage-->data-capturemypage-urldata-capturemypage-predefineddata-capturemypage-cachecmp