Does CollabPress have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is CollabPress compatible with WordPress 3.5.2?

According to WordPress.org data, CollabPress 1.3.1.2 has been tested up to WordPress 3.5.2. Check the plugin's changelog for the latest compatibility information.

How often is CollabPress updated?

CollabPress was last updated on May 27, 2013. Frequent updates are generally a positive security signal.

What is CollabPress's security score?

CollabPress has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

CollabPress Security & Risk Analysis

wordpress.org/plugins/collabpress

Project management and task tracking software for WordPress

90 active installs v1.3.1.2 PHP + WP 3.5+ Updated May 27, 2013

basecampmanagementproject-managementtaskto-do

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is CollabPress Safe to Use in 2026?

Generally Safe

Score 85/100

CollabPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The CollabPress plugin version 1.3.1.2 exhibits a generally good security posture with no known historical vulnerabilities. The static analysis indicates a robust implementation of security best practices, including a high percentage of prepared SQL statements and a significant number of nonce and capability checks. The attack surface is fully protected by authentication mechanisms, which is a positive indicator. However, there are specific areas of concern. The presence of the `create_function` call, a known source of potential code injection vulnerabilities, is a significant red flag. Additionally, only 35% of output is properly escaped, leaving a substantial portion vulnerable to cross-site scripting (XSS) attacks. The taint analysis, while limited in scope, did identify one flow with unsanitized paths, which could potentially lead to security issues if exploited. The absence of past vulnerabilities is encouraging, suggesting a development team that has historically prioritized security, but the identified code signals require careful attention. In conclusion, while CollabPress has a strong foundation in terms of authentication and SQL handling, the `create_function` usage and the low output escaping rate present notable risks that should be addressed.

Key Concerns

Dangerous function usage (create_function)
Low percentage of properly escaped output
Taint flow with unsanitized paths

Vulnerabilities

None known

CollabPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

CollabPress Release Timeline

v1.3.1.1

v1.3.1

v1.3

v1.2.2

v1.2.1.0

v1.2.0.0

v1.1.3.0

v1.1.2.0

v1.1.1.0

v1.1.0.0

v1.0.0.0

v0.5.3.0

v0.5.2.0

v0.5.1.0

v0.5.0.0

v0.4.0.0

v0.3.0.0

v0.2.0.0

v0.0.1.0

Code Analysis

Analyzed Mar 16, 2026

CollabPress Code Analysis

Dangerous Functions

Raw SQL Queries

18 prepared

Unescaped Output

214

114 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

create_functionadd_action( 'admin_notices', create_function( '', 'echo \'<div class="updated fade"><p>' . $error_meincludes\cp-core.php:93

SQL Query Safety

90% prepared20 total queries

Output Escaping

35% escaped328 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

4 flows1 with unsanitized paths

cp_draw_calendar (includes\functions.php:205)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

CollabPress Attack Surface

Entry Points15

Unprotected0

AJAX Handlers 14

authwp_ajax_cp_add_projectincludes\ajax-handlers.php:3

authwp_ajax_cp_modify_project_usersincludes\ajax-handlers.php:25

authwp_ajax_cp_add_new_taskincludes\ajax-handlers.php:51

authwp_ajax_cp_delete_taskincludes\ajax-handlers.php:70

authwp_ajax_cp_add_new_task_listincludes\ajax-handlers.php:106

authwp_ajax_cp_edit_taskincludes\ajax-handlers.php:125

authwp_ajax_cp_attach_new_fileincludes\ajax-handlers.php:143

authwp_ajax_cp_save_task_list_orderincludes\ajax-handlers.php:161

authwp_ajax_cp_update_task_statusincludes\ajax-handlers.php:183

authwp_ajax_cp_add_comment_to_taskincludes\ajax-handlers.php:197

authwp_ajax_cp_delete_commentincludes\ajax-handlers.php:216

authwp_ajax_cp_edit_projectincludes\ajax-handlers.php:229

authwp_ajax_cp_delete_projectincludes\ajax-handlers.php:243

authwp_ajax_cp_set_user_preferences_for_displaying_completed_tasksincludes\ajax-handlers.php:257

Shortcodes 1

[collabpress] includes\shortcode.php:6

WordPress Hooks 58

actionadmin_initincludes\admin_init.php:4

actioninitincludes\admin_init.php:57

actioninitincludes\admin_init.php:63

actionwp_print_stylesincludes\admin_init.php:75

actionwp_print_scriptsincludes\admin_init.php:81

actioninitincludes\admin_init.php:109

actionadmin_initincludes\admin_init.php:196

filtercp_settings_user_roleincludes\cp-bp-groups.php:110

filtermap_meta_capincludes\cp-bp-groups.php:111

filteris_collabpress_pageincludes\cp-bp-groups.php:121

filterbp_get_canonical_urlincludes\cp-bp-groups.php:133

actioncp_global_setupincludes\cp-bp-groups.php:136

filtercp_task_user_list_htmlincludes\cp-bp-groups.php:151

filtercp_check_project_permissionsincludes\cp-bp-groups.php:156

filtercp_bp_projects_tax_queryincludes\cp-bp-groups.php:159

actionwp_print_stylesincludes\cp-bp-groups.php:162

actioncp_project_addedincludes\cp-bp-groups.php:165

actionbp_template_contentincludes\cp-bp-groups.php:831

filtercp_calendar_tasks_argsincludes\cp-bp-groups.php:853

filtercp_bp_get_project_permalink_parent_itemincludes\cp-bp-groups.php:1116

actioncp_task_addedincludes\cp-bp-notifications.php:22

actioncp_task_editedincludes\cp-bp-notifications.php:27

actioncp_task_completedincludes\cp-bp-notifications.php:32

actioncp_task_reopenedincludes\cp-bp-notifications.php:37

actioncp_task_deletedincludes\cp-bp-notifications.php:42

actioncp_task_list_addedincludes\cp-bp-notifications.php:48

actioncp_task_list_editedincludes\cp-bp-notifications.php:53

actioncp_task_list_deletedincludes\cp-bp-notifications.php:58

actioncp_project_addedincludes\cp-bp-notifications.php:64

actioncp_project_editedincludes\cp-bp-notifications.php:69

actioncp_project_deletedincludes\cp-bp-notifications.php:74

actioncp_add_activityincludes\cp-bp-notifications.php:83

filterbp_get_template_stackincludes\cp-bp.php:47

actioncp_bp_setup_itemincludes\cp-bp.php:53

actioncp_after_advanced_settingsincludes\cp-bp.php:65

filtercp_calendar_permalinkincludes\cp-bp.php:68

filterpost_type_linkincludes\cp-bp.php:69

filtercp_task_list_linkincludes\cp-bp.php:70

filtercp_task_linkincludes\cp-bp.php:71

actioncp_project_addedincludes\cp-bp.php:73

actionwp_print_stylesincludes\cp-bp.php:75

actionbp_template_contentincludes\cp-bp.php:129

actionbp_initincludes\cp-core.php:36

actionwp_dashboard_setupincludes\cp-core.php:48

actionadmin_noticesincludes\cp-core.php:93

actionwidgets_initincludes\cp-widgets.php:3

actionwpincludes\functions.php:680

actioninitincludes\functions.php:681

actionwp_headincludes\functions.php:1064

filterpost_type_linkincludes\functions.php:1170

actionadmin_menuincludes\menus\dashboard.php:41

actionwpincludes\menus\dashboard.php:62

actionadmin_initincludes\menus\dashboard.php:63

actionadmin_initincludes\presstrends.php:68

actionthe_postsincludes\shortcode.php:29

filterposts_join_pagedincludes\template-tags.php:27

filterposts_where_pagedincludes\template-tags.php:28

actioninitincludes\update.php:2

Maintenance & Trust

CollabPress Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2

Last updatedMay 27, 2013

PHP min version

Downloads74K

Community Trust

Rating72/100

Number of ratings9

Active installs90

Alternatives

CollabPress Alternatives

Tasks Planner By ConicPlex

tasks-planner-by-conicplex

Tasks Planner by Conicplex helps admins efficiently assign tasks to editors, authors, contributors, and other team members.

0 No CVEs

FluentBoards – Project Management, Task Management, Goal Tracking, Kanban Board, and, Team Collaboration

fluent-boards

The Simplest Project & Task Management Plugin Specifically Crafted for Agencies, Freelancers & Founders.

6K 3 CVEs

Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker

wedevs-project-manager

Ease Project Management and Task Management using a powerful project manager with Kanban board, Gantt chart, milestone tracking & project reporting.

6K 21 CVEs

Taskbuilder – Project Management & Task Management Tool With Kanban Board

taskbuilder

Taskbuilder is an easy-to-use project management tool that helps teams organize work and boost productivity. It includes powerful task management, a v …

800 12 CVEs

TaskBreaker – Group Project Management

taskbreaker-project-management

A simple WordPress plugin for managing projects and tasks. Integrated into BuddyPress Groups for best collaborative experience.

200 No CVEs

Developer Profile

CollabPress Developer Profile

WDS-Scott

1 plugin · 90 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect CollabPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/collabpress/includes/css/jquery-ui/jquery-ui-1.8.16.custom.css/wp-content/plugins/collabpress/includes/js/frontend.js

Version Parameters

collabpress/includes/css/jquery-ui/jquery-ui-1.8.16.custom.css?ver=collabpress/includes/js/frontend.js?ver=

HTML / DOM Fingerprints

JS Globals

CP_VERSIONCP_BASENAMECP_PLUGIN_DIRCP_PLUGIN_URLCP_RSS_URLCP_DASHBOARD

FAQ