Does Content Parts have any unpatched vulnerabilities?

No. All known vulnerabilities in Content Parts have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Content Parts compatible with WordPress 4.9.29?

According to WordPress.org data, Content Parts 1.8 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is Content Parts updated?

Content Parts was last updated on Jan 15, 2019. Frequent updates are generally a positive security signal.

What is Content Parts's security score?

Content Parts has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Content Parts Security & Risk Analysis

wordpress.org/plugins/content-parts

Divide your post content into parts that you can show in different areas of your theme templates.

300 active installs v1.8 PHP + WP 3.9+ Updated Jan 15, 2019

contentlayouttemplatesthemethe_content

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Content Parts Safe to Use in 2026?

Generally Safe

Score 85/100

Content Parts has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The "content-parts" plugin v1.8 demonstrates a strong security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the potential attack surface. Furthermore, the code signals indicate good practices with 100% of SQL queries using prepared statements and a high percentage (79%) of output escaping. The presence of capability checks is also a positive sign. The taint analysis shows no critical or high-severity flows, suggesting a lack of exploitable input sanitization issues.

The plugin's vulnerability history is also clean, with no recorded CVEs. This, combined with the positive static analysis, suggests a well-maintained and secure codebase. However, the analysis does note that 21% of outputs are not properly escaped, which could present a low-risk vulnerability if the unescaped data originates from user input and is rendered in a sensitive context. The absence of nonce checks is also a minor concern, especially if any input handling were to be introduced without adequate authentication measures.

In conclusion, "content-parts" v1.8 appears to be a secure plugin with a limited attack surface and good coding practices regarding SQL queries and output escaping. The lack of vulnerability history further reinforces this. The primary areas for minor improvement are ensuring all outputs are properly escaped and considering nonce checks for any future input handling to further harden the plugin.

Key Concerns

Unescaped output detected
Nonce checks are missing

Vulnerabilities

None known

Content Parts Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Content Parts Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

19 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

TinyMCE

Output Escaping

79% escaped24 total outputs

Attack Surface

Content Parts Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 14

actionadmin_initadmin\editor.php:10

filtermce_buttonsadmin\editor.php:29

filtermce_external_pluginsadmin\editor.php:30

actionplugins_loadedadmin\settings.php:10

actionadmin_initadmin\settings.php:21

actionadmin_menuadmin\settings.php:22

actionwhitelist_optionsadmin\settings.php:23

filterplugin_row_metaadmin\settings.php:25

actionadmin_noticesadmin\settings.php:26

actionwpincludes\content-parts.php:34

actionthe_postincludes\content-parts.php:35

filterpost_classincludes\content-parts.php:36

filterthe_contentincludes\content-parts.php:37

filterthe_contentincludes\content-parts.php:117

Maintenance & Trust

Content Parts Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedJan 15, 2019

PHP min version

Downloads15K

Community Trust

Rating100/100

Number of ratings2

Active installs300

Alternatives

Content Parts Alternatives

One Click Demo Import

one-click-demo-import

Import your demo content, widgets and theme settings with one click. Theme authors! Enable simple theme demo import for your users.

1.0M 2 CVEs

Extendify

extendify

100

The best WordPress templates, pattern, and layout library with 1,000+ designs built for the Gutenberg block editor.

500K No CVEs

Utimate Kit ( Styler ) for WPForms

styler-for-wpforms

100

Ultimate Kit for WPForms makes the task of designing WPForms an easy one.

30K No CVEs

Demo Importer Plus

demo-importer-plus

Import the demo content, widgets, customizer settings and theme settings with a single click without any hassle.

10K 5 CVEs

HookMeUp for WooCommerce

hookmeup

100

Additional content and Customization for WooCommerce Templates.

10K No CVEs

Developer Profile

Content Parts Developer Profile

Ben Huson

16 plugins · 21K total installs

trust score

Avg Security Score

86/100

Avg Patch Time

2 days

View full developer profile

Detection Fingerprints

How We Detect Content Parts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

content-partcontent-part-1content-part-2

HTML Comments

FAQ