Does Content Restrict have any unpatched vulnerabilities?

No. All known vulnerabilities in Content Restrict have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Content Restrict compatible with WordPress 3.7.41?

According to WordPress.org data, Content Restrict 0.1 has been tested up to WordPress 3.7.41. Check the plugin's changelog for the latest compatibility information.

How often is Content Restrict updated?

Content Restrict was last updated on Feb 12, 2014. Frequent updates are generally a positive security signal.

What is Content Restrict's security score?

Content Restrict has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Content Restrict Security & Risk Analysis

wordpress.org/plugins/content-restrict

Restrict custom post type, pages or posts to logged in users.

30 active installs v0.1 PHP + WP 3.0.1+ Updated Feb 12, 2014

custom-post-type-restrictfor-logged-in-userpagespostrestriction

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Content Restrict Safe to Use in 2026?

Generally Safe

Score 85/100

Content Restrict has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The "content-restrict" plugin version 0.1 exhibits a generally positive security posture with no known vulnerabilities in its history and a limited attack surface. The absence of AJAX handlers, REST API routes, shortcodes, and cron events, coupled with the use of prepared statements for all SQL queries, indicates a strong adherence to secure coding practices. The presence of nonce and capability checks further bolsters its defenses.

However, the static analysis does reveal a significant concern regarding output escaping, with only 17% of outputs being properly escaped. This could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is directly reflected in the output without adequate sanitization. The taint analysis also highlighted a flow with unsanitized paths, which, despite not being categorized as critical or high severity in this instance, warrants attention as it represents a potential pathway for malicious input to be processed insecurely.

In conclusion, while the plugin has a clean vulnerability history and a robust foundation in terms of attack surface and data handling, the poor output escaping and the identified unsanitized path flow represent the primary security weaknesses. Addressing these areas is crucial to mitigating potential risks and improving the overall security of the plugin.

Key Concerns

Low percentage of properly escaped output
Taint flow with unsanitized paths

Vulnerabilities

None known

Content Restrict Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Content Restrict Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

17% escaped6 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths

<cr_admin_panel> (admin\cr_admin_panel.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Content Restrict Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 7

filterthe_contentcontentrestrict.php:152

filterthe_excerptcontentrestrict.php:153

filtercomments_arraycontentrestrict.php:154

actionadd_meta_boxescontentrestrict.php:157

actionadmin_menucontentrestrict.php:158

actionsave_postcontentrestrict.php:159

actionsend_headerscontentrestrict.php:160

Maintenance & Trust

Content Restrict Maintenance & Trust

Maintenance Signals

WordPress version tested3.7.41

Last updatedFeb 12, 2014

PHP min version

Downloads6K

Community Trust

Rating100/100

Number of ratings7

Active installs30

Alternatives

Content Restrict Alternatives

Duplicate Post

copy-delete-posts

Duplicate post

300K 2 CVEs

Display Posts – Easy lists, grids, navigation, and more

display-posts-shortcode

Add a listing of content on your website using a simple shortcode. Filter the results by category, author, and more.

80K No CVEs

CMS Tree Page View

cms-tree-page-view

Adds a tree view of all pages & custom posts. Get a great overview + options to drag & drop to reorder & option to add multiple pages.

50K 3 CVEs

Sitemap by BestWebSoft – WordPress XML Site Map Page Generator Plugin

google-sitemap-plugin

100

Generate and add XML sitemap to WordPress website. Help search engines index your blog.

20K 1 CVE

Widgets on Pages

widgets-on-pages

The easiest and highest rated way to Add Widgets or Sidebars to Posts and Pages using Visual editor, shortcodes or template tags.

20K 1 CVE

Developer Profile

Content Restrict Developer Profile

Md Meraj Ahmed

2 plugins · 40 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Content Restrict

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Data Attributes

cr_restrict_content

Shortcode Output

<p>This content is accessed only by loged in user, please <a href="login</a> to view this content.</p><div>This content is only acessed by loged in user, please login to view</div><div>

FAQ