Does copy-me have any unpatched vulnerabilities?

Yes — copy-me currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is copy-me compatible with WordPress 4.2.39?

According to WordPress.org data, copy-me 1.0.0 has been tested up to WordPress 4.2.39. Check the plugin's changelog for the latest compatibility information.

How often is copy-me updated?

copy-me was last updated on Jul 21, 2015. Frequent updates are generally a positive security signal.

What is copy-me's security score?

copy-me has a WP-Safety security score of 64/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

copy-me Security & Risk Analysis

wordpress.org/plugins/copy-me

copy-me allows you to copy a post, page or custom post type to another site in a Wordpress multisite.

10 active installs v1.0.0 PHP + WP 4.0+ Updated Jul 21, 2015

copy-contentcopy-postsmultisite

C · Use Caution

CVEs total1

Unpatched1

Last CVEDec 21, 2016

Download

Safety Verdict

Is copy-me Safe to Use in 2026?

Use With Caution

Score 64/100

copy-me has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Dec 21, 2016Updated 10yr ago

Risk Assessment

The 'copy-me' plugin v1.0.0 exhibits significant security concerns, largely stemming from its outdated nature and lack of robust security practices. The presence of an unpatched medium-severity CVE from 2016 is a major red flag, indicating a known vulnerability that remains exploitable. This, combined with a generally weak security posture observed in the static analysis, points to a high risk for users.

Key Concerns

Unpatched CVE (medium severity)
AJAX handler without authentication
SQL queries not using prepared statements
Low percentage of properly escaped output
Taint flows with unsanitized paths (high severity)
No nonce checks
No capability checks

Vulnerabilities

copy-me Security Vulnerabilities

CVEs by Year

1 CVE in 2016 · unpatched

2016

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2016-10938medium · 5.4Cross-Site Request Forgery (CSRF)

copy-me <= 1.0.0 - Missing Authorization & Cross-Site Request Forgery

Dec 21, 2016Unpatched

Code Analysis

Analyzed Mar 17, 2026

copy-me Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared2 total queries

Output Escaping

12% escaped17 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

copy_item (copy-me.php:45)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

copy-me Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_copyme_copy_itemcopy-me.php:41

WordPress Hooks 7

actionwp_loadedcopy-me.php:34

actionadmin_enqueue_scriptscopy-me.php:36

actionwp_loadedcopy-me.php:39

filtermanage_posts_columnscopy-me.php:81

filtermanage_pages_columnscopy-me.php:83

actionmanage_pages_custom_columncopy-me.php:85

actionmanage_posts_custom_columncopy-me.php:87

Maintenance & Trust

copy-me Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39

Last updatedJul 21, 2015

PHP min version

Downloads4K

Community Trust

Rating80/100

Number of ratings1

Active installs10

Alternatives

copy-me Alternatives

Multisite Network Repost

multisite-network-repost

Repost your stories to selected sites in the multisite network, preserving attachments, custom fields, categories, tags etc.

0 No CVEs

Code Snippets

code-snippets

An easy, clean and simple way to enhance your site with code snippets.

1.0M 7 CVEs

Duplicate Post

copy-delete-posts

Duplicate post

300K 2 CVEs

User Switching

user-switching

100

Instant switching between user accounts in WordPress and WooCommerce.

200K No CVEs

Safe Redirect Manager

safe-redirect-manager

100

Safely manage your website's HTTP redirects.

40K 1 CVE

Developer Profile

copy-me Developer Profile

Alan Cesarini

4 plugins · 60 total installs

trust score

Avg Security Score

84/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect copy-me

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/copy-me/assets/js/admin.js/wp-content/plugins/copy-me/assets/css/admin.css

Script Paths

/wp-content/plugins/copy-me/assets/js/admin.js

Version Parameters

copy-me/assets/js/admin.js?ver=copy-me/assets/css/admin.css?ver=

HTML / DOM Fingerprints

CSS Classes

copyme-linkcopyme-boxcopyme-button

Data Attributes

id="copyme-link-class="copyme-link"data-post="id="copyme-box-class="copyme-box"id="copyme-target-site-+2 more

JS Globals

copyme_ajax_object

REST Endpoints

/wp-json/copyme/v1/copy_item

FAQ