Custom Columns Security & Risk Analysis
wordpress.org/plugins/custom-columnsCreate Custom Columns for your Post Types easily
Is Custom Columns Safe to Use in 2026?
Generally Safe
Score 85/100Custom Columns has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "custom-columns" plugin v1.0 exhibits a generally positive security posture with no known vulnerabilities or critical code signals. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests are all strong indicators of good security practices. Furthermore, the plugin utilizes prepared statements for its SQL queries, which is a critical security measure. The presence of a nonce check is also commendable. However, a significant concern lies in the low percentage of properly escaped output. With only 11% of outputs being escaped, there is a substantial risk of Cross-Site Scripting (XSS) vulnerabilities, especially considering the plugin has 28 output instances. The lack of capability checks is also a potential weakness, though mitigated by the minimal attack surface.
Key Concerns
- Low output escaping percentage
- Missing capability checks
Custom Columns Security Vulnerabilities
Custom Columns Code Analysis
SQL Query Safety
Output Escaping
Custom Columns Attack Surface
WordPress Hooks 4
Maintenance & Trust
Custom Columns Maintenance & Trust
Maintenance Signals
Community Trust
Custom Columns Alternatives
Post Types Unlimited
post-types-unlimited
Create unlimited custom post types and custom taxonomies.
Admin Columns for ACF Fields
admin-columns-for-acf-fields
Allows you to enable columns for your ACF fields in post and taxonomy overviews (e.g. "All Posts") in the Wordpress admin backend.
WP Adminify – White Label WordPress, Admin Menu Editor, Login Customizer
adminify
Transform your WordPress admin into a fully white-labeled, organized client dashboard. Customize, Dark mode, Secure, Boost productivity, and more.
Simple CPT
simple-cpt
Simple CPT provides an easy to use interface for registering and managing custom post types and custom taxonomies.
Custom post types, Custom Fields & more
custom-post-types
Custom Post Types, Custom Fields, Custom Taxonomies, Custom Templates, Custom Admin Pages, Custom Admin Notices. Directly from the WP dashboard.
Custom Columns Developer Profile
1 plugin · 30 total installs
How We Detect Custom Columns
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/custom-columns/css/custom-columns.css/wp-content/plugins/custom-columns/js/custom-columns.js/wp-content/plugins/custom-columns/js/custom-columns.jscustom-columns/css/custom-columns.css?ver=custom-columns/js/custom-columns.js?ver=HTML / DOM Fingerprints
custom-columns-tabscc_optionsaccordion-section-tittlecolumn-managername="aOptions[iColumnBehavior]"name="custom-column-check"name="posttype"