Does Custom Guest Authors have any unpatched vulnerabilities?

No. All known vulnerabilities in Custom Guest Authors have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Custom Guest Authors compatible with WordPress 6.9.4?

According to WordPress.org data, Custom Guest Authors 2.3.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Custom Guest Authors compatible with PHP 8.2+?

Custom Guest Authors requires PHP 8.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Custom Guest Authors updated?

Custom Guest Authors was last updated on Mar 10, 2026. Frequent updates are generally a positive security signal.

What is Custom Guest Authors's security score?

Custom Guest Authors has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Custom Guest Authors Security & Risk Analysis

wordpress.org/plugins/custom-guest-authors

Replace the default WordPress post author with custom guest author names via a custom field. Supports multiple comma-separated authors.

0 active installs v2.3.1 PHP 8.2+ WP 5.7+ Updated Mar 10, 2026

author-overridebylinecustom-fieldsguest-authormultiple-authors

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Custom Guest Authors Safe to Use in 2026?

Generally Safe

Score 100/100

Custom Guest Authors has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 26d ago

Risk Assessment

The custom-guest-authors plugin v2.3.1 demonstrates several good security practices, including a lack of identifiable attack surface points through AJAX, REST API, shortcodes, and cron events. The code also shows a high percentage of properly escaped output and a reasonable number of nonce and capability checks. This suggests the developers have some awareness of common WordPress security vulnerabilities.

However, a significant concern arises from the static analysis indicating 100% of SQL queries are not using prepared statements. This is a substantial risk, as it opens the door to SQL injection vulnerabilities, especially if any of the input data used in these queries is not rigorously sanitized. The taint analysis also identified one flow with unsanitized paths, which, while not classified as critical or high severity, warrants attention as it represents a potential pathway for attackers.

The absence of any recorded vulnerabilities in its history is a positive sign, implying a generally secure past. Nevertheless, the static analysis findings, particularly the raw SQL queries, point to a potential weakness that could be exploited. The overall security posture is therefore a mix of good practices and a critical oversight in database interaction.

Key Concerns

Raw SQL queries without prepared statements
Taint flow with unsanitized paths

Vulnerabilities

None known

Custom Guest Authors Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Custom Guest Authors Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

76 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared4 total queries

Output Escaping

94% escaped81 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths

<tab-debug> (admin\views\tab-debug.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Custom Guest Authors Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 24

actionadd_meta_boxesadmin\admin.php:58

actionsave_postadmin\admin.php:118

actionadmin_enqueue_scriptsadmin\admin.php:171

actionenqueue_block_editor_assetsadmin\admin.php:192

actionadmin_menuadmin\admin.php:210

filterwp_redirectadmin\admin.php:236

filterwp_safe_redirectadmin\admin.php:237

actionadmin_initadmin\admin.php:309

actionadmin_enqueue_scriptsadmin\admin.php:342

actioninitcustom-guest-authors.php:45

actionsave_postincludes\cache.php:37

actionupdated_post_metaincludes\cache.php:51

actionadded_post_metaincludes\cache.php:52

actiondeleted_post_metaincludes\cache.php:53

actioninitincludes\cache.php:68

filterthe_authorincludes\front-end.php:135

filterget_the_author_display_nameincludes\front-end.php:136

filterauthor_linkincludes\front-end.php:285

filterthe_author_posts_linkincludes\front-end.php:318

actioninitincludes\front-end.php:360

filterwpseo_schema_graphincludes\front-end.php:362

filterrank_math/schema/articleincludes\front-end.php:363

actioninitincludes\post-meta.php:34

actioninitincludes\post-meta.php:59

Maintenance & Trust

Custom Guest Authors Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 10, 2026

PHP min version8.2

Downloads662

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Custom Guest Authors Alternatives

ThemeRuby Multi Authors – Assign Multiple Writers to Posts

themeruby-multi-authors

A lightweight plugin that allows you to assign multiple writers to posts, fast and easy to use.

1K 1 CVE

Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors

publishpress-authors

PublishPress Authors is the best plugin for adding authors, co-authors, multiple authors and guest authors to WordPress posts.

20K 4 CVEs

Molongui Authorship – Author Boxes, Guest Authors & Co-Authors for WordPress

molongui-authorship

All-in-One Authorship Solution: Seamless Author Box, Guest Authors, and Co-Authors to enhance your site's authority, credibility, engagement, and SEO.

10K 6 CVEs

Authorsy – Author Box, Multiple Authors, Guest Authors & Post Rating

authorsy

Authorsy is a powerful WordPress author box plugin. Add customizable author profiles, multiple authors, guest authors, bios, social links, and post ra …

1K 2 CVEs

Byline

byline

Solves the co/multi-author problem without modifying the theme. Uses a custom taxonomy, "Byline," that replaces the Display Author.

200 No CVEs

Developer Profile

Custom Guest Authors Developer Profile

Mohd Elfie Nieshaem Juferi

4 plugins · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Custom Guest Authors

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/custom-guest-authors/assets/css/meta-box.css/wp-content/plugins/custom-guest-authors/assets/js/meta-box.js

Script Paths

/wp-content/plugins/custom-guest-authors/assets/js/meta-box.js

Version Parameters

custom-guest-authors/assets/css/meta-box.css?ver=custom-guest-authors/assets/js/meta-box.js?ver=

HTML / DOM Fingerprints

CSS Classes

cga-field-groupcga-field-hint

Data Attributes

name="cga_guest_author"id="cga_guest_author"nonce="cga_nonce"

FAQ