Does Custom Permalink Editor have any unpatched vulnerabilities?

No. All known vulnerabilities in Custom Permalink Editor have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Custom Permalink Editor compatible with WordPress 6.9.4?

According to WordPress.org data, Custom Permalink Editor 1.0.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Custom Permalink Editor compatible with PHP 7.4+?

Custom Permalink Editor requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Custom Permalink Editor updated?

Custom Permalink Editor was last updated on Jan 13, 2026. Frequent updates are generally a positive security signal.

What is Custom Permalink Editor's security score?

Custom Permalink Editor has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Custom Permalink Editor Security & Risk Analysis

wordpress.org/plugins/custom-permalink-editor

Set Custom Permalink Editor on a per-post, per-tag per-page, and per-category basis.

3K active installs v1.0.6 PHP 7.4+ WP 5.4+ Updated Jan 13, 2026

custom-permalinkscustom-urlpermalinkpermalinksurl

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Custom Permalink Editor Safe to Use in 2026?

Generally Safe

Score 100/100

Custom Permalink Editor has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The Custom Permalink Editor plugin, version 1.0.6, exhibits a generally strong security posture with no known vulnerabilities or CVEs in its history. The static analysis reveals good practices such as 100% of SQL queries using prepared statements and a significant percentage of outputs being properly escaped. The plugin also demonstrates an awareness of security by implementing nonce and capability checks on its entry points, and a remarkably small attack surface with no unprotected entry points found.

However, a notable concern arises from the taint analysis, which identified one flow with an unsanitized path. While this flow was not categorized as critical or high severity, the presence of any unsanitized path warrants careful attention. This suggests a potential, albeit minor, risk of unexpected behavior or information leakage if an attacker can manipulate the input leading to this flow. The absence of dangerous functions and file operations further strengthens the plugin's security, but the single tainted flow remains the primary area of concern in an otherwise well-secured plugin.

Overall, the plugin is built with good security fundamentals, particularly evident in its use of prepared statements and input/output sanitization. The lack of historical vulnerabilities is a positive indicator of its stability and developer diligence. The single taint flow represents a minor weakness that, while not currently a critical threat, should ideally be addressed to achieve a more robust security profile.

Key Concerns

Flow with unsanitized path found

Vulnerabilities

None known

Custom Permalink Editor Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Custom Permalink Editor Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

26 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared4 total queries

Output Escaping

81% escaped32 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths

<class-custom-permalink-editor-form> (includes\class-custom-permalink-editor-form.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Custom Permalink Editor Attack Surface

Entry Points1

Unprotected0

REST API Routes 1

GET/wp-json/custom-permalink-editor/v1/get-permalink/(?P<id>\d+)includes\class-custom-permalink-editor-form.php:961

WordPress Hooks 37

actionadmin_menuadmin\class-custom-permalink-editor-admin.php:14

actionadmin_enqueue_scriptsadmin\class-custom-permalink-editor-admin.php:15

filteradmin_footer_textadmin\class-custom-permalink-editor-admin.php:219

actionadmin_noticescustom-permalink-editor.php:34

actionin_plugin_update_message-custom-permalink-editor/custom-permalink-editor.phpcustom-permalink-editor.php:55

actionadd_meta_boxesincludes\class-custom-permalink-editor-form.php:21

actionsave_postincludes\class-custom-permalink-editor-form.php:22

actiondelete_postincludes\class-custom-permalink-editor-form.php:23

actioncategory_add_formincludes\class-custom-permalink-editor-form.php:24

actioncategory_edit_formincludes\class-custom-permalink-editor-form.php:25

actionpost_tag_add_formincludes\class-custom-permalink-editor-form.php:26

actionpost_tag_edit_formincludes\class-custom-permalink-editor-form.php:27

actioncreated_termincludes\class-custom-permalink-editor-form.php:28

actionedited_termincludes\class-custom-permalink-editor-form.php:29

actiondelete_termincludes\class-custom-permalink-editor-form.php:30

actionrest_api_initincludes\class-custom-permalink-editor-form.php:31

actionupdate_option_page_on_frontincludes\class-custom-permalink-editor-form.php:32

filterget_sample_permalink_htmlincludes\class-custom-permalink-editor-form.php:39

filteris_protected_metaincludes\class-custom-permalink-editor-form.php:45

actiontemplate_redirectincludes\class-custom-permalink-editor-frontend.php:66

filterrequestincludes\class-custom-permalink-editor-frontend.php:68

filteroembed_request_post_idincludes\class-custom-permalink-editor-frontend.php:69

filterpost_linkincludes\class-custom-permalink-editor-frontend.php:70

filterpost_type_linkincludes\class-custom-permalink-editor-frontend.php:71

filterpage_linkincludes\class-custom-permalink-editor-frontend.php:72

filterterm_linkincludes\class-custom-permalink-editor-frontend.php:73

filteruser_trailingslashitincludes\class-custom-permalink-editor-frontend.php:74

filterwpseo_canonicalincludes\class-custom-permalink-editor-frontend.php:77

filterrequestincludes\class-custom-permalink-editor-frontend.php:473

filterpost_linkincludes\class-custom-permalink-editor-frontend.php:872

filterpost_type_linkincludes\class-custom-permalink-editor-frontend.php:873

filteruser_trailingslashitincludes\class-custom-permalink-editor-frontend.php:907

filterpage_linkincludes\class-custom-permalink-editor-frontend.php:908

filteruser_trailingslashitincludes\class-custom-permalink-editor-frontend.php:935

filterterm_linkincludes\class-custom-permalink-editor-frontend.php:936

filteruser_trailingslashitincludes\class-custom-permalink-editor-frontend.php:974

actionplugins_loadedincludes\class-custom-permalink-editor.php:88

Maintenance & Trust

Custom Permalink Editor Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 13, 2026

PHP min version7.4

Downloads11K

Community Trust

Rating100/100

Number of ratings2

Active installs3K

Alternatives

Custom Permalink Editor Alternatives

Remove Category URL – Remove 'category' base from category permalinks

remove-category-url

100

Remove Category URL strips the /category/ base from your category URLs, turning something like /category/my-category/ into simply /my-category/.

50K No CVEs

No Category Base (WPML)

no-category-base-wpml

100

This plugin removes the mandatory 'Category Base' from your category permalinks. It's compatible with WPML.

100K No CVEs

Permalink Manager Lite

permalink-manager

Permalink Manager enhances WordPress’s built-in URL system, allowing you to change the URLs of native and custom post types and taxonomies.

100K 11 CVEs

Automatically Update Permalinks

automatically-update-permalinks

Automatically updates the permalink (slug) of a post or page when its title is changed.

1K No CVEs

Custom Fields Permalink 2

custom-fields-permalink-redux

Plugin allows to use post's custom fields values in permalink structure by adding %field_fieldname%, for posts, pages and custom post types.

600 No CVEs

Developer Profile

Custom Permalink Editor Developer Profile

Kings Crest Global

2 plugins · 3K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Custom Permalink Editor

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/custom-permalink-editor/assets/css/cp-editor.min.css

Version Parameters

custom-permalink-editor/assets/css/cp-editor.min.css?ver=

HTML / DOM Fingerprints

CSS Classes

cp-major-update-warning__separatorcp-major-update-warningcp-major-update-warning__icondashicons-info-outlinecp-major-update-warning__titlecp-major-update-warning__messagekcg_admin_parent_containerkcg_admin_container+2 more

Data Attributes

data-ver

JS Globals

CP_EDITOR_VERSION

FAQ