Custom post mixItup Security & Risk Analysis
wordpress.org/plugins/custom-post-mixitupCustom post mixItup show your profile or image gallery
Is Custom post mixItup Safe to Use in 2026?
Generally Safe
Score 85/100Custom post mixItup has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "custom-post-mixitup" v1.1 plugin exhibits a generally good security posture based on the provided static analysis. The absence of known CVEs and no recorded historical vulnerabilities is a significant strength, indicating a mature and potentially well-maintained plugin. The code analysis reveals no dangerous functions, all SQL queries are properly prepared, and there are no file operations or external HTTP requests, which are all positive indicators. However, there are some areas for improvement.
The plugin has a single entry point via a shortcode. While the static analysis shows no unprotected entry points, the capability checks and nonce checks are explicitly listed as 0. This is a notable concern, as it suggests that any user, regardless of their role, could potentially interact with the shortcode's functionality without proper authorization or protection against cross-site request forgery (CSRF) attacks. Furthermore, 30% of output escaping is not properly handled, which could lead to cross-site scripting (XSS) vulnerabilities if the data being output is not sufficiently sanitized upstream.
In conclusion, while the plugin benefits from a clean history and good practices in critical areas like SQL and dangerous functions, the lack of capability and nonce checks, coupled with incomplete output escaping, presents specific vulnerabilities that need to be addressed. These weaknesses, if exploited, could lead to unauthorized actions or information disclosure.
Key Concerns
- Missing capability checks
- Missing nonce checks
- Insufficient output escaping (30%)
Custom post mixItup Security Vulnerabilities
Custom post mixItup Code Analysis
Output Escaping
Custom post mixItup Attack Surface
Shortcodes 1
WordPress Hooks 3
Maintenance & Trust
Custom post mixItup Maintenance & Trust
Maintenance Signals
Community Trust
Custom post mixItup Alternatives
Video Gallery – YouTube Gallery, Vimeo, Video Portfolio, Image Portfolio and Image Gallery
gallery-videos
Gallery is a user-friendly plugin to display user or hashtag-based gallery feeds as a responsive customizable gallery.
Modula Image Gallery – Photo Grid & Video Gallery
modula-best-grid-gallery
Create responsive image galleries with drag-and-drop grid builder. Custom layouts, video support, AI optimization. Works with any theme.
Visual Portfolio, Photo Gallery & Post Grid
visual-portfolio
Modern photo gallery and portfolio plugin with advanced layouts editor. Clean gallery styles with powerful settings in the Gutenberg block.
Mixed Media Gallery Blocks
simply-gallery-block
Create mixed media galleries with images, HTML5 video, YouTube, Vimeo, and VideoPress — all in one gallery by Simply Gallery.
WPZOOM Portfolio Lite – Filterable Portfolio Plugin
wpzoom-portfolio
Portfolio plugin for WordPress. Create filterable portfolio grids with masonry layouts and lightbox. Ideal for photographers, designers, agencies.
Custom post mixItup Developer Profile
3 plugins · 80 total installs
How We Detect Custom post mixItup
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/custom-post-mixitup/assets/css/plugin-style.css/wp-content/plugins/custom-post-mixitup/assets/js/nss_custom.js/wp-content/plugins/custom-post-mixitup/assets/js/jquery.mixitup.js/wp-content/plugins/custom-post-mixitup/assets/js/nss_custom.js/wp-content/plugins/custom-post-mixitup/assets/js/jquery.mixitup.jscustom-post-mixitup/assets/css/plugin-style.css?ver=custom-post-mixitup/assets/js/nss_custom.js?ver=custom-post-mixitup/assets/js/jquery.mixitup.js?ver=HTML / DOM Fingerprints
controlsfiltercontainermixmesoHovernsstitlenssdetailscopyRight by Nssthemecontrolcontainerdata-filterdata-myorder[showing_mixup]