Does Custom Role Creator (CRC) have any unpatched vulnerabilities?

No. All known vulnerabilities in Custom Role Creator (CRC) have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Custom Role Creator (CRC) compatible with WordPress 6.8.5?

According to WordPress.org data, Custom Role Creator (CRC) 1.1.4 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Custom Role Creator (CRC) compatible with PHP 5.6+?

Custom Role Creator (CRC) requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Custom Role Creator (CRC) updated?

Custom Role Creator (CRC) was last updated on May 19, 2025. Frequent updates are generally a positive security signal.

What is Custom Role Creator (CRC)'s security score?

Custom Role Creator (CRC) has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Custom Role Creator (CRC) Security & Risk Analysis

wordpress.org/plugins/custom-role-creator

Custom Role Creator plugin allows you to add or change user roles and capabilities easily.

200 active installs v1.1.4 PHP 5.6+ WP 5.2+ Updated May 19, 2025

capabilitypermissionrolesecurityuser

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Custom Role Creator (CRC) Safe to Use in 2026?

Generally Safe

Score 100/100

Custom Role Creator (CRC) has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago

Risk Assessment

The custom-role-creator plugin v1.1.4 exhibits a very strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points suggests a minimal attack surface. Furthermore, the code signals are highly positive: no dangerous functions, all SQL queries utilize prepared statements, a very high percentage of output is properly escaped, and there are no file operations or external HTTP requests. The presence of nonce and capability checks indicates good practices in securing functionality.

Vulnerabilities

None known

Custom Role Creator (CRC) Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Custom Role Creator (CRC) Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

83 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

90% escaped92 total outputs

Attack Surface

Custom Role Creator (CRC) Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionplugins_loadedcustom-role-creator.php:40

actionactivate_plugincustom-role-creator.php:45

actionplugins_loadedcustom-role-creator.php:46

actionadmin_menuincludes\Admin\Menu.php:31

actionuser_row_actionsincludes\Admin\Menu.php:32

actionadmin_enqueue_scriptsincludes\Assets.php:29

Maintenance & Trust

Custom Role Creator (CRC) Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMay 19, 2025

PHP min version5.6

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs200

Alternatives

Custom Role Creator (CRC) Alternatives

WPFront User Role Editor

wpfront-user-role-editor

Easily allows you to manage WordPress user roles. You can create, edit, delete and manage capabilities, also copy existing roles.

30K 5 CVEs

Access Areas for WordPress

wp-access-areas

Fine tuning access to your posts.

400 1 CVE

User Upgrade Capability

user-upgrade-capability

Link multiple network sites/blogs together - Maintain only one site list of users.

10 No CVEs

User Role Editor

user-role-editor

User Role Editor WordPress plugin makes user roles and capabilities changing easy. Edit/add/delete WordPress user roles and capabilities.

700K 2 CVEs

Advanced Access Manager – Access Governance for WordPress

advanced-access-manager

Access Governance for WordPress. Control roles, users, content, admin areas, and APIs to prevent broken access controls and excessive privileges.

100K 11 CVEs

Developer Profile

Custom Role Creator (CRC) Developer Profile

Ratul Hasan

3 plugins · 240 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Custom Role Creator (CRC)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/custom-role-creator/assets/css/custom.min.css/wp-content/plugins/custom-role-creator/assets/js/custom.min.js

Script Paths

/wp-content/plugins/custom-role-creator/assets/js/custom.min.js

Version Parameters

custom-role-creator/assets/css/custom.min.css?ver=custom-role-creator/assets/js/custom.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

crc-settingscrc-input-labelcrc-form-groupcrc-tablecrc-add-buttoncrc-edit-buttoncrc-delete-button

HTML Comments

Plugin Custom Role CreatorProject Custom Role Creator

Data Attributes

data-role-iddata-capability-id

JS Globals

CRC_VERSION

FAQ