WP-Safety

Custom Sitemap Generator Security & Risk Analysis

wordpress.org/plugins/custom-sitemap-generator

The most powerful standalone XML sitemap generator for WordPress with support for all post types, taxonomies, authors, and advanced SEO features.

90 active installs v3.1.1 PHP 7.4+ WP 5.0+ Updated Dec 30, 2025
google-sitemapsearch-engine-optimizationseositemapxml-sitemap
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Custom Sitemap Generator Safe to Use in 2026?

Generally Safe

Score 100/100

Custom Sitemap Generator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The custom-sitemap-generator plugin version 3.1.1 exhibits a generally strong security posture based on the provided static analysis. The absence of any recorded CVEs, critical or high severity taint flows, and a very high percentage of prepared SQL statements and properly escaped output are positive indicators. The plugin also implements a healthy number of nonce and capability checks across its identified entry points.

However, there are minor areas for improvement. The presence of an external HTTP request, while not inherently a vulnerability, can introduce a potential attack vector if the target endpoint is compromised or if the request is not handled securely. Furthermore, while the total number of entry points is low and none are explicitly unprotected, a deeper dive into the 2 AJAX handlers to ensure robust authorization and input validation in all code paths would further harden the plugin.

Overall, the plugin demonstrates good security practices, with no critical vulnerabilities identified. The low attack surface and robust internal checks suggest a well-maintained codebase. The lack of historical vulnerabilities further reinforces this, indicating a consistent focus on security by the developers.

Key Concerns

  • External HTTP requests can introduce risks
Vulnerabilities
None known

Custom Sitemap Generator Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Custom Sitemap Generator Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
8 prepared
Unescaped Output
10
125 escaped
Nonce Checks
10
Capability Checks
11
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

89% prepared9 total queries

Output Escaping

93% escaped135 total outputs
Data Flows
All sanitized

Data Flow Analysis

3 flows
render_edit_page (includes\class-sitemap-admin.php:984)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Custom Sitemap Generator Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

authwp_ajax_custom_sitemap_gen_ping_enginesincludes\class-sitemap-admin.php:35
authwp_ajax_custom_sitemap_gen_regenerate_stepincludes\class-sitemap-admin.php:36
WordPress Hooks 36
actionplugins_loadedcustom-sitemap-generator.php:46
actionplugins_loadedcustom-sitemap-generator.php:60
actionadmin_enqueue_scriptscustom-sitemap-generator.php:76
actionadmin_enqueue_scriptscustom-sitemap-generator.php:107
filtercron_schedulescustom-sitemap-generator.php:230
actioncustom_sitemap_gen_scheduled_regenerationcustom-sitemap-generator.php:239
actionadmin_menuincludes\class-sitemap-admin.php:20
actionadmin_initincludes\class-sitemap-admin.php:23
actionadmin_post_custom_sitemap_gen_save_settingsincludes\class-sitemap-admin.php:26
actionadmin_post_custom_sitemap_gen_generate_sitemapincludes\class-sitemap-admin.php:27
actionadmin_post_custom_sitemap_gen_delete_sitemapincludes\class-sitemap-admin.php:28
actionadmin_post_custom_sitemap_gen_update_sitemapincludes\class-sitemap-admin.php:29
actionadmin_post_custom_sitemap_gen_regenerate_allincludes\class-sitemap-admin.php:30
actionadmin_post_custom_sitemap_gen_ping_enginesincludes\class-sitemap-admin.php:31
actionadmin_post_custom_sitemap_gen_bulk_actionincludes\class-sitemap-admin.php:32
actionadmin_noticesincludes\class-sitemap-admin.php:39
filterrobots_txtincludes\class-sitemap-generator.php:745
actionshutdownincludes\hooks.php:30
actionsave_postincludes\hooks.php:159
actionpublish_postincludes\hooks.php:160
actionpublish_pageincludes\hooks.php:161
actionbefore_delete_postincludes\hooks.php:189
actiontrashed_postincludes\hooks.php:190
actioncreate_categoryincludes\hooks.php:199
actionedit_categoryincludes\hooks.php:200
actiondelete_categoryincludes\hooks.php:201
actioncreate_post_tagincludes\hooks.php:210
actionedit_post_tagincludes\hooks.php:211
actiondelete_post_tagincludes\hooks.php:212
actioncreated_termincludes\hooks.php:226
actionedited_termincludes\hooks.php:227
actiondelete_termincludes\hooks.php:228
actionprofile_updateincludes\hooks.php:241
actionuser_registerincludes\hooks.php:242
actiondelete_userincludes\hooks.php:243
filterrobots_txtincludes\hooks.php:263

Scheduled Events 1

custom_sitemap_gen_scheduled_regeneration
Maintenance & Trust

Custom Sitemap Generator Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 30, 2025
PHP min version7.4
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs90
Alternatives

Custom Sitemap Generator Alternatives

XML Sitemap for Google

XML Sitemap for Google

xml-sitemap-for-google

A
100

Generate XML sitemap to enhance SEO and expedite website indexing.

90 No CVEs
WP Grande Plugin

WP Grande Plugin

wp-grande-plugin

A
85

WP Grande Plugin enables you to customize your wordpress installation backend to the core and much more...

10 No CVEs
Yoast SEO – Advanced SEO with real-time guidance and built-in AI

Yoast SEO – Advanced SEO with real-time guidance and built-in AI

wordpress-seo

A
89

Improve your SEO with real-time feedback, schema, and clear guidance. Upgrade for AI tools, Google Docs integration, and 24/7 support, no hidden fees.

10.0M 17 CVEs
All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic

all-in-one-seo-pack

B
82

AIOSEO is the most powerful WordPress SEO plugin. Improve SEO rankings and traffic with comprehensive SEO tools and smart AI SEO optimizations!

3.0M 26 CVEs
XML Sitemap Generator for Google

XML Sitemap Generator for Google

google-sitemap-generator

A
96

Generate multiple types of sitemaps to improve SEO and get your website indexed quickly.

1.0M 3 CVEs
Developer Profile

Custom Sitemap Generator Developer Profile

Aamir Faiz

3 plugins · 90 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Custom Sitemap Generator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/custom-sitemap-generator/css/custom-sitemap-gen-styles.css/wp-content/plugins/custom-sitemap-generator/js/admin-scripts.js
Script Paths
/wp-content/plugins/custom-sitemap-generator/js/admin-scripts.js
Version Parameters
custom-sitemap-generator/css/custom-sitemap-gen-styles.css?ver=custom-sitemap-generator/js/admin-scripts.js?ver=

HTML / DOM Fingerprints

JS Globals
customSitemapGen
FAQ

Frequently Asked Questions about Custom Sitemap Generator