Does Customize Plugin Manager have any unpatched vulnerabilities?

No. All known vulnerabilities in Customize Plugin Manager have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Customize Plugin Manager compatible with WordPress 5.7.15?

According to WordPress.org data, Customize Plugin Manager 0.2 has been tested up to WordPress 5.7.15. Check the plugin's changelog for the latest compatibility information.

How often is Customize Plugin Manager updated?

Customize Plugin Manager was last updated on Feb 27, 2021. Frequent updates are generally a positive security signal.

What is Customize Plugin Manager's security score?

Customize Plugin Manager has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Customize Plugin Manager Security & Risk Analysis

wordpress.org/plugins/customize-plugin-manager

Live preview in the customizer allows you to see what plugins do to your site instantly. This experimental plugin brings the ability to activate and d …

0 active installs v0.2 PHP + WP 4.8+ Updated Feb 27, 2021

customizeplugins

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Customize Plugin Manager Safe to Use in 2026?

Generally Safe

Score 85/100

Customize Plugin Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The static analysis of "customize-plugin-manager" v0.2 reveals a strong security posture with no identified dangerous functions, SQL injection vulnerabilities, or unescaped output. The complete absence of external HTTP requests, file operations, and a clear lack of any exploitable attack surface (AJAX, REST API, shortcodes, cron events) are significant strengths. Furthermore, the plugin has no recorded vulnerabilities, CVEs, or any history of security issues, which is highly positive.

However, the analysis also highlights a critical concern: the complete lack of nonce and capability checks across all potential entry points. While there are currently no identified entry points in this version, the absence of these fundamental security mechanisms means that if any were to be introduced in future versions, they would be inherently unprotected. This creates a significant latent risk. The plugin's security is commendable in its current state of minimal exposure and clean code, but this reliance on obscurity rather than robust security controls is a notable weakness.

Key Concerns

Missing nonce and capability checks

Vulnerabilities

None known

Customize Plugin Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Customize Plugin Manager Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Customize Plugin Manager Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actioncustomize_controls_enqueue_scriptscustomize-plugin-manager.php:38

actioncustomize_registercustomize-plugin-manager.php:44

Maintenance & Trust

Customize Plugin Manager Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15

Last updatedFeb 27, 2021

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Customize Plugin Manager Alternatives

Manage Customized Plugin Updates

manage-customized-plugin-updates

Are you a web developer or website design company who has installed / customized plugins for your clients and you're having a hard time managing …

90 No CVEs

Plugins Page Tweaker

plugins-manager

The plugin adds icons on the plugins page and other tweaks, such as displaying the GIT branch

70 No CVEs

Admin Menu Cleaner

wp-admin-menu-wizard

Wp Admin Menu Wizard lets you hide the menu items you do not use very often.

70 No CVEs

Simple Custom CSS and JS

custom-css-js

100

Easily add Custom CSS or JS to your website with an awesome editor.

700K 1 CVE

Kirki Customizer Framework

kirki

100

The Ultimate Customizer Framework for WordPress Theme Developers

500K No CVEs

Developer Profile

Customize Plugin Manager Developer Profile

Nick Halsey

27 plugins · 24K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

8 days

View full developer profile

Detection Fingerprints

How We Detect Customize Plugin Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/customize-plugin-manager/customize-plugin-manager.css

Script Paths

/wp-content/plugins/customize-plugin-manager/customize-plugin-manager.js

HTML / DOM Fingerprints

CSS Classes

customize-control-plugin

Data Attributes

data-setting="active_plugins"data-control-type="plugin"

JS Globals

customize_plugin_manager

FAQ