WP-Safety

Dive Sites Manager Security & Risk Analysis

wordpress.org/plugins/dive-sites-manager

Show information about dive sites including a map. Add characteristics, photo, description,...They can also be organized in multiple locations.

20 active installs v1.2.2 PHP 7.4+ WP 4.7+ Updated Oct 21, 2024
dive-centerdive-resortdive-sitesdivingscuba
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Dive Sites Manager Safe to Use in 2026?

Generally Safe

Score 92/100

Dive Sites Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The plugin 'dive-sites-manager' v1.2.2 exhibits a generally positive security posture, with no known historical vulnerabilities and a strong adherence to secure coding practices in several areas. The static analysis reveals a small attack surface with no unprotected entry points and a good approach to database interactions, as all SQL queries utilize prepared statements. Additionally, the presence of nonce and capability checks indicates an awareness of basic WordPress security mechanisms. However, a significant concern arises from the low percentage of properly escaped output (19%). This suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities, where user-supplied data could be injected and executed in a user's browser, compromising their session or leading to further attacks. While taint analysis and the absence of dangerous functions or file operations are positive indicators, the unescaped output represents a substantial weakness that could be exploited by attackers.

Key Concerns

  • Low output escaping percentage
Vulnerabilities
None known

Dive Sites Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Dive Sites Manager Release Timeline

v1.2.2Current
v1.2.1
v1.2
v1.1
v1.0
Code Analysis
Analyzed Apr 16, 2026

Dive Sites Manager Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
88
21 escaped
Nonce Checks
1
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

19% escaped109 total outputs
Attack Surface

Dive Sites Manager Attack Surface

Entry Points2
Unprotected0

Shortcodes 2

[cfish-dive-sites] cfish-dsm-inc/Base/DiveSitesController.php:34
[cfish-dive-map] cfish-dsm-inc/Base/DiveSitesController.php:38
WordPress Hooks 18
actionadmin_menucfish-dsm-inc/Api/SettingsApi.php:23
actionadmin_initcfish-dsm-inc/Api/SettingsApi.php:27
actionadmin_noticescfish-dsm-inc/Base/BaseController.php:48
actioninitcfish-dsm-inc/Base/DiveSitesController.php:24
actionadd_meta_boxescfish-dsm-inc/Base/DiveSitesController.php:25
actionsave_postcfish-dsm-inc/Base/DiveSitesController.php:26
actionmanage_divesite_posts_columnscfish-dsm-inc/Base/DiveSitesController.php:27
filtermanage_edit-divesite_sortable_columnscfish-dsm-inc/Base/DiveSitesController.php:29
actionwp_enqueue_scriptscfish-dsm-inc/Base/DiveSitesController.php:32
actionadmin_enqueue_scriptscfish-dsm-inc/Base/Enqueue.php:16
actionplugins_loadedcfish-dsm-inc/Base/I18n.php:13
actioninitcfish-dsm-inc/Base/LocationsController.php:18
actioninitcfish-dsm-inc/Base/LocationsController.php:22
actionlocation_add_form_fieldscfish-dsm-inc/Base/LocationsController.php:23
actionlocation_edit_form_fieldscfish-dsm-inc/Base/LocationsController.php:24
actionedit_locationcfish-dsm-inc/Base/LocationsController.php:25
actioncreate_locationcfish-dsm-inc/Base/LocationsController.php:26
actioninitcfish-dsm-inc/Pages/Map.php:27
Maintenance & Trust

Dive Sites Manager Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5
Last updatedOct 21, 2024
PHP min version7.4
Downloads2K

Community Trust

Rating100/100
Number of ratings1
Active installs20
Alternatives

Dive Sites Manager Alternatives

Divelogs Widget

Divelogs Widget

divelogs-widget

A
99

Displays your latest dive from divelogs.de in a widget

20 1 CVE
Nautilus Trips

Nautilus Trips

nautilus-trips

A
85

List, Display, and Book Nautilus Liveaboards scuba diving trips directly on your website. Nautilus Dealer account required.

10 No CVEs
Dive Admin

Dive Admin

dive-admin

A
100

DiveAdmin.com is a software solution for dive schools and diving centers.

0 No CVEs
Diving Calculators

Diving Calculators

diving-calculators

A
92

Widget for scuba diving calculators

0 No CVEs
Scuba Logger

Scuba Logger

scuba-logger

A
85

This plugin turns a wordpress blog into an interactive online scuba dive log.

10 No CVEs
Developer Profile

Dive Sites Manager Developer Profile

Choni

2 plugins · 20 total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Dive Sites Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/dive-sites-manager/assets/front-style.min.css
Version Parameters
dive-sites-manager/assets/front-style.min.css?ver=

HTML / DOM Fingerprints

CSS Classes
meta-label
Data Attributes
data-cfish-dive-site
JS Globals
cfishDiveSites
REST Endpoints
/wp-json/cfishdsm/v1/get_divesites
Shortcode Output
[cfish-dive-sites][cfish-dive-map]
FAQ

Frequently Asked Questions about Dive Sites Manager