Does Dynamic Conditions have any unpatched vulnerabilities?

No. All known vulnerabilities in Dynamic Conditions have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Dynamic Conditions compatible with WordPress 6.7.5?

According to WordPress.org data, Dynamic Conditions 1.7.5 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Dynamic Conditions compatible with PHP 7.4+?

Dynamic Conditions requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Dynamic Conditions updated?

Dynamic Conditions was last updated on Feb 11, 2025. Frequent updates are generally a positive security signal.

What is Dynamic Conditions's security score?

Dynamic Conditions has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Dynamic Conditions Security & Risk Analysis

wordpress.org/plugins/dynamicconditions

Activates conditions for dynamic tags to show/hide a widget or section.

60K active installs v1.7.5 PHP 7.4+ WP 5.0+ Updated Feb 11, 2025

conditionsdynamicelementorfieldsrto

A · Safe

CVEs total1

Unpatched0

Last CVEFeb 3, 2025

Plugin page Download

Safety Verdict

Is Dynamic Conditions Safe to Use in 2026?

Generally Safe

Score 91/100

Dynamic Conditions has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Feb 3, 2025Updated 1yr ago

Risk Assessment

The "dynamicconditions" plugin v1.7.5 exhibits a mixed security posture. The static analysis shows a positive absence of typical attack vectors like AJAX handlers, REST API routes, shortcodes, and cron events that are often exploited. Furthermore, the plugin uses prepared statements for all SQL queries and has no file operations or external HTTP requests, which are good security practices. However, a significant concern arises from the low percentage of properly escaped output (32%), indicating a potential for Cross-Site Scripting (XSS) vulnerabilities where user-supplied data might be reflected in the frontend without adequate sanitization. The plugin's vulnerability history, while showing no currently unpatched CVEs, does reveal a past medium-severity vulnerability related to XSS, which reinforces the output escaping concern. The absence of taint analysis data and the low number of capability checks are also points to consider, though their impact is mitigated by the limited attack surface. Overall, the plugin has strengths in its limited attack surface and database query handling, but the weak output escaping and past XSS vulnerability warrant attention.

Key Concerns

Low output escaping percentage
Past medium severity XSS vulnerability

Vulnerabilities

Dynamic Conditions Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-22642medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Dynamic Conditions <= 1.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Feb 3, 2025 Patched in 1.7.5 (184d)

Code Analysis

Analyzed Mar 16, 2026

Dynamic Conditions Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

32% escaped19 total outputs

Attack Surface

Dynamic Conditions Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

filterdate_i18nPublic\DynamicConditionsPublic.php:115

filterget_the_datePublic\DynamicConditionsPublic.php:116

filterget_the_modified_datePublic\DynamicConditionsPublic.php:117

Maintenance & Trust

Dynamic Conditions Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedFeb 11, 2025

PHP min version7.4

Downloads557K

Community Trust

Rating98/100

Number of ratings114

Active installs60K

Alternatives

Dynamic Conditions Alternatives

MB Elementor Integration

mb-elementor-integrator

100

Integrates Meta Box's custom fields with Elementor page builder via dynamic tags.

2K No CVEs

Sympl Repeater for ACF and Elementor

acf-repeater-for-elementor

100

Seamlessly integrate ACF Repeater fields with Elementor widgets and sections for dynamic, repeatable content blocks.

1K No CVEs

Dynamic Elementor ACF Repeater

dynamic-elementor-acf-repeater

100

Allows ACF repeater field values to be rendered in Elementor loop items and loop grids via Dynamic Tags.

800 No CVEs

Dynamic Countdown with ACF and Elementor

dynamic-countdown-with-acf-and-elementor

This is a simple plugin that fixes one of the main issues with the Elementor Countdown Widget; the inability to dynamically set the due date with an A …

100 No CVEs

Dynamic Fields for Elementor and SCF/ACF

dynamic-fields-for-elementor-scf-acf

100

Dynamically manage custom SCF/ACF fields into Elementor Page Settings with various field types.

40 No CVEs

Developer Profile

Dynamic Conditions Developer Profile

rtowebsites

5 plugins · 62K total installs

trust score

Avg Security Score

93/100

Avg Patch Time

112 days

View full developer profile

Detection Fingerprints

How We Detect Dynamic Conditions

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/dynamicconditions/Admin/css/dynamic-conditions-admin.css

Version Parameters

dynamic-conditions-admin.css?ver=

HTML / DOM Fingerprints

CSS Classes

dynamicconditions_section

Data Attributes

data-elementor-setting-key="dynamicconditions_dynamic"data-elementor-setting-key="dynamicconditions_visibility"data-elementor-setting-key="dynamicconditions_condition"

JS Globals

DynamicConditions_VERSIONDynamicConditions_DIRDynamicConditions_URL

FAQ