WP-Safety

Easy Glossary Security & Risk Analysis

wordpress.org/plugins/easy-glossary

A lightweight, flexible glossary plugin that auto-links terms, shows tooltips, and provides an index shortcode.

0 active installs v1.2 PHP 7.4+ WP 5.7+ Updated Feb 21, 2026
dictionaryglossaryindextermstooltips
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Easy Glossary Safe to Use in 2026?

Generally Safe

Score 100/100

Easy Glossary has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "easy-glossary" v1.2 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of critical code signals like dangerous functions, file operations, and external HTTP requests is a significant positive. The plugin also demonstrates good practices by utilizing prepared statements for all SQL queries and properly escaping almost all output, minimizing risks related to data injection and cross-site scripting. The presence of nonce and capability checks, although limited in number, is also encouraging.

However, a potential area of concern lies in the single shortcode entry point, which is not explicitly stated as having authentication checks. While the total attack surface is small and no unprotected entry points were found, a shortcode can still be a vector for certain types of attacks if not properly secured against malicious user input. The plugin's history of zero known CVEs is a strong indicator of its past security, but this does not guarantee future immunity.

In conclusion, "easy-glossary" v1.2 appears to be a well-coded plugin with a robust security foundation. The primary weakness identified is the potential for the shortcode to be an unmonitored entry point, which warrants further investigation. The lack of historical vulnerabilities is a positive trend, but developers should remain vigilant. Overall, the risk is considered low, but not entirely negligible.

Key Concerns

  • Shortcode entry point without explicit auth check
Vulnerabilities
None known

Easy Glossary Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Easy Glossary Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
1 prepared
Unescaped Output
1
52 escaped
Nonce Checks
3
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared1 total queries

Output Escaping

98% escaped53 total outputs
Data Flows
All sanitized

Data Flow Analysis

1 flows
<glossary> (glossary.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Easy Glossary Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[gseasy_glossary] glossary.php:554
WordPress Hooks 15
filterquery_varsglossary.php:23
actionadmin_menuglossary.php:32
actionadmin_initglossary.php:43
actioninitglossary.php:138
actionadd_meta_boxesglossary.php:161
actionsave_post_gseasy_glossaryglossary.php:189
actionwp_headglossary.php:219
filterthe_contentglossary.php:237
filterthe_contentglossary.php:331
filterthe_contentglossary.php:355
filterthe_contentglossary.php:365
filterthe_contentglossary.php:402
filterthe_contentglossary.php:422
actiontemplate_redirectglossary.php:624
actionwp_enqueue_scriptsglossary.php:645
Maintenance & Trust

Easy Glossary Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedFeb 21, 2026
PHP min version7.4
Downloads348

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Easy Glossary Alternatives

Heroic Glossary – Block for building Glossaries, Dictionaries and more

Heroic Glossary – Block for building Glossaries, Dictionaries and more

heroic-glossary

A
100

The best WordPress glossary builder plugin to create and manage your own glossary of terms.

4K No CVEs
Name Directory

Name Directory

name-directory

A
88

Name directory (glossary) with many options like multiple directories, integrated search, non-latin characters, recaptcha, HTML editor and many more.

3K 10 CVEs
LuckyWP Glossary

LuckyWP Glossary

luckywp-glossary

A
85

The plugin implements the glossary/dictionary functionality with support of synonyms.

200 No CVEs
Glossary Index

Glossary Index

glossary-index

A
100

Create a glossary on your WordPress site to boost SEO, help visitors understand your content, and increase organic search traffic.

70 No CVEs
iThoughts Tooltip Glossary

iThoughts Tooltip Glossary

ithoughts-tooltip-glossary

A
85

Create beautiful tooltips for descriptions or glossary terms, easily

20 No CVEs
Developer Profile

Easy Glossary Developer Profile

GrayStud.io

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Easy Glossary

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/easy-glossary/assets/css/frontend.css/wp-content/plugins/easy-glossary/assets/css/tooltip.css/wp-content/plugins/easy-glossary/assets/js/tooltip.js/wp-content/plugins/easy-glossary/assets/js/frontend.js
Script Paths
/wp-content/plugins/easy-glossary/assets/js/tooltip.js/wp-content/plugins/easy-glossary/assets/js/frontend.js

HTML / DOM Fingerprints

CSS Classes
gseasy-tooltipgseasy-tooltip-lightgseasy-tooltip-darkgseasy-tooltip-minimalgseasy-glossary-termgseasy-glossary-index-listgseasy-glossary-index-grid
Data Attributes
data-gseasy-tooltip-contentdata-gseasy-tooltip-theme
JS Globals
gseasyTooltipConfig
REST Endpoints
/wp-json/easy-glossary/v1/terms
Shortcode Output
[gseasy-glossary-index][gseasy-glossary-term]
FAQ

Frequently Asked Questions about Easy Glossary