Does EasyMega have any unpatched vulnerabilities?

No. All known vulnerabilities in EasyMega have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is EasyMega compatible with WordPress 6.8.5?

According to WordPress.org data, EasyMega 1.1.8 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is EasyMega updated?

EasyMega was last updated on Apr 23, 2025. Frequent updates are generally a positive security signal.

What is EasyMega's security score?

EasyMega has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

EasyMega Security & Risk Analysis

wordpress.org/plugins/easymega

A Mega Menu plugin that helps you create mega menu easily, beautifully.

6K active installs v1.1.8 PHP + WP 4.7.3+ Updated Apr 23, 2025

mega-buildermega-menumegamenumenu-builder

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is EasyMega Safe to Use in 2026?

Generally Safe

Score 100/100

EasyMega has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

The easymega plugin v1.1.8 exhibits a generally good security posture due to the absence of dangerous functions, properly escaped output for the vast majority of cases, and the use of prepared statements for all SQL queries. The lack of any known historical vulnerabilities further reinforces this positive outlook. However, the presence of four unprotected AJAX handlers represents a significant concern. These handlers, acting as direct entry points into the plugin's functionality without proper authentication checks, could be exploited by unauthenticated users to trigger unintended actions or access sensitive information, depending on their implementation.

The static analysis reveals a moderate attack surface, with the primary weakness being the unprotected AJAX endpoints. While taint analysis did not reveal any issues, the unprotected AJAX handlers are a concrete risk that needs to be addressed. The plugin's vulnerability history is clean, which is a strong positive indicator, suggesting the developers have historically prioritized security. However, this does not negate the immediate risks identified in the current version's code. In conclusion, while the plugin demonstrates strong foundational security practices, the unprotected AJAX handlers introduce a critical vulnerability that significantly lowers its overall security rating.

Key Concerns

Unprotected AJAX handlers found
Missing capability checks on AJAX

Vulnerabilities

None known

EasyMega Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

EasyMega Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

78 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

98% escaped80 total outputs

Attack Surface

4 unprotected

EasyMega Attack Surface

Entry Points5

Unprotected4

AJAX Handlers 5

authwp_ajax_megamneu_wp_load_postseasymega.php:37

noprivwp_ajax_megamneu_wp_load_postseasymega.php:38

authwp_ajax_mega_menu_load_settinginc\admin.php:14

authwp_ajax_mega_menu_load_item_datainc\admin.php:16

authwp_ajax_mega_menu_load_termsinc\admin.php:17

WordPress Hooks 17

actionwp_enqueue_scriptseasymega.php:34

filterwidget_texteasymega.php:39

actioniniteasymega.php:274

actionactivated_plugineasymega.php:284

actioncustomize_controls_print_footer_scriptsinc\admin.php:10

actioncustomize_controls_enqueue_scriptsinc\admin.php:11

filtercustomize_save_responseinc\admin.php:12

filterwp_get_nav_menu_itemsinc\admin.php:18

actionadmin_menuinc\dashboard.php:11

actionadmin_enqueue_scriptsinc\dashboard.php:12

filterwalker_nav_menu_start_elinc\menu.php:13

filternav_menu_css_classinc\menu.php:14

filterpre_wp_nav_menuinc\menu.php:15

actioncustomize_registerinc\settings.php:11

filtereasymega_wp_get_theme_supportinc\theme-supports.php:143

filterocean_head_cssinc\theme-supports.php:164

filtereasymega_nav_item_titleinc\theme-supports.php:165

Maintenance & Trust

EasyMega Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 23, 2025

PHP min version

Downloads160K

Community Trust

Rating60/100

Number of ratings4

Active installs6K

Alternatives

EasyMega Alternatives

ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor

elementskit-lite

Join millions who empower their websites with ElementsKit Elementor Addons. Get templates, & 100+ widgets like header-footer, mega menu, custom widget

2.0M 21 CVEs

WP Menu Icons

wp-menu-icons

100

WP Menu Icons allows you to add icons to your WordPress menu items.

20K No CVEs

QuadMenu – Mega Menu

quadmenu

Responsive mega menu plugin for WordPress with customizable layouts and an intuitive drag-and-drop builder.

10K 2 CVEs

WP Mega Menu

wp-megamenu

WordPress Mega Menu is a responsive, highly customizable drag and drop menu builder plugin. Download free WordPress megamenu plugin.

9K 1 unpatched

RT Mega Menu – Mega Menu Builder for Elementor & Gutenberg

rt-mega-menu

100

RT Mega Menu is a powerful WordPress mega menu plugin that lets you build advanced, responsive mega menus using Elementor or the Gutenberg block edito …

7K No CVEs

Developer Profile

EasyMega Developer Profile

FameThemes

5 plugins · 104K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

23 days

View full developer profile

Detection Fingerprints

How We Detect EasyMega

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/easymega/assets/css/style.css/wp-content/plugins/easymega/assets/js/easymega-wp.js

Script Paths

/wp-content/plugins/easymega/assets/js/easymega-wp.js

HTML / DOM Fingerprints

CSS Classes

easymega-wp-desktopmega-spinneruil-squares-cssmega-itemmega-contentmega-content-li

Data Attributes

data-megamenuwp-id

JS Globals

MegamenuWp

REST Endpoints

/wp-json/easymega/v1/get-menu

Shortcode Output

[easymega_menu

FAQ