Does eDS Responsive Menu have any unpatched vulnerabilities?

Yes — eDS Responsive Menu currently has 3 unpatched vulnerabilities. We recommend switching to an alternative or applying any available workarounds.

Is eDS Responsive Menu compatible with WordPress 5.0.25?

According to WordPress.org data, eDS Responsive Menu 1.2 has been tested up to WordPress 5.0.25. Check the plugin's changelog for the latest compatibility information.

How often is eDS Responsive Menu updated?

eDS Responsive Menu was last updated on Dec 8, 2018. Frequent updates are generally a positive security signal.

What is eDS Responsive Menu's security score?

eDS Responsive Menu has a WP-Safety security score of 29/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

eDS Responsive Menu Security & Risk Analysis

wordpress.org/plugins/eds-responsive-menu

eDS Responsive Menu Plugins,Control the edge, skins, toggle breakpoints, and more, right from the admin panel.

200 active installs v1.2 PHP + WP 3.5+ Updated Dec 8, 2018

menumobile-menuresponsiveresponsive-menuwordpress-responsive-menu

F · Critical Risk

CVEs total3

Unpatched3

Last CVEJan 27, 2026

Plugin page Download

Safety Verdict

Is eDS Responsive Menu Safe to Use in 2026?

Critical Risk — Avoid

Score 29/100

eDS Responsive Menu is critically unsafe with 3 known CVEs, 3 still unpatched. Avoid in production.

3 known CVEs 3 unpatched Last CVE: Jan 27, 2026Updated 7yr ago

Risk Assessment

The "eds-responsive-menu" v1.2 plugin exhibits a mixed security posture with significant areas of concern despite some positive coding practices. The static analysis reveals a limited attack surface with only two entry points, both of which are AJAX handlers lacking authorization checks. This is a critical oversight, as it allows any authenticated user to potentially trigger these handlers, leading to unauthorized actions or information disclosure. Furthermore, the presence of the `unserialize` function is a red flag, especially when combined with the lack of strict input validation or authentication on handlers that might process serialized data. The vulnerability history, with three medium-severity CVEs and all of them unpatched, strongly indicates a pattern of recurring security weaknesses. The types of past vulnerabilities (XSS, Deserialization, Missing Authorization) align directly with the concerns raised by the static analysis, suggesting that these issues are not being effectively addressed in ongoing development. While the plugin demonstrates good practices like using prepared statements for SQL queries and a reasonable amount of output escaping, these strengths are overshadowed by the critical missing authorization on entry points and the history of unaddressed vulnerabilities. The lack of taint analysis results is noted, but given the other indicators, the potential for exploitation remains high.

Key Concerns

Unprotected AJAX handlers
Dangerous function unserialize present
Missing capability checks
Unpatched CVEs (3 medium)
Low output escaping percentage

Vulnerabilities

eDS Responsive Menu Security Vulnerabilities

CVEs by Year

2 CVEs in 2025 · unpatched

2025

1 CVE in 2026 · unpatched

2026

Patched Has unpatched

Severity Breakdown

Medium

3 total CVEs

CVE-2025-68845medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

eDS Responsive Menu <= 1.2 - Reflected Cross-Site Scripting

Jan 27, 2026Unpatched

CVE-2025-58839medium · 6.6Deserialization of Untrusted Data

eDS Responsive Menu <= 1.2 - Authenticated (Administrator+) PHP Object Injection

Sep 5, 2025Unpatched

CVE-2025-49971medium · 4.3Missing Authorization

eDS Responsive Menu <= 1.2 - Missing Authorization

Jun 19, 2025Unpatched

Code Analysis

Analyzed Mar 16, 2026

eDS Responsive Menu Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

244

22 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserializereturn unserialize( gzuncompress( stripslashes( call_user_func( 'base'. '64' .'_decode', rtrim( strtframework\functions\helpers.php:85

Output Escaping

8% escaped266 total outputs

Attack Surface

2 unprotected

eDS Responsive Menu Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_eds-get-iconsframework\functions\actions.php:44

authwp_ajax_cs-export-optionsframework\functions\actions.php:68

WordPress Hooks 22

actioninitframework\eds-framework.php:27

actionadmin_footerframework\functions\actions.php:88

actioncustomize_controls_print_footer_scriptsframework\functions\actions.php:89

actionadmin_enqueue_scriptsframework\functions\enqueue.php:39

filtereds_sanitize_textframework\functions\sanitize.php:14

filtereds_sanitize_textareaframework\functions\sanitize.php:32

filtereds_sanitize_checkboxframework\functions\sanitize.php:58

filtereds_sanitize_switcherframework\functions\sanitize.php:59

filtereds_sanitize_image_selectframework\functions\sanitize.php:88

filtereds_sanitize_groupframework\functions\sanitize.php:104

filtereds_sanitize_titleframework\functions\sanitize.php:119

filtereds_sanitize_cleanframework\functions\sanitize.php:134

filterEDS_Validate_emailframework\functions\validate.php:18

filterEDS_Validate_numericframework\functions\validate.php:37

filterEDS_Validate_requiredframework\functions\validate.php:54

actionwp_footerinc\eds_menu_frontend.php:8

actionwp_enqueue_scriptsinc\eds_menu_frontend.php:9

actionwp_footerinc\eds_menu_frontend.php:10

actionadmin_noticesinc\welcome.php:6

actionadmin_headinc\welcome.php:7

filterplugin_action_linksinc\welcome.php:8

actionadmin_initinc\welcome.php:9

Maintenance & Trust

eDS Responsive Menu Maintenance & Trust

Maintenance Signals

WordPress version tested5.0.25

Last updatedDec 8, 2018

PHP min version

Downloads12K

Community Trust

Rating66/100

Number of ratings6

Active installs200

Alternatives

eDS Responsive Menu Alternatives

Max Mega Menu

megamenu

An easy to use mega menu plugin. Written the WordPress way.

300K 2 CVEs

WP Mobile Menu – The Mobile-Friendly Responsive Menu

mobile-menu

Need some help with the mobile website experience? Need an Mobile Menu plugin that keep your mobile visitors engaged?

80K 4 CVEs

QuadMenu – Mega Menu

quadmenu

Responsive mega menu plugin for WordPress with customizable layouts and an intuitive drag-and-drop builder.

10K 2 CVEs

Easy Mega Menu Plugin for WordPress – ThemeHunk

themehunk-megamenu-plus

Free, fast, and user-friendly mega menu plugin for WordPress & WooCommerce. Add pages, posts, widgets, products, text, and custom links effortlessly.

2K 1 unpatched

Mobile Menu Builder for WordPress

mobile-menu-builder

WordPress Mobile Menu Builder plugin is specially designed for mobiles. It is easy to use, customizable, and is highly flexible.

600 No CVEs

Developer Profile

eDS Responsive Menu Developer Profile

aThemeArt Translations

4 plugins · 2K total installs

trust score

Avg Security Score

71/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect eDS Responsive Menu

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/eds-responsive-menu/assets/css/eds-responsive-menu-frontend.css/wp-content/plugins/eds-responsive-menu/assets/css/eds-responsive-menu-frontend-rtl.css/wp-content/plugins/eds-responsive-menu/assets/js/eds-responsive-menu-frontend.js

Script Paths

/wp-content/plugins/eds-responsive-menu/assets/js/eds-responsive-menu-frontend.js

Version Parameters

eds-responsive-menu-frontend.css?ver=eds-responsive-menu-frontend-rtl.css?ver=eds-responsive-menu-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

eds-responsive-menueds-toggle-iconeds-lines-buttoneds-lineseds-pull-righteds-responsive-menu-wrpeds_logoeds-searchform+9 more

Data Attributes

data-eds-menu-logodata-eds-search-positionsdata-eds-social-profiledata-eds-fbdata-eds-twdata-eds-google-plus+7 more

JS Globals

eds_responsive_menu_options

FAQ