Does Elephant Post Order have any unpatched vulnerabilities?

No. All known vulnerabilities in Elephant Post Order have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Elephant Post Order compatible with WordPress 6.8.5?

According to WordPress.org data, Elephant Post Order 1.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Elephant Post Order compatible with PHP 7.4+?

Elephant Post Order requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Elephant Post Order updated?

Elephant Post Order was last updated on Sep 15, 2025. Frequent updates are generally a positive security signal.

What is Elephant Post Order's security score?

Elephant Post Order has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Elephant Post Order Security & Risk Analysis

wordpress.org/plugins/elephant-post-order

Reorder your WordPress posts with a simple drag & drop interface in the admin panel

0 active installs v1.0 PHP 7.4+ WP 6.3+ Updated Sep 15, 2025

drag-and-droporderpostsreordersort

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Elephant Post Order Safe to Use in 2026?

Generally Safe

Score 100/100

Elephant Post Order has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6mo ago

Risk Assessment

The 'elephant-post-order' plugin v1.0 exhibits a generally strong security posture due to its adherence to several WordPress security best practices. Notably, it utilizes prepared statements for all SQL queries, ensures all output is properly escaped, and includes nonce and capability checks. The absence of any recorded vulnerabilities or CVEs in its history further suggests a history of responsible development.

However, a significant concern arises from the static analysis, which reveals a single AJAX handler that lacks authentication checks. This creates a direct attack vector where an unauthenticated user could potentially interact with the plugin's functionality, leading to unintended consequences. While the taint analysis shows no critical or high severity flows, the presence of this unprotected entry point is a clear weakness that needs immediate attention.

In conclusion, while the plugin demonstrates good coding practices in many areas, the unprotected AJAX handler poses a considerable risk. This single unprotected entry point is the most significant security weakness identified. Addressing this vulnerability should be the top priority to improve the overall security of the plugin.

Key Concerns

Unprotected AJAX handler

Vulnerabilities

None known

Elephant Post Order Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Elephant Post Order Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped2 total outputs

Attack Surface

1 unprotected

Elephant Post Order Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_elephat_post_order_save_post_orderelephant-post-order.php:40

WordPress Hooks 4

actionadmin_enqueue_scriptselephant-post-order.php:14

filtermanage_post_posts_columnselephant-post-order.php:28

actionmanage_post_posts_custom_columnelephant-post-order.php:33

actionpre_get_postselephant-post-order.php:59

Maintenance & Trust

Elephant Post Order Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedSep 15, 2025

PHP min version7.4

Downloads182

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Elephant Post Order Alternatives

Custom Category Post Order

custom-post-order-category

Order your post by category or custom post type by drag & drop interface.

500 1 CVE

Simple Custom Post Order

simple-custom-post-order

Easily reorder posts, pages, custom post types, and taxonomies with intuitive drag-and-drop sorting in the WordPress admin.

300K 1 CVE

Custom Reorder Manager

custom-reorder-manager

Reorder WordPress posts with drag & drop mechanism.

10 No CVEs

Post Types Order

post-types-order

100

Sort posts and custom post type objects using a drag-and-drop, sortable JavaScript AJAX interface, or through the default WordPress dashboard

600K No CVEs

Rearrange Products for WooCommerce

rearrange-woocommerce-products

100

Boost WooCommerce sales with the Rearrange Products for WooCommerce plugin. Easily reorder products with a simple drag-and-drop tool!

20K 1 CVE

Developer Profile

Elephant Post Order Developer Profile

umapathieitb

3 plugins · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Elephant Post Order

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/elephant-post-order/reorder.css/wp-content/plugins/elephant-post-order/js/reorder.js

Script Paths

/wp-content/plugins/elephant-post-order/js/reorder.js

Version Parameters

elephant-post-order/reorder.css?ver=elephant-post-order/js/reorder.js?ver=

HTML / DOM Fingerprints

CSS Classes

dashicons-move

JS Globals

elephat_post_order_reorder_ajax

FAQ