Does Emergency Management have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Emergency Management compatible with WordPress 7.0?

According to WordPress.org data, Emergency Management 3.1.0.0 has been tested up to WordPress 7.0. Check the plugin's changelog for the latest compatibility information.

Is Emergency Management compatible with PHP 7.4+?

Emergency Management requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Emergency Management updated?

Emergency Management was last updated on Apr 14, 2026. Frequent updates are generally a positive security signal.

What is Emergency Management's security score?

Emergency Management has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Emergency Management Security & Risk Analysis

wordpress.org/plugins/emergency-management

Site Security: 2FA incl. TOTP, manage passwords and live sessions, renew security KEYs/SALTs. Define: Password lifetimes, password strength and reuse.

10 active installs v3.1.0.0 PHP 7.4+ WP 6.2+ Updated Apr 14, 2026

2fakeys-saltspassword-strength-reuse-limitspasswords-sessionssecurity

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Emergency Management Safe to Use in 2026?

Generally Safe

Score 100/100

Emergency Management has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "emergency-management" plugin v1.4.2.0 exhibits a generally strong security posture based on the static analysis. The absence of any entry points (AJAX, REST API, shortcodes, cron events) significantly reduces the potential attack surface. The plugin also demonstrates good practices by exclusively using prepared statements for SQL queries and having no recorded vulnerabilities or CVEs. The code signals indicate a moderate level of attention to security, with capability checks present. However, a concerning aspect is the low percentage of properly escaped output (28%), which suggests a significant risk of cross-site scripting (XSS) vulnerabilities. While the taint analysis found no critical or high-severity issues, the unescaped output leaves room for exploitation.

The lack of vulnerability history is a positive indicator, suggesting the plugin has been developed with security in mind or has not been a target for attackers. The presence of file operations is noted, but without further context, their security implications cannot be definitively assessed. The absence of dangerous functions, external HTTP requests, and bundled libraries are all positive security attributes. The critical weakness lies in the insufficient output escaping, which, despite other strengths, presents a tangible risk that needs immediate attention.

Key Concerns

Low percentage of properly escaped output

Vulnerabilities

None known

Emergency Management Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Emergency Management Release Timeline

v3.1.0.0Current

v3.0.4.3

v3.0.4.2

v3.0.4.1

v3.0.4.0

v3.0.3.1

v3.0.3.0

v3.0.2.0

v3.0.1.0

v3.0.0.0

v2.0.4.0

v2.0.3.0

v2.0.2.0

v2.0.1.2

v2.0.1.1

v2.0.1.0

v2.0.0.1

v2.0.0.0

v1.4.5.1

v1.4.5.0

Code Analysis

Analyzed Mar 16, 2026

Emergency Management Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

18 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

28% escaped65 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

mfem_emergency_management_main (emergency-management.php:461)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Emergency Management Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 28

actioninitemergency-management.php:111

actioninitemergency-management.php:124

filteradmin_footer_textemergency-management.php:138

filterupdate_footeremergency-management.php:151

actionadmin_enqueue_scriptsemergency-management.php:161

actionadmin_enqueue_scriptsemergency-management.php:171

actionadmin_menuemergency-management.php:190

actionuser_registeremergency-management.php:308

actionafter_password_resetemergency-management.php:314

actionprofile_updateemergency-management.php:322

filterlogin_redirectemergency-management.php:373

filterlogin_messageemergency-management.php:418

filtertml_before_formemergency-management.php:419

actionvalidate_password_resetemergency-management.php:447

actionadmin_post_mfem-pwxformemergency-management.php:811

actionadmin_post_mfem-pwxconfirmemergency-management.php:812

actionadmin_post_mfem-saltsformemergency-management.php:815

actionadmin_post_mfem-saltsconfirmemergency-management.php:816

actionadmin_post_mfem-pwstrengthform1emergency-management.php:818

actionadmin_post_mfem-pwstrengthform2emergency-management.php:819

actionadmin_post_mfem-pwexpiryformemergency-management.php:821

filterpassword_hintmfem-enqueue-pw-strength-check.php:20

actionuser_profile_update_errorsmfem-enqueue-pw-strength-check.php:26

filterregistration_errorsmfem-enqueue-pw-strength-check.php:27

actionvalidate_password_resetmfem-enqueue-pw-strength-check.php:28

filterwp_mail_from_namemfem-password-reset.php:95

filterwp_mail_frommfem-password-reset.php:96

filterwp_mail_content_typemfem-password-reset.php:97

Maintenance & Trust

Emergency Management Maintenance & Trust

Maintenance Signals

WordPress version tested7.0

Last updatedApr 14, 2026

PHP min version7.4

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Emergency Management Alternatives

Wordfence Security – Firewall, Malware Scan, and Login Security

wordfence

Firewall, Malware Scanner, Two Factor Auth, and Comprehensive Security Features, powered by our 24-hour team. Make security a priority with Wordfence.

5.0M 12 CVEs

Really Simple Security – Simple and Performant Security (formerly Really Simple SSL)

really-simple-ssl

Easily improve site security with WordPress Hardening, Two-Factor Authentication (2FA), Login Protection, Vulnerability Detection and SSL certificate.

3.0M 3 CVEs

Limit Login Attempts Reloaded – Login Security, 2FA, Brute Force Protection & Firewall

limit-login-attempts-reloaded

Stop password guessing attacks, secure WooCommerce, block bad IPs, block by countries (Pro), and add email 2FA. Lightweight with better performance.

2.0M 4 CVEs

Two Factor

two-factor

100

Enable Two-Factor Authentication (2FA) using time-based one-time passwords (TOTP), email, and backup verification codes.

100K No CVEs

Wordfence Login Security

wordfence-login-security

Secure your website with Wordfence Login Security, providing two-factor authentication, login and registration CAPTCHA, and XML-RPC protection.

70K No CVEs

Developer Profile

Emergency Management Developer Profile

Michael Finkenberger

3 plugins · 30 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Emergency Management

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/emergency-management/styles/emergency-management.css/wp-content/plugins/emergency-management/js/mfem_jQuery.js

Script Paths

/wp-content/plugins/emergency-management/js/mfem_jQuery.js

Version Parameters

emergency-management/styles/emergency-management.css?ver=emergency-management/js/mfem_jQuery.js?ver=

HTML / DOM Fingerprints

HTML Comments

+36 more

JS Globals

thanks_for_using_emergency_managementmfem_session_tooltipyou_cannot_reuse_your_old_password

FAQ