Enhanced Menu Editor Security & Risk Analysis
wordpress.org/plugins/enhanced-menu-editorAdds menu editing options to the built-in WordPress Menus page like copying entire menus, and synchronizing page hierarchies with menu structures.
Is Enhanced Menu Editor Safe to Use in 2026?
Generally Safe
Score 85/100Enhanced Menu Editor has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'enhanced-menu-editor' plugin version 1.1 demonstrates a generally good security posture based on the provided static analysis. The plugin has a small attack surface consisting of two AJAX handlers, with none found to be unprotected. The absence of dangerous functions, file operations, and external HTTP requests is also a positive indicator. Furthermore, all output appears to be properly escaped, and taint analysis reveals no identified vulnerabilities. The plugin also boasts a clean vulnerability history with no recorded CVEs.
However, a notable area for improvement is the lack of capability checks on its entry points. While nonces are used, relying solely on them without verifying user capabilities leaves potential for privilege escalation or unauthorized actions if an attacker can bypass nonce verification or exploit other WordPress-level vulnerabilities. The presence of SQL queries that are not always prepared also introduces a slight risk of SQL injection, although the 50% rate of prepared statements mitigates this concern somewhat. Overall, the plugin is relatively secure, but the missing capability checks are a significant weakness that should be addressed.
Key Concerns
- Missing capability checks on entry points
- SQL queries not always using prepared statements
Enhanced Menu Editor Security Vulnerabilities
Enhanced Menu Editor Code Analysis
SQL Query Safety
Enhanced Menu Editor Attack Surface
AJAX Handlers 2
WordPress Hooks 3
Maintenance & Trust
Enhanced Menu Editor Maintenance & Trust
Maintenance Signals
Community Trust
Enhanced Menu Editor Alternatives
Yoast SEO – Advanced SEO with real-time guidance and built-in AI
wordpress-seo
Improve your SEO with real-time feedback, schema, and clear guidance. Upgrade for AI tools, Google Docs integration, and 24/7 support, no hidden fees.
All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic
all-in-one-seo-pack
AIOSEO is the most powerful WordPress SEO plugin. Improve SEO rankings and traffic with comprehensive SEO tools and smart AI SEO optimizations!
XML Sitemap Generator for Google
google-sitemap-generator
Generate multiple types of sitemaps to improve SEO and get your website indexed quickly.
SiteSEO – SEO Simplified
siteseo
SiteSEO is an easy, fast and powerful SEO plugin for WordPress. Unlock your Website's potential and Maximize your online visibility with our SiteSEO!
SureRank SEO – Smart Assistant with Meta Tags, Social Preview, XML Sitemap, and Schema
surerank
SureRank – SEO Assistant with Meta Tags, Social Preview, XML Sitemap, and Schema
Enhanced Menu Editor Developer Profile
5 plugins · 7K total installs
How We Detect Enhanced Menu Editor
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/enhanced-menu-editor/admin.js/wp-content/plugins/enhanced-menu-editor/admin.jsHTML / DOM Fingerprints
<!-- Enable enhanced menu editing options to the built-in WordPress Menus page like copying entire menus, and synchronizing menus with pages -->data-menu-iddata-menu-item-iddata-original-post-iddata-original-post-parentdata-original-menu-orderdata-original-classes+1 moreemc2eme/wp-json/emc2eme/v1/settings