Does ESB Post Type Order have any unpatched vulnerabilities?

No. All known vulnerabilities in ESB Post Type Order have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ESB Post Type Order compatible with WordPress 4.1.42?

According to WordPress.org data, ESB Post Type Order 1.0.0 has been tested up to WordPress 4.1.42. Check the plugin's changelog for the latest compatibility information.

How often is ESB Post Type Order updated?

ESB Post Type Order was last updated on Dec 24, 2014. Frequent updates are generally a positive security signal.

What is ESB Post Type Order's security score?

ESB Post Type Order has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ESB Post Type Order Security & Risk Analysis

wordpress.org/plugins/esb-post-type-order

This plugin will allow you to change the any post type menu order using drag & drop.

100 active installs v1.0.0 PHP + WP 3.5+ Updated Dec 24, 2014

custom-posts-orderpluginspostpost-orderpost-type-order

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is ESB Post Type Order Safe to Use in 2026?

Generally Safe

Score 85/100

ESB Post Type Order has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The 'esb-post-type-order' plugin version 1.0.0 exhibits a concerning security posture primarily due to its unprotected entry points. With two AJAX handlers present and neither possessing authentication checks, these represent significant potential vulnerabilities. The lack of any nonce checks or capability checks further exacerbates this risk, as it allows any authenticated user, regardless of their role or privileges, to potentially trigger these AJAX actions. This wide-open access to core plugin functionality is a major security concern.

Key Concerns

AJAX handlers without authentication checks
AJAX handlers without nonce checks
AJAX handlers without capability checks
Low percentage of properly escaped output

Vulnerabilities

None known

ESB Post Type Order Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

ESB Post Type Order Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

11% escaped9 total outputs

Attack Surface

2 unprotected

ESB Post Type Order Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_update_sort_orderincludes\admin\esb-pto-admin.php:167

noprivwp_ajax_update_sort_orderincludes\admin\esb-pto-admin.php:168

WordPress Hooks 8

actioninitesb-post-type-order.php:41

actioninitincludes\admin\esb-pto-admin.php:158

actionadmin_menuincludes\admin\esb-pto-admin.php:161

actionadmin_initincludes\admin\esb-pto-admin.php:164

actionpre_get_postsincludes\admin\esb-pto-admin.php:171

actionrestrict_manage_postsincludes\admin\esb-pto-admin.php:174

filterplugin_action_linksincludes\admin\esb-pto-admin.php:177

actionadmin_enqueue_scriptsincludes\esb-pto-scripts.php:28

Maintenance & Trust

ESB Post Type Order Maintenance & Trust

Maintenance Signals

WordPress version tested4.1.42

Last updatedDec 24, 2014

PHP min version

Downloads5K

Community Trust

Rating100/100

Number of ratings5

Active installs100

Alternatives

ESB Post Type Order Alternatives

Intuitive Custom Post Order

intuitive-custom-post-order

Intuitively reorder Posts, Pages, Custom Post Types, Taxonomies, and Sites with a simple drag-and-drop interface.

400K 4 CVEs

Real Custom Post Order: Create a custom order for your content

real-custom-post-order

100

Custom post order for posts, pages, WooCommerce products and custom post types using drag and drop. Simple and intuitive sorting of your content!

9K No CVEs

WP Sort Order

wp-sort-order

Order terms (Users, Posts, Pages, Custom Post Types and Custom Taxonomies) using a Drag and Drop with jQuery ui Sortable.

6K 1 CVE

Custom Category Post Order

custom-post-order-category

Order your post by category or custom post type by drag & drop interface.

500 1 CVE

All Round Order

all-round-order

Order all items(Pages, Posts, Custom Post Types and attachments) easily with a drag and drop feature

40 No CVEs

Developer Profile

ESB Post Type Order Developer Profile

eSparkBiz

3 plugins · 210 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ESB Post Type Order

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/esb-post-type-order/css/admin-style.css/wp-content/plugins/esb-post-type-order/js/admin-script.js

Script Paths

/wp-content/plugins/esb-post-type-order/js/admin-script.js

Version Parameters

esb-post-type-order/css/admin-style.css?ver=esb-post-type-order/js/admin-script.js?ver=

HTML / DOM Fingerprints

FAQ