WP-Safety

Essential Content Types Security & Risk Analysis

wordpress.org/plugins/essential-content-types

Essential Content Types allows you to feature the impressive content through different content/post types on your website just the way you want it.

20K active installs v2.4 PHP + WP 5.9+ Updated Apr 5, 2026
content-typescustom-content-typescustom-post-typespost-typestaxonomy
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Essential Content Types Safe to Use in 2026?

Generally Safe

Score 100/100

Essential Content Types has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "essential-content-types" plugin v2.3 exhibits a mixed security posture. On the positive side, it has a clean vulnerability history with no recorded CVEs and demonstrates good practices in areas like output escaping (80% properly escaped) and nonce checks (11 instances). The absence of file operations and external HTTP requests further strengthens its security. However, the static analysis reveals a notable concern: one of its four AJAX handlers lacks authentication checks. While taint analysis did not uncover critical or high-severity issues, the presence of two flows with unsanitized paths, though not rated critical, warrants attention. The single SQL query found is not using prepared statements, which is a general risk. The overall attack surface is relatively small (13 entry points), with only one identified as unprotected.

Key Concerns

  • AJAX handler without auth check
  • SQL query not using prepared statements
  • Flows with unsanitized paths
Vulnerabilities
None known

Essential Content Types Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Essential Content Types Release Timeline

v2.4Current
v2.3
v2.2.6
v2.2.5
v2.2.4
v2.2.3
v2.2.2
v2.2.1
v2.2
v2.1
v2.0
v1.9.1
v1.9
v1.8.6
v1.8.5
v1.8.4
v1.8.3
v1.8.2
v1.8.1
v1.8
Code Analysis
Analyzed Mar 16, 2026

Essential Content Types Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
0 prepared
Unescaped Output
45
182 escaped
Nonce Checks
11
Capability Checks
12
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

0% prepared1 total queries

Output Escaping

80% escaped227 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

6 flows2 with unsanitized paths
process_form_request (admin\class-food-menu.php:870)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Essential Content Types Attack Surface

Entry Points13
Unprotected1

AJAX Handlers 4

authwp_ajax_query-themesincludes\CatchThemesThemePlugin.php:6
authwp_ajax_customize_load_themesincludes\CatchThemesThemePlugin.php:16
authwp_ajax_ect_dashboard_switchincludes\class-essential-content-types.php:154
authwp_ajax_ctp_switchincludes\ctp-tabs-removal.php:81

Shortcodes 9

[featured_content] admin\class-featured-content.php:55
[ect_featured_content] admin\class-featured-content.php:56
[food_menu] admin\class-food-menu.php:95
[portfolio] admin\class-portfolio.php:76
[jetpack_portfolio] admin\class-portfolio.php:77
[services] admin\class-service.php:55
[ect_services] admin\class-service.php:56
[jetpack_testimonials] admin\class-testimonial.php:97
[testimonials] admin\class-testimonial.php:100
WordPress Hooks 109
actionimport_startadmin\class-featured-content.php:33
filterrest_api_allowed_post_typesadmin\class-featured-content.php:36
actionafter_switch_themeadmin\class-featured-content.php:43
filterpost_updated_messagesadmin\class-featured-content.php:46
actioncustomize_registeradmin\class-featured-content.php:49
actionadmin_enqueue_scriptsadmin\class-featured-content.php:52
filterpre_get_postsadmin\class-featured-content.php:59
actioninitadmin\class-featured-content.php:685
actionafter_setup_themeadmin\class-featured-content.php:696
actionect_no_featured_content_foundadmin\class-featured-content.php:731
actionect_before_featured_content_loopadmin\class-featured-content.php:746
actionect_before_featured_content_loopadmin\class-featured-content.php:758
actionect_after_featured_content_loopadmin\class-featured-content.php:770
actionect_after_featured_content_loopadmin\class-featured-content.php:784
actionadmin_menuadmin\class-food-menu.php:69
actionadmin_enqueue_scriptsadmin\class-food-menu.php:70
actionadmin_headadmin\class-food-menu.php:71
actionparse_queryadmin\class-food-menu.php:78
filterposts_resultsadmin\class-food-menu.php:79
actionwp_insert_postadmin\class-food-menu.php:81
filtertemplate_includeadmin\class-food-menu.php:86
filterenter_title_hereadmin\class-food-menu.php:88
filterpost_updated_messagesadmin\class-food-menu.php:89
filterdashboard_glance_itemsadmin\class-food-menu.php:90
filterbody_classadmin\class-food-menu.php:92
actioncurrent_screenadmin\class-food-menu.php:431
filteradmin_noticesadmin\class-food-menu.php:474
actionthe_postadmin\class-food-menu.php:631
actionloop_startadmin\class-food-menu.php:1123
actionthe_postadmin\class-food-menu.php:1142
actionloop_endadmin\class-food-menu.php:1143
actioninitadmin\class-food-menu.php:1429
actionafter_setup_themeadmin\class-food-menu.php:1441
actionect_no_food_menu_foundadmin\class-food-menu.php:1454
actionect_before_food_menu_loopadmin\class-food-menu.php:1468
actionect_before_food_menu_loopadmin\class-food-menu.php:1480
actionect_after_food_menu_loopadmin\class-food-menu.php:1492
actionect_after_food_menu_loopadmin\class-food-menu.php:1506
actionadmin_initadmin\class-portfolio.php:33
actionafter_switch_themeadmin\class-portfolio.php:36
actionimport_startadmin\class-portfolio.php:39
filterrest_api_allowed_post_typesadmin\class-portfolio.php:42
actionafter_switch_themeadmin\class-portfolio.php:64
filterpost_updated_messagesadmin\class-portfolio.php:67
actioncustomize_registeradmin\class-portfolio.php:70
actionadmin_enqueue_scriptsadmin\class-portfolio.php:73
filterpre_get_postsadmin\class-portfolio.php:80
actionswitch_themeadmin\class-portfolio.php:84
actioninitadmin\class-portfolio.php:778
actionafter_setup_themeadmin\class-portfolio.php:794
actionect_no_portfolio_foundadmin\class-portfolio.php:830
actionect_before_portfolio_loopadmin\class-portfolio.php:844
actionect_before_portfolio_loopadmin\class-portfolio.php:856
actionect_after_portfolio_loopadmin\class-portfolio.php:868
actionect_after_portfolio_loopadmin\class-portfolio.php:882
actionimport_startadmin\class-service.php:33
filterrest_api_allowed_post_typesadmin\class-service.php:36
actionafter_switch_themeadmin\class-service.php:43
filterpost_updated_messagesadmin\class-service.php:46
actioncustomize_registeradmin\class-service.php:49
actionadmin_enqueue_scriptsadmin\class-service.php:52
filterpre_get_postsadmin\class-service.php:59
actioninitadmin\class-service.php:641
actionafter_setup_themeadmin\class-service.php:653
actionect_no_service_foundadmin\class-service.php:683
actionect_before_service_loopadmin\class-service.php:698
actionect_before_service_loopadmin\class-service.php:710
actionect_after_service_loopadmin\class-service.php:722
actionect_after_service_loopadmin\class-service.php:736
actionimport_startadmin\class-testimonial.php:31
actionrestapi_theme_initadmin\class-testimonial.php:34
filterrest_api_allowed_post_typesadmin\class-testimonial.php:37
actionadmin_initadmin\class-testimonial.php:48
actionafter_switch_themeadmin\class-testimonial.php:51
actionafter_switch_themeadmin\class-testimonial.php:74
filterenter_title_hereadmin\class-testimonial.php:77
filterpost_updated_messagesadmin\class-testimonial.php:79
actioncustomize_registeradmin\class-testimonial.php:80
actionadmin_menuadmin\class-testimonial.php:85
filterjetpack_sitemap_post_typesadmin\class-testimonial.php:89
filterpre_get_postsadmin\class-testimonial.php:92
filterinfinite_scroll_settingsadmin\class-testimonial.php:93
actionswitch_themeadmin\class-testimonial.php:105
filtertheme_mod_jetpack_testimonialsadmin\class-testimonial.php:531
actioninitadmin\class-testimonial.php:694
actionafter_setup_themeadmin\class-testimonial.php:742
actionadd_meta_boxesadmin\class-testimonial.php:774
actionsave_postadmin\class-testimonial.php:776
actioninitadmin\class-testimonial.php:840
actionect_no_testimonial_foundadmin\class-testimonial.php:882
actionect_before_testimonial_loopadmin\class-testimonial.php:897
actionect_before_testimonial_loopadmin\class-testimonial.php:909
actionect_after_testimonial_loopadmin\class-testimonial.php:967
actionect_after_testimonial_loopadmin\class-testimonial.php:981
filterbody_classessential-content-types.php:193
filterget_the_archive_titleessential-content-types.php:221
actionwp_headessential-content-types.php:225
actionadmin_enqueue_scriptsincludes\CatchThemesThemePlugin.php:8
actioncustomize_registerincludes\CatchThemesThemePlugin.php:11
filterinstall_plugins_tabsincludes\CatchThemesThemePlugin.php:18
filterinstall_plugins_table_api_args_catchpluginsincludes\CatchThemesThemePlugin.php:19
actioninstall_plugins_catchpluginsincludes\CatchThemesThemePlugin.php:20
actionplugins_loadedincludes\class-essential-content-types.php:133
actionadmin_enqueue_scriptsincludes\class-essential-content-types.php:148
actionadmin_enqueue_scriptsincludes\class-essential-content-types.php:149
actionadmin_menuincludes\class-essential-content-types.php:151
filterplugin_action_linksincludes\class-essential-content-types.php:156
filterplugin_row_metaincludes\class-essential-content-types.php:158
actionadmin_initincludes\ctp-tabs-removal.php:16
Maintenance & Trust

Essential Content Types Maintenance & Trust

Maintenance Signals

WordPress version tested7.0
Last updatedApr 5, 2026
PHP min version
Downloads893K

Community Trust

Rating60/100
Number of ratings2
Active installs20K
Alternatives

Essential Content Types Alternatives

Custom Post Type UI

Custom Post Type UI

custom-post-type-ui

A
93

Admin UI for creating custom content types like post types and taxonomies

1.0M 4 CVEs
Pods – Custom Content Types and Fields

Pods – Custom Content Types and Fields

pods

A
87

Pods is a framework for creating, managing, and deploying customized content types and fields for any project.

100K 14 CVEs
Gravity Forms + Custom Post Types

Gravity Forms + Custom Post Types

gravity-forms-custom-post-types

A
100

Map your Gravity-Forms-generated posts to a custom post type and/or custom taxonomies.

10K No CVEs
Posts in Page

Posts in Page

posts-in-page

B
84

Easily add one or more posts to any page using simple shortcodes.

10K 1 CVE
Advanced Views – Display Custom Fields (ACF, Pods, MetaBox), Posts, CPT and Woo Products anywhere in Gutenberg, Elementor, Divi, Beaver…

Advanced Views – Display Custom Fields (ACF, Pods, MetaBox), Posts, CPT and Woo Products anywhere in Gutenberg, Elementor, Divi, Beaver…

acf-views

A
98

Display content with full control over selection and layout. Lightweight and compatible with any theme or page builder.

2K 1 CVE
Developer Profile

Essential Content Types Developer Profile

Catch Themes

156 plugins · 226K total installs

79
trust score
Avg Security Score
100/100
Avg Patch Time
251 days
View full developer profile
Detection Fingerprints

How We Detect Essential Content Types

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/essential-content-types/assets/css/ect-admin.css/wp-content/plugins/essential-content-types/assets/css/ect-public.css/wp-content/plugins/essential-content-types/assets/js/ect-customizer.js/wp-content/plugins/essential-content-types/assets/js/ect-public.js/wp-content/plugins/essential-content-types/assets/js/ect-widget.js/wp-content/plugins/essential-content-types/includes/customizer/assets/js/ect-customizer.js
Version Parameters
essential-content-types/assets/css/ect-admin.css?ver=essential-content-types/assets/css/ect-public.css?ver=essential-content-types/assets/js/ect-customizer.js?ver=essential-content-types/assets/js/ect-public.js?ver=essential-content-types/assets/js/ect-widget.js?ver=essential-content-types/includes/customizer/assets/js/ect-customizer.js?ver=

HTML / DOM Fingerprints

CSS Classes
ect-postect-containerect-content-wrapper
HTML Comments
<!-- ECT Templates --><!-- End ECT Templates --><!-- ECT Elementor Template --><!-- End ECT Elementor Template -->+2 more
Data Attributes
data-layoutdata-item-id
JS Globals
ECTCustomize
FAQ

Frequently Asked Questions about Essential Content Types