FattoreMamma Advertising Plugin Security & Risk Analysis

wordpress.org/plugins/fm-adv

This plugin is reserved for FattoreMamma Network Bloggers. This plugin is used to place private advertising slots.

0 active installs v0.3.3 PHP + WP 4.0.0+ Updated Jun 29, 2020
private-advertising-tools
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is FattoreMamma Advertising Plugin Safe to Use in 2026?

Generally Safe

Score 85/100

FattoreMamma Advertising Plugin has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

Based on the provided static analysis, the "fm-adv" v0.3.3 plugin exhibits a seemingly strong security posture with zero identified entry points requiring authentication, no dangerous functions, and all SQL queries utilizing prepared statements. The absence of file operations, external HTTP requests, and taint analysis findings further suggests a limited attack surface and minimal risk of data injection or manipulation through common vectors.

However, a significant concern arises from the "Output escaping" metric, where 100% of outputs are not properly escaped. This presents a high risk of Cross-Site Scripting (XSS) vulnerabilities, as unsanitized data displayed to users could contain malicious scripts. While the plugin has no recorded vulnerability history, the lack of output escaping is a critical oversight that could be easily exploited. The presence of a capability check, while positive, does not mitigate the XSS risk.

In conclusion, "fm-adv" v0.3.3 benefits from a clean code base in many areas, particularly regarding SQL and attack surface management. Nevertheless, the complete lack of output escaping is a severe weakness that significantly elevates the overall risk. This issue needs immediate attention to prevent potential XSS attacks. Without addressing this, the plugin's security is compromised despite its other positive attributes.

Key Concerns

  • Unescaped output detected
Vulnerabilities
None known

FattoreMamma Advertising Plugin Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

FattoreMamma Advertising Plugin Release Timeline

No version history available.
Code Analysis
Analyzed Apr 16, 2026

FattoreMamma Advertising Plugin Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
0 escaped
Nonce Checks
0
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

0% escaped1 total outputs
Attack Surface

FattoreMamma Advertising Plugin Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 4
actionadmin_menufm-adv.php:40
actionadmin_initfm-adv.php:41
actiontemplate_redirectfm-adv.php:42
actionthe_contentfm-adv.php:53
Maintenance & Trust

FattoreMamma Advertising Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19
Last updatedJun 29, 2020
PHP min version
Downloads830

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

FattoreMamma Advertising Plugin Alternatives

No alternatives data available yet.

Developer Profile

FattoreMamma Advertising Plugin Developer Profile

colorinside

2 plugins · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect FattoreMamma Advertising Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/fm-adv/languages
Script Paths
//fattoreadv.com/adserver/www/delivery/asyncjs.php

HTML / DOM Fingerprints

CSS Classes
fm-adv
HTML Comments
FattoreMamma Revive Adserver v5.0.5FattoreMamma Revive Adserver v5.0.5 Unit Not Found
Data Attributes
data-revive-zoneiddata-revive-id
FAQ

Frequently Asked Questions about FattoreMamma Advertising Plugin