Does G File Merge & Minify have any unpatched vulnerabilities?

No. All known vulnerabilities in G File Merge & Minify have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is G File Merge & Minify compatible with WordPress 4.9.29?

According to WordPress.org data, G File Merge & Minify 1.0 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

Is G File Merge & Minify compatible with PHP 5.6+?

G File Merge & Minify requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is G File Merge & Minify updated?

G File Merge & Minify was last updated on Oct 17, 2018. Frequent updates are generally a positive security signal.

What is G File Merge & Minify's security score?

G File Merge & Minify has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

G File Merge & Minify Security & Risk Analysis

wordpress.org/plugins/g-file-merge-minify

A lightweight WordPress plugin that can shrink and combine CSS and JavaScript files on your website.

0 active installs v1.0 PHP 5.6+ WP 4.6+ Updated Oct 17, 2018

compressg-file-merge-minifygmkminifyshrink

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is G File Merge & Minify Safe to Use in 2026?

Generally Safe

Score 85/100

G File Merge & Minify has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The 'g-file-merge-minify' v1.0 plugin exhibits a mixed security posture. On the positive side, the plugin has a minimal attack surface with no reported CVEs or historical vulnerabilities. Furthermore, all detected SQL queries utilize prepared statements, and there are no external HTTP requests or cron events that could introduce risks. The absence of taint analysis findings suggests that complex data flow issues have not been identified.

However, significant concerns arise from the code signals. A notable weakness is the complete lack of output escaping, meaning any data rendered by the plugin could potentially be exploited for cross-site scripting (XSS) attacks. Additionally, the plugin lacks any nonce or capability checks for its entry points, which, despite the current zero count, is a major oversight. If any of the file operations were to become exposed or if new entry points were introduced, this absence of authorization would be a critical vulnerability. The overall security is compromised by these fundamental omissions in output handling and access control.

Key Concerns

No output escaping
No nonce checks
No capability checks

Vulnerabilities

None known

G File Merge & Minify Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

G File Merge & Minify Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped6 total outputs

Attack Surface

G File Merge & Minify Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

actionadmin_initgfmm_options.php:34

actionadmin_menugfmm_options.php:40

actionwp_enqueue_scriptsindex.php:13

actionwp_print_stylesindex.php:90

Maintenance & Trust

G File Merge & Minify Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedOct 17, 2018

PHP min version5.6

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

G File Merge & Minify Alternatives

Minify HTML

minify-html-markup

Minify HTML output for clean looking markup and faster downloading.

10K 3 CVEs

WP Super Minify • Minify, Compress and Cache HTML, CSS & JavaScript

wp-super-minify

100

A lightweight plugin that automatically minifies, compresses, and caches HTML, CSS, and JavaScript on demand to improve your website’s load speed.

9K 1 CVE

CSS Minify

css-optimizer

Minify and Optimize your CSS by clicking one button.

200 No CVEs

JPEG PNG Compressor

jpeg-png-compressor

Speed up your website. Compress your JPEG and PNG images automatically with PNG Compressor.

50 No CVEs

Minify Javascript

optimize-javascript

Minify and Optimize your Javascript by clicking one button and place it in the footer or header.

40 No CVEs

Developer Profile

G File Merge & Minify Developer Profile

Sinan Yorulmaz

4 plugins · 10K total installs

trust score

Avg Security Score

80/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect G File Merge & Minify

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/g-file-merge-minify/css/gfmm.css/wp-content/plugins/g-file-merge-minify/js/tabs.min.js/wp-content/plugins/g-file-merge-minify/js/tab-settings.min.js

Script Paths

/wp-content/plugins/g-file-merge-minify/js/tabs.min.js/wp-content/plugins/g-file-merge-minify/js/tab-settings.min.js

Version Parameters

/wp-content/plugins/g-file-merge-minify/css/gfmm.css?ver=/wp-content/plugins/g-file-merge-minify/js/tabs.min.js?ver=/wp-content/plugins/g-file-merge-minify/js/tab-settings.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

tabstabs-header

Data Attributes

data-tabdata-targetaria-selectedrole

FAQ