Does G Meta Keywords have any unpatched vulnerabilities?

Yes — G Meta Keywords currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is G Meta Keywords compatible with WordPress 5.1.22?

According to WordPress.org data, G Meta Keywords 1.4 has been tested up to WordPress 5.1.22. Check the plugin's changelog for the latest compatibility information.

Is G Meta Keywords compatible with PHP 5.6+?

G Meta Keywords requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is G Meta Keywords updated?

G Meta Keywords was last updated on Jun 19, 2019. Frequent updates are generally a positive security signal.

What is G Meta Keywords's security score?

G Meta Keywords has a WP-Safety security score of 64/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

G Meta Keywords Security & Risk Analysis

wordpress.org/plugins/g-meta-keywords

G Meta Keywords (GMK) is a simple but useful WordPress add-on that allows you to easily add the keyword insertion field removed from many Search Engin …

10K active installs v1.4 PHP 5.6+ WP 4.6+ Updated Jun 19, 2019

g-meta-keywordsgmkkeywordsmetameta-keywords

C · Use Caution

CVEs total1

Unpatched1

Last CVEOct 15, 2024

Plugin page Download

Safety Verdict

Is G Meta Keywords Safe to Use in 2026?

Use With Caution

Score 64/100

G Meta Keywords has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Oct 15, 2024Updated 6yr ago

Risk Assessment

The "g-meta-keywords" plugin v1.4 exhibits a mixed security posture. While static analysis reveals no exploitable entry points like AJAX handlers, REST API routes, shortcodes, or cron events without authentication or permission checks, and all SQL queries use prepared statements, significant concerns arise from the output escaping and vulnerability history. The low percentage of properly escaped output (25%) suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the user interface.

Furthermore, the plugin has a known, currently unpatched medium severity CVE from October 15, 2024, identified as Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). This indicates a recurring problem with handling user input safely, despite the absence of critical or high severity taint flows identified in the static analysis. The presence of an unpatched vulnerability, coupled with the observed output escaping issues, points to a critical need for immediate remediation and ongoing security vigilance for this plugin. While the lack of direct entry points is a positive, the latent risk of XSS due to poor output sanitization and the existing unpatched vulnerability are substantial weaknesses.

Key Concerns

Unpatched CVE (medium severity)
Low percentage of properly escaped output

Vulnerabilities

G Meta Keywords Security Vulnerabilities

CVEs by Year

1 CVE in 2024 · unpatched

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-49301medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

G Meta Keywords <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Oct 15, 2024Unpatched

Code Analysis

Analyzed Mar 16, 2026

G Meta Keywords Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

25% escaped8 total outputs

Attack Surface

G Meta Keywords Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 9

actioncategory_add_form_fieldsgmk_category_functions.php:2

actioncategory_edit_form_fieldsgmk_category_functions.php:3

actioncreated_categorygmk_category_functions.php:45

actionedited_categorygmk_category_functions.php:46

actionadd_meta_boxesgmk_functions.php:16

actionsave_postgmk_functions.php:35

actionadmin_initgmk_options.php:7

actionadmin_menugmk_options.php:13

actionwp_headindex.php:33

Maintenance & Trust

G Meta Keywords Maintenance & Trust

Maintenance Signals

WordPress version tested5.1.22

Last updatedJun 19, 2019

PHP min version5.6

Downloads64K

Community Trust

Rating100/100

Number of ratings9

Active installs10K

Alternatives

G Meta Keywords Alternatives

Simple SEO

cds-simple-seo

Allows the modification of META titles, descriptions and keywords for all pages and posts. Also allows for default setting for of META title, descript …

10K 6 CVEs

Codevyne SEO Meta Keywords

wpcc-seo-meta-keywords

100

Short Description: Add wordpress website page, post and product SEO meta keywords to speedup your website google search engine visibility.

4K No CVEs

FV Simpler SEO

fv-all-in-one-seo-pack

Simple and effective SEO. Non-invasive, elegant. Ideal for client facing projects.

2K 1 CVE

Add Meta Tag Keywords

add-meta-tag-keywords

The plugin allows you to add Meta Tag keywords for posts, pages or basically any custom post type. The Meta Keywords are important words or phrases th …

1K No CVEs

Meta Keywords for Each Page

meta-keywords-for-each-page

100

Easily add SEO meta keywords to enhance your website's search engine optimization.

600 No CVEs

Developer Profile

G Meta Keywords Developer Profile

Sinan Yorulmaz

4 plugins · 10K total installs

trust score

Avg Security Score

80/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect G Meta Keywords

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/g-meta-keywords/css/gmk.css

Version Parameters

g-meta-keywords/css/gmk.css?ver=1

HTML / DOM Fingerprints

CSS Classes

admin-panelslidebarlogoactive-menumaintopbarmainContentheader+3 more

Data Attributes

name="gmk_field"id="gmk_field"name="post_type"id="post_type"

FAQ