Does Gecka Terms Ordering have any unpatched vulnerabilities?

No. All known vulnerabilities in Gecka Terms Ordering have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Gecka Terms Ordering compatible with WordPress 4.4.34?

According to WordPress.org data, Gecka Terms Ordering 1.0-beta2 has been tested up to WordPress 4.4.34. Check the plugin's changelog for the latest compatibility information.

How often is Gecka Terms Ordering updated?

Gecka Terms Ordering was last updated on Oct 20, 2015. Frequent updates are generally a positive security signal.

What is Gecka Terms Ordering's security score?

Gecka Terms Ordering has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Gecka Terms Ordering Security & Risk Analysis

wordpress.org/plugins/gecka-terms-ordering

Order your categories, tags or any other taxonomy's terms of your Wordpress website.

100 active installs v1.0-beta2 PHP + WP 3.0+ Updated Oct 20, 2015

categoriescategorytermtermsterms-ordering

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Gecka Terms Ordering Safe to Use in 2026?

Generally Safe

Score 85/100

Gecka Terms Ordering has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The gecka-terms-ordering plugin v1.0-beta2 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices by not utilizing dangerous functions, performing all SQL queries using prepared statements, and ensuring all output is properly escaped. It also avoids file operations and external HTTP requests, further minimizing potential attack vectors. The absence of any known vulnerabilities in its history is also a strong positive indicator.

However, a significant concern arises from the identified attack surface. The plugin has one AJAX handler that lacks authentication checks. This unprotected entry point presents a direct risk, as any unauthenticated user could potentially interact with this handler, leading to unexpected behavior or exploitation if the handler's functionality is sensitive. The lack of nonce checks on this AJAX handler exacerbates this issue, as it bypasses a common WordPress security mechanism designed to prevent Cross-Site Request Forgery (CSRF) attacks.

In conclusion, while the plugin excels in several critical security areas like SQL sanitization and output escaping, the single unprotected AJAX endpoint is a notable weakness. This single vulnerability drastically increases the risk profile, despite the plugin's otherwise clean code signals and vulnerability history. Addressing this unprotected AJAX handler should be the immediate priority to significantly improve the plugin's security.

Key Concerns

Unprotected AJAX handler without auth checks
Missing nonce check on AJAX handler

Vulnerabilities

None known

Gecka Terms Ordering Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Gecka Terms Ordering Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

1 unprotected

Gecka Terms Ordering Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_terms-orderinggecka-terms-ordering.php:152

WordPress Hooks 10

actionplugins_loadedgecka-terms-ordering.php:50

actionafter_setup_themegecka-terms-ordering.php:51

actioninitgecka-terms-ordering.php:53

actionswitch_bloggecka-terms-ordering.php:54

actionadmin_initgecka-terms-ordering.php:56

filterterms_clausesgecka-terms-ordering.php:58

actioncreated_termgecka-terms-ordering.php:60

actiondelete_termgecka-terms-ordering.php:62

actionadmin_footer-edit-tags.phpgecka-terms-ordering.php:147

actionadmin_print_styles-edit-tags.phpgecka-terms-ordering.php:149

Maintenance & Trust

Gecka Terms Ordering Maintenance & Trust

Maintenance Signals

WordPress version tested4.4.34

Last updatedOct 20, 2015

PHP min version

Downloads8K

Community Trust

Rating100/100

Number of ratings4

Active installs100

Alternatives

Gecka Terms Ordering Alternatives

Category Order and Taxonomy Terms Order

taxonomy-terms-order

Drag-and-drop ordering for Categories & any taxonomy (hierarchically) using a Drag and Drop Sortable JavaScript capability.

500K 2 CVEs

WP Category Sort

wp-category-sort

The WP Category Sort plugin allows you to easily reorder your categories the way you want via drag and drop.

500 No CVEs

Media Library Filter

media-library-filter

Filter the media in your library by the taxonomies and terms with which they are associated.

100 No CVEs

AY Term Meta

ay-term-meta

Add some meta to your terms like tags, categories or custom taxonomies

10 No CVEs

WP Term Manager

wp-term-manager

WP Term Manager helps users clean up or hide terms for easier administration.

0 No CVEs

Developer Profile

Gecka Terms Ordering Developer Profile

Gecka

4 plugins · 3K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Gecka Terms Ordering

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gecka-terms-ordering/javascripts/terms-ordering.js

Version Parameters

gecka-terms-ordering/javascripts/terms-ordering.js?ver=

HTML / DOM Fingerprints

CSS Classes

product-cat-placeholder

JS Globals

terms_order

FAQ