Does Genoo have any unpatched vulnerabilities?

No. All known vulnerabilities in Genoo have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Genoo compatible with WordPress 6.9.4?

According to WordPress.org data, Genoo 6.0.23 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Genoo updated?

Genoo was last updated on Dec 21, 2025. Frequent updates are generally a positive security signal.

What is Genoo's security score?

Genoo has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Genoo Security & Risk Analysis

wordpress.org/plugins/genoo

Combine the flexibility of WordPress with the power of Genoo and experience amazing results!

20 active installs v6.0.23 PHP + WP 4.6+ Updated Dec 21, 2025

centralized-lead-databaseemail-marketinglead-capture-formsmarketing-automation

A · Safe

CVEs total1

Unpatched0

Last CVEOct 31, 2024

Download

Safety Verdict

Is Genoo Safe to Use in 2026?

Generally Safe

Score 99/100

Genoo has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Oct 31, 2024Updated 3mo ago

Risk Assessment

The genoo plugin v6.0.23 exhibits a mixed security posture. On the positive side, the static analysis reveals no critical or high severity taint flows, all outputs are properly escaped, and there are no dangerous functions or file operations detected. The presence of capability checks and a limited attack surface with only one shortcode (which appears to be protected) are also good indicators. However, the plugin does have a history of a medium severity Cross-Site Scripting (XSS) vulnerability, which, although currently patched, highlights a past weakness in input neutralization. The absence of nonce checks on its single entry point (the shortcode) and 100% of its SQL queries being un-prepared are significant concerns that could potentially be exploited if an attacker can control the data processed by the shortcode or the SQL query.

Key Concerns

SQL queries without prepared statements
No nonce checks on entry points
History of medium severity XSS vulnerability

Vulnerabilities

Genoo Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-51605medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Genoo <= 6.0.10 - Authenticated (Contributor+) Stored Cross-Site Scripting

Oct 31, 2024 Patched in 6.0.13 (28d)

Code Analysis

Analyzed Mar 16, 2026

Genoo Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

TinyMCE

SQL Query Safety

0% prepared1 total queries

Output Escaping

100% escaped1 total outputs

Attack Surface

Genoo Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[facebook_comments] extensions\dropins.php:6

WordPress Hooks 15

filterwpseo_accessible_post_typesGenooInit.php:157

filtergenoo_wpme_form_shortcodeGenooInit.php:217

filtergenoo_wpme_survey_shortcodeGenooInit.php:218

filtergenoo_wpme_cta_shortcodeGenooInit.php:219

filtergenoo_wpme_tracking_link_shortcodeGenooInit.php:220

filtergenoo_wpme_widget_title_lumensGenooInit.php:222

filtergenoo_wpme_widget_title_formGenooInit.php:223

filtergenoo_wpme_widget_title_ctaGenooInit.php:224

filtergenoo_wpme_widget_title_cta_dynamicGenooInit.php:225

filtergenoo_wpme_repeatable_keyGenooInit.php:227

filtergenoo_wpme_widget_description_formGenooInit.php:229

filtergenoo_wpme_widget_description_lumensGenooInit.php:230

filtergenoo_wpme_widget_description_ctaGenooInit.php:231

filtergenoo_wpme_widget_description_cta_dynamicGenooInit.php:232

filtergenoo_wpme_clever_plugins_ownerGenooInit.php:234

Maintenance & Trust

Genoo Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 21, 2025

PHP min version

Downloads10K

Community Trust

Rating100/100

Number of ratings2

Active installs20

Alternatives

Genoo Alternatives

ActiveCampaign – The autonomous marketing platform

activecampaign-subscription-forms

Add ActiveCampaign contact forms and live chat to any post, page, or sidebar. Also enable ActiveCampaign site tracking for your WordPress blog.

40K 4 CVEs

Brevo for WooCommerce

woocommerce-sendinblue-newsletter-subscription

All-in-one WooCommerce email marketing, automation, SMS, and CRM by Brevo. Grow your store with powerful marketing tools.

30K 3 CVEs

FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce

wp-marketing-automations

Recover lost revenue with Cart Abandonment Recovery for WooCommerce. Increase retention with Post Purchase Follow-Up Emails.

20K 11 CVEs

MWB HubSpot for WooCommerce – CRM, Abandoned Cart, Email Marketing, Marketing Automation & Analytics

makewebbetter-hubspot-for-woocommerce

Integrate WooCommerce with HubSpot’s free CRM, abandoned cart tracking, email marketing, marketing automation, analytics & more.

7K 1 CVE

CleverReach® WP

cleverreach-wp

Connect your WordPress account with our easy-to-use email software and increase the success of your website or blog with newsletter marketing!

4K 2 CVEs

Developer Profile

Genoo Developer Profile

Genoo

2 plugins · 50 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

28 days

View full developer profile

Detection Fingerprints

How We Detect Genoo

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/genoo/assets/css/bootstrap-slider.css/wp-content/plugins/genoo/assets/css/bootstrap.min.css/wp-content/plugins/genoo/assets/css/bootstrap-theme.min.css/wp-content/plugins/genoo/assets/css/genoo.css/wp-content/plugins/genoo/assets/css/styles.css/wp-content/plugins/genoo/assets/js/bootstrap.min.js/wp-content/plugins/genoo/assets/js/genoo.js/wp-content/plugins/genoo/assets/js/genoo.min.js+3 more

Script Paths

/wp-content/plugins/genoo/assets/js/bootstrap.min.js/wp-content/plugins/genoo/assets/js/genoo.js/wp-content/plugins/genoo/assets/js/genoo.min.js/wp-content/plugins/genoo/assets/js/genoo.vendor.js/wp-content/plugins/genoo/assets/js/bootstrap-slider.js/wp-content/plugins/genoo/assets/js/bootstrap.js

Version Parameters

genoo.css?ver=genoo.min.css?ver=styles.css?ver=genoo.js?ver=genoo.min.js?ver=genoo.vendor.js?ver=

HTML / DOM Fingerprints

CSS Classes

genoo-dashboard-widgetgenoo-buttongenoo-field-wrappergenoo-modalgenoo-form-inputgenoo-tab-contentgenoo-tab-headergenoo-nav+3 more

HTML Comments

Copyright 2014 Genoo, LLC (web : http://www.genoo.com/)This program is free software; you can redistribute it and/or modifyThis program is distributed in the hope that it will be useful,You should have received a copy of the GNU General Public License+10 more

Data Attributes

data-genoo-iddata-genoo-form-iddata-genoo-field-iddata-genoo-actiondata-genoo-modal-targetdata-genoo-form-name

JS Globals

GenoogenooApiSettingsgenooApiGeneralgenooThemeSettingsgenooFormMessagesgenooDebug+1 more

Shortcode Output

<div id="fb-root"></div><script type="text/javascript">(function(d, s, id) {<div class="fb-like" data-href="<div class="fb-share-button" data-href="

FAQ