Does Get Options have any unpatched vulnerabilities?

No. All known vulnerabilities in Get Options have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Get Options compatible with WordPress 6.7.5?

According to WordPress.org data, Get Options 2.7.0 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is Get Options updated?

Get Options was last updated on Feb 2, 2025. Frequent updates are generally a positive security signal.

What is Get Options's security score?

Get Options has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Get Options Security & Risk Analysis

wordpress.org/plugins/get-options

View all the WordPress Options

40 active installs v2.7.0 PHP + WP 3.2.1+ Updated Feb 2, 2025

admindebugoptionstool

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Get Options Safe to Use in 2026?

Generally Safe

Score 92/100

Get Options has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The 'get-options' plugin version 2.7.0 exhibits a mixed security posture. On the positive side, the attack surface appears to be minimal, with no apparent AJAX handlers, REST API routes, shortcodes, or cron events exposed. The absence of known CVEs and a clean vulnerability history is also a strong indicator of past security diligence. However, the static analysis reveals significant areas of concern that detract from an otherwise positive outlook.

The presence of the `unserialize` function, coupled with a complete lack of nonce checks and capability checks, presents a high-risk scenario. If serialized data is processed by this function without proper sanitization and authentication, it could lead to arbitrary object injection vulnerabilities, allowing an attacker to execute malicious code or gain unauthorized access. Furthermore, the plugin uses raw SQL queries without prepared statements, which opens it up to SQL injection vulnerabilities. While the percentage of unescaped output is not critically high, it still presents a potential avenue for cross-site scripting (XSS) attacks. The absence of taint analysis data is notable but doesn't negate the risks identified through code signals and function usage.

In conclusion, while the plugin's attack surface and historical vulnerability record are reassuring, the direct use of dangerous functions like `unserialize` without corresponding security controls (nonces, capabilities) and the lack of prepared statements for SQL queries represent critical security weaknesses. These specific code-level risks require immediate attention to mitigate the potential for severe exploitation.

Key Concerns

Dangerous function unserialize without auth/nonce
SQL queries without prepared statements
Unescaped output present
No nonce checks implemented
No capability checks implemented

Vulnerabilities

None known

Get Options Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Get Options Release Timeline

v2.7.0Current

v2.6.0

v2.5

v2.4.0

v2.3.0

v2.2.0

v2.1.0

v2.0.0

v1.1.9

v1.1.6

v1.1.5

v1.1.4

v1.1.3

v1.1.2

v1.1.1

v1.1.0

Code Analysis

Analyzed Mar 16, 2026

Get Options Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

12 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$my_value = unserialize($option->option_value); // pre($value);inc\page-content.php:118

unserialize$my_value = unserialize($option->option_value); // pre($value);trunk\inc\page-content.php:118

SQL Query Safety

0% prepared2 total queries

Output Escaping

40% escaped30 total outputs

Attack Surface

Get Options Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actionadmin_menuget-options.php:27

actionadmin_menutrunk\get-options.php:27

Maintenance & Trust

Get Options Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedFeb 2, 2025

PHP min version

Downloads6K

Community Trust

Rating100/100

Number of ratings3

Active installs40

Alternatives

Get Options Alternatives

My WP Customize Admin/Frontend

my-wp

Simply and easy-to-use the customize for Admin and Frontend. A lot of custom filters and actions, and included the developer tools.

8K 2 CVEs

which template file

which-template-file

Show the name of the php file of your theme used to display the current page.

4K 2 CVEs

Error Log Viewer By WP Guru

error-log-viewer-wp

Error Log Viewer by WP Guru simplifies viewing and analyzing PHP error logs, making it easier to monitor and resolve errors quickly.

100 1 unpatched

Nuvia AI – The Developer Copilot for WordPress

nuvia-ai

100

An AI-powered developer assistant for WordPress that helps debug issues, fix layout and CSS problems, inspect pages, and provide intelligent guidance.

0 No CVEs

Options Management

options-management

A small plugin for developers to manage manually wordpress options.

0 No CVEs

Developer Profile

Get Options Developer Profile

gilles66

3 plugins · 4K total installs

trust score

Avg Security Score

92/100

Avg Patch Time

268 days

View full developer profile

Detection Fingerprints

How We Detect Get Options

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/get-options/css//wp-content/plugins/get-options/js/

Script Paths

/wp-content/plugins/get-options/js/get-options.js

Version Parameters

get-options/js/get-options.js?ver=

HTML / DOM Fingerprints

CSS Classes

gwp_options_tablegwp_options_searchgwp_option_namegwp_option_value

Data Attributes

data-option-namedata-option-value

JS Globals

get_options_ajax_object

FAQ