Does Get User Custom Field Values have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Get User Custom Field Values compatible with WordPress 5.8.13?

According to WordPress.org data, Get User Custom Field Values 3.3 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

How often is Get User Custom Field Values updated?

Get User Custom Field Values was last updated on Nov 21, 2021. Frequent updates are generally a positive security signal.

What is Get User Custom Field Values's security score?

Get User Custom Field Values has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Get User Custom Field Values Security & Risk Analysis

wordpress.org/plugins/get-user-custom-field-values

Use widgets, shortcodes, and/or template tags to easily retrieve and display custom field values for users.

90 active installs v3.3 PHP + WP 4.6+ Updated Nov 21, 2021

custom-fieldshortcodeuseruser-metawidget

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Get User Custom Field Values Safe to Use in 2026?

Generally Safe

Score 85/100

Get User Custom Field Values has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The "get-user-custom-field-values" plugin v3.3 exhibits a generally good security posture based on the provided static analysis. The absence of any identified entry points like AJAX handlers, REST API routes, shortcodes, or cron events significantly reduces the potential attack surface. Furthermore, the plugin demonstrates a commitment to secure coding practices by exclusively using prepared statements for SQL queries and having no recorded external HTTP requests or file operations. The lack of any known vulnerabilities or CVEs in its history also points to a stable and well-maintained codebase.

Key Concerns

Output escaping is only 44% proper
No nonce checks implemented
No capability checks implemented

Vulnerabilities

None known

Get User Custom Field Values Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Get User Custom Field Values Release Timeline

v3.3Current

v3.2.2

v3.2.1

v3.2

v3.0

v2.9.1

v2.9

v2.8

v2.7.1

v2.7

v2.6

v2.5.1

v2.5

Code Analysis

Analyzed Mar 16, 2026

Get User Custom Field Values Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

12 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

44% escaped27 total outputs

Attack Surface

Get User Custom Field Values Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 10

filterc2c_get_current_user_customget-user-custom-field-values.php:71

filterc2c_get_author_customget-user-custom-field-values.php:99

filterc2c_get_user_customget-user-custom-field-values.php:185

actionload-post.phpget-user-custom.shortcode.php:62

actionload-post-new.phpget-user-custom.shortcode.php:63

filterdefault_hidden_meta_boxesget-user-custom.shortcode.php:64

actionadmin_print_footer_scriptsget-user-custom.shortcode.php:73

actiondo_meta_boxesget-user-custom.shortcode.php:74

actioninitget-user-custom.shortcode.php:337

actionwidgets_initget-user-custom.widget.php:218

Maintenance & Trust

Get User Custom Field Values Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedNov 21, 2021

PHP min version

Downloads13K

Community Trust

Rating74/100

Number of ratings3

Active installs90

Alternatives

Get User Custom Field Values Alternatives

Get Custom Field Values

get-custom-field-values

Use widgets, shortcodes, and/or template tags to easily retrieve and display custom field values for posts or pages.

1K 4 CVEs

BP XProfile Shortcode

bp-xprofile-shortcode

Adds Shortcode for BuddyPress XProfile data

50 No CVEs

WiflyDemoFeedbackComposer

wiflydemofeedbackcomposer

The plugin is responsible for collecting and displaying feedback

0 No CVEs

Contact Form by BestWebSoft – Advanced WP Contact Form Builder for WordPress

contact-form-plugin

The most powerful and user-friendly WordPress contact form plugin. Create beautiful contact forms, widgets and pages using shortcodes.

30K 10 CVEs

Apollo13 Framework Extensions

apollo13-framework-extensions

Adds custom post types, shortcodes and some features that are used in themes built on Apollo13 Framework.

20K 6 CVEs

Developer Profile

Get User Custom Field Values Developer Profile

Scott Reilly

63 plugins · 92K total installs

trust score

Avg Security Score

88/100

Avg Patch Time

374 days

View full developer profile

Detection Fingerprints

How We Detect Get User Custom Field Values

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/get-user-custom-field-values/get-user-custom-widget.css/wp-content/plugins/get-user-custom-field-values/get-user-custom-widget.js

Script Paths

/wp-content/plugins/get-user-custom-field-values/get-user-custom-widget.js

Version Parameters

get-user-custom-field-values/get-user-custom-widget.css?ver=get-user-custom-field-values/get-user-custom-widget.js?ver=

HTML / DOM Fingerprints

FAQ