Does Glossary Index have any unpatched vulnerabilities?

No. All known vulnerabilities in Glossary Index have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Glossary Index compatible with WordPress 6.9.4?

According to WordPress.org data, Glossary Index 0.0.14 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Glossary Index compatible with PHP 7.4+?

Glossary Index requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Glossary Index updated?

Glossary Index was last updated on Jan 5, 2026. Frequent updates are generally a positive security signal.

What is Glossary Index's security score?

Glossary Index has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Glossary Index Security & Risk Analysis

wordpress.org/plugins/glossary-index

Create a glossary on your WordPress site to boost SEO, help visitors understand your content, and increase organic search traffic.

70 active installs v0.0.14 PHP 7.4+ WP 6.0+ Updated Jan 5, 2026

alphabeticalglossaryindexterms

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Glossary Index Safe to Use in 2026?

Generally Safe

Score 100/100

Glossary Index has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The 'glossary-index' plugin v0.0.14 presents a generally good security posture with some notable areas for improvement. The plugin exhibits strong adherence to secure coding practices by not utilizing dangerous functions, performing all SQL queries using prepared statements, and incorporating nonce and capability checks. Furthermore, the complete absence of recorded vulnerabilities and CVEs in its history is a significant positive indicator of its current security.

However, a key concern lies in the output escaping. With 52% of its 25 outputs properly escaped, there's a considerable risk of Cross-Site Scripting (XSS) vulnerabilities. The remaining 48% of unescaped outputs represent potential entry points for malicious scripts to be injected into the website.

While the attack surface is minimal (one shortcode) and free of direct unprotected entry points like unauthenticated AJAX handlers or REST API routes, the insufficient output escaping remains the primary security weakness. The plugin's history of zero vulnerabilities is commendable, suggesting careful development, but it's crucial to address the unescaped output to maintain this strong track record.

Key Concerns

Unescaped output found

Vulnerabilities

None known

Glossary Index Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Glossary Index Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

13 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

52% escaped25 total outputs

Attack Surface

Glossary Index Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[glossary_index] includes\shortcode.php:113

WordPress Hooks 13

actionwp_enqueue_scriptsglossary-index.php:24

actioninitglossary-index.php:40

actioninitglossary-index.php:43

actionadmin_initglossary-index.php:51

actioninitincludes\post-type.php:35

filterthe_contentincludes\post-type.php:50

actionwp_headincludes\post-type.php:80

filterthe_contentincludes\post-type.php:112

actionadmin_noticesincludes\settings.php:31

actionadmin_initincludes\settings.php:114

actionadmin_initincludes\settings.php:117

actionadmin_menuincludes\settings.php:163

actionupdate_option_glossary_index_settingsincludes\settings.php:215

Maintenance & Trust

Glossary Index Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 5, 2026

PHP min version7.4

Downloads810

Community Trust

Rating0/100

Number of ratings0

Active installs70

Alternatives

Glossary Index Alternatives

Easy Glossary

easy-glossary

100

A lightweight, flexible glossary plugin that auto-links terms, shows tooltips, and provides an index shortcode.

0 No CVEs

Heroic Glossary – Block for building Glossaries, Dictionaries and more

heroic-glossary

100

The best WordPress glossary builder plugin to create and manage your own glossary of terms.

4K No CVEs

Name Directory

name-directory

Name directory (glossary) with many options like multiple directories, integrated search, non-latin characters, recaptcha, HTML editor and many more.

3K 10 CVEs

LuckyWP Glossary

luckywp-glossary

The plugin implements the glossary/dictionary functionality with support of synonyms.

200 No CVEs

WP-SNAP!

wp-snap

WP-SNAP! (WordPress System for Navigating Alphabetized Posts) creates an user interface for navigating alphabetized post titles.

90 No CVEs

Developer Profile

Glossary Index Developer Profile

stepanvanek

1 plugin · 70 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Glossary Index

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/glossary-index/assets/css/glossary-index.css

Version Parameters

glossary-index/assets/css/glossary-index.css?ver=0.0.14

HTML / DOM Fingerprints

CSS Classes

glossary-term-titlesingle-glossary_index_term

REST Endpoints

/wp-json/glossary-index

FAQ