GRIT Taxonomy Filter Security & Risk Analysis
wordpress.org/plugins/grit-taxonomy-filterThis plugin can be used to filter taxonomies of custom post type as well as default categories of wordpress upto depth 3.
Is GRIT Taxonomy Filter Safe to Use in 2026?
Generally Safe
Score 85/100GRIT Taxonomy Filter has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The grit-taxonomy-filter plugin v1.0.0 exhibits a mixed security posture. On the positive side, it utilizes prepared statements for all SQL queries and avoids dangerous functions, file operations, and external HTTP requests. There are also no known vulnerabilities or CVEs associated with this plugin, suggesting a relatively stable history. However, significant concerns arise from the attack surface analysis, specifically the presence of two AJAX handlers that lack authentication checks. Furthermore, the taint analysis indicates two flows with unsanitized paths, which could potentially lead to vulnerabilities if user input is not properly handled. The absence of nonce checks on AJAX handlers is a critical oversight, making it susceptible to CSRF attacks. The code also shows a concerning 45% of output escaping, meaning nearly half of the output points are not properly sanitized, increasing the risk of XSS vulnerabilities.
Key Concerns
- AJAX handlers without authentication checks
- Taint flows with unsanitized paths
- Missing nonce checks on AJAX handlers
- Insufficient output escaping
GRIT Taxonomy Filter Security Vulnerabilities
GRIT Taxonomy Filter Release Timeline
GRIT Taxonomy Filter Code Analysis
Output Escaping
Data Flow Analysis
GRIT Taxonomy Filter Attack Surface
AJAX Handlers 2
Shortcodes 2
WordPress Hooks 8
Maintenance & Trust
GRIT Taxonomy Filter Maintenance & Trust
Maintenance Signals
Community Trust
GRIT Taxonomy Filter Alternatives
Category AJAX Filter – Advanced Filter for Posts & Custom Post Types
category-ajax-filter
Filter WordPress posts and custom post types by categories, tags, and taxonomies with AJAX-powered filtering — no page reload required.
Advanced AJAX Product Filters
woocommerce-ajax-filters
Fast and flexible AJAX product filters for WooCommerce. Filter by categories, attributes, price, tags, rating, and more. No page reloads.
Blog Filter Post Filtering
blog-filter
Blog Filter helps users display posts in filterable grid and masonry layouts. Organize content by categories or tags with customizable designs.
Admin Taxonomy Filter
admin-taxonomy-filter
Filter posts or custom post types in the admin area by custom taxonomies.
Post grid and filter ultimate
post-grid-and-filter-ultimate
A quick, easy way to display WordPress post in grid view and post grid with filter. Also work with Gutenberg shortcode block.
GRIT Taxonomy Filter Developer Profile
2 plugins · 80 total installs
How We Detect GRIT Taxonomy Filter
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/grit-taxonomy-filter/css/grit-taxonomy-filter-admin.css/wp-content/plugins/grit-taxonomy-filter/js/grit-taxonomy-filter-admin.js/wp-content/plugins/grit-taxonomy-filter/js/grit-taxonomy-filter-admin.jsgrit-taxonomy-filter/css/grit-taxonomy-filter-admin.css?ver=grit-taxonomy-filter/js/grit-taxonomy-filter-admin.js?ver=HTML / DOM Fingerprints
grit-taxonomy-filter-admin-cssThis function is provided for demonstration purposes only.An instance of this class should be passed to the run() functiondefined in Plugin_Name_Loader as all of the hooks are definedin that particular class.+3 moredata-plugin-name="grit-taxonomy-filter"grit_taxonomy_filter_admin_params