Does Guest User have any unpatched vulnerabilities?

No. All known vulnerabilities in Guest User have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Guest User compatible with WordPress 5.9.13?

According to WordPress.org data, Guest User 1.0.0 has been tested up to WordPress 5.9.13. Check the plugin's changelog for the latest compatibility information.

Is Guest User compatible with PHP 7.4+?

Guest User requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Guest User updated?

Guest User was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Guest User's security score?

Guest User has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Guest User Security & Risk Analysis

wordpress.org/plugins/guest-user

Label users as guest so they cant sign in to your system but you can use them as authors for posts.

0 active installs v1.0.0 PHP 7.4+ WP 5.0+ Updated Unknown

authorssecurityuser

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Guest User Safe to Use in 2026?

Generally Safe

Score 100/100

Guest User has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The guest-user plugin v1.0.0 exhibits a strong security posture based on the provided static analysis. There are no identified dangerous functions, all SQL queries utilize prepared statements, and output is properly escaped. The absence of file operations, external HTTP requests, and the presence of a capability check are all positive indicators. The attack surface is also zero, with no AJAX handlers, REST API routes, shortcodes, or cron events exposed, meaning there are no direct entry points for attackers to exploit. Taint analysis also shows no concerning flows.

The plugin's vulnerability history is clean, with no known CVEs recorded. This lack of past vulnerabilities, coupled with the robust static analysis findings, suggests a well-coded and securely developed plugin. However, the complete absence of nonce checks across all potential (though nonexistent in this case) entry points could be a concern in plugins with a larger attack surface. In this specific instance, given the zero attack surface, the lack of nonce checks is not a direct risk but is a point to monitor if the plugin evolves to include more interactive elements.

Overall, guest-user v1.0.0 appears to be a secure plugin. Its strengths lie in its limited attack surface and adherence to secure coding practices like prepared statements and output escaping. The lack of any identified vulnerabilities or exploitable code patterns is highly reassuring. The only minor point for consideration is the absence of nonce checks, which is mitigated by the plugin's current design.

Vulnerabilities

None known

Guest User Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Guest User Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Guest User Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionuser_new_formclasses\AdminView.php:10

actionuser_registerclasses\AdminView.php:11

actionedit_user_profileclasses\AdminView.php:13

actionedit_user_profile_updateclasses\AdminView.php:14

actioninitclasses\Components\Plugin.php:78

filterauthenticateclasses\Security.php:12

Maintenance & Trust

Guest User Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13

Last updatedUnknown

PHP min version7.4

Downloads795

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Guest User Alternatives

User Role Editor

user-role-editor

User Role Editor WordPress plugin makes user roles and capabilities changing easy. Edit/add/delete WordPress user roles and capabilities.

700K 2 CVEs

Activity Log – Monitor & Record User Changes

aryo-activity-log

This top rated Activity Log plugin helps you monitor & log all changes and actions on your WordPress site, so you can remain secure and organized.

200K 9 CVEs

Advanced Access Manager – Access Governance for WordPress

advanced-access-manager

Access Governance for WordPress. Control roles, users, content, admin areas, and APIs to prevent broken access controls and excessive privileges.

100K 11 CVEs

Stop User Enumeration

stop-user-enumeration

Helps secure your site against hacking attacks through detecting User Enumeration

50K 6 CVEs

WPFront User Role Editor

wpfront-user-role-editor

Easily allows you to manage WordPress user roles. You can create, edit, delete and manage capabilities, also copy existing roles.

30K 5 CVEs

Developer Profile

Guest User Developer Profile

EdwardBock

22 plugins · 2K total installs

trust score

Avg Security Score

90/100

Avg Patch Time

107 days

View full developer profile

Detection Fingerprints

How We Detect Guest User

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/guest-user/vendor/components/vue-select/dist/vue-select.css/wp-content/plugins/guest-user/vendor/components/vue-select/dist/vue-select.min.js/wp-content/plugins/guest-user/vendor/components/vue-multiselect/dist/vue-multiselect.min.css/wp-content/plugins/guest-user/vendor/components/vue-multiselect/dist/vue-multiselect.min.js/wp-content/plugins/guest-user/assets/css/admin.css/wp-content/plugins/guest-user/assets/js/admin.js

HTML / DOM Fingerprints

CSS Classes

vue-selectvue-multiselect

Data Attributes

data-guest-user-admin-options

JS Globals

VueVueSelectVueMultiselect

FAQ