WP-Safety

HTML Page Sitemap Security & Risk Analysis

wordpress.org/plugins/html-sitemap

Adds an HTML (Not XML) sitemap of your pages (not posts) by entering the shortcode [html_sitemap], perfect for those who use WordPress as a CMS.

10K active installs v1.3.9 PHP 5.4+ WP 3.7+ Updated Feb 11, 2026
html-sitemappagepagesshortcodesitemap
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is HTML Page Sitemap Safe to Use in 2026?

Generally Safe

Score 100/100

HTML Page Sitemap has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "html-sitemap" plugin version 1.3.9 exhibits a generally strong security posture based on the provided static analysis. The absence of dangerous functions, SQL queries, file operations, and external HTTP requests are all positive indicators. Furthermore, the perfect score for output escaping and the lack of any recorded vulnerabilities in its history suggest a commitment to secure coding practices or, at the very least, a lack of previously discovered exploitable flaws. The plugin's attack surface is limited to three shortcodes, none of which are identified as unprotected, which is a good practice.

Key Concerns

  • Missing capability checks on entry points
  • Missing nonce checks on entry points
Vulnerabilities
None known

HTML Page Sitemap Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

HTML Page Sitemap Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
6 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped6 total outputs
Attack Surface

HTML Page Sitemap Attack Surface

Entry Points3
Unprotected0

Shortcodes 3

[html-sitemap] html-sitemap.php:136
[htmlsitemap] html-sitemap.php:137
[html_sitemap] html-sitemap.php:138
Maintenance & Trust

HTML Page Sitemap Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 11, 2026
PHP min version5.4
Downloads379K

Community Trust

Rating86/100
Number of ratings22
Active installs10K
Alternatives

HTML Page Sitemap Alternatives

WP Simple HTML Sitemap

WP Simple HTML Sitemap

wp-simple-html-sitemap

A
94

Using Simple HTML Sitemap plugin, you can add HTML Sitemap anywhere on the website using Shortcode.

2K 6 CVEs
WP Multilingual Sitemap

WP Multilingual Sitemap

wp-multilingual-sitemap

A
85

Allows creating complete multilingual sitemaps of your entire blog.

300 No CVEs
Simple Hierarchical Sitemap

Simple Hierarchical Sitemap

simple-hierarchical-sitemap

A
85

Simple Hierarchical Sitemap is the simple way to add an HTML sitemap to your wordpress blog...

100 No CVEs
Sitemap simple

Sitemap simple

sitemap-simple

A
85

This plugin will create a Sitemap for pages. Use the shortcode "[sitemap_simple]" to render the sitemap.

70 No CVEs
Customize Sitemap

Customize Sitemap

customize-sitemap

A
100

Customize sitemap Give you the real website sitemap features

10 No CVEs
Developer Profile

HTML Page Sitemap Developer Profile

Angelo Mandato

7 plugins · 10K total installs

85
trust score
Avg Security Score
87/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect HTML Page Sitemap

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output
<ul<ol type="</ul></ol>
FAQ

Frequently Asked Questions about HTML Page Sitemap