Does MemberPress Menu have any unpatched vulnerabilities?

No. All known vulnerabilities in MemberPress Menu have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is MemberPress Menu compatible with WordPress 5.0.25?

According to WordPress.org data, MemberPress Menu 1.0.0 has been tested up to WordPress 5.0.25. Check the plugin's changelog for the latest compatibility information.

Is MemberPress Menu compatible with PHP 7.0+?

MemberPress Menu requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is MemberPress Menu updated?

MemberPress Menu was last updated on Oct 21, 2018. Frequent updates are generally a positive security signal.

What is MemberPress Menu's security score?

MemberPress Menu has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

MemberPress Menu Security Review — Score 85/100 (safe)

Safety Verdict

Is MemberPress Menu Safe to Use in 2026?

Generally Safe

Score 85/100

MemberPress Menu has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The "igotweb-wp-mp-links" plugin v1.0.0 presents a mixed security posture. While the static analysis shows a zero attack surface in terms of accessible entry points like AJAX handlers, REST API routes, shortcodes, and cron events, this is offset by significant concerns within its code signals and taint analysis. The plugin uses dangerous functions such as `unserialize` and `passthru`, which are notorious for their potential to introduce vulnerabilities if not handled with extreme care. Furthermore, the SQL query is not prepared, and a concerning 74% of its output is not properly escaped, creating a substantial risk of cross-site scripting (XSS) and potentially SQL injection.

Key Concerns

Dangerous functions detected (unserialize, passthru)
SQL queries not using prepared statements
Low percentage of properly escaped output
Taint analysis shows unsanitized paths
No nonce checks implemented
No capability checks implemented

Vulnerabilities

None known

MemberPress Menu Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

MemberPress Menu Code Analysis

Dangerous Functions

4

Raw SQL Queries

1

0 prepared

Unescaped Output

51

18 escaped

Nonce Checks

0

Capability Checks

0

File Operations

31

External Requests

2

Bundled Libraries

0

Dangerous Functions Found

unserialize$unserializedObject = @unserialize($object);src\igotweb\fwk\model\manager\CookieManager.class.php:83

unserialize$unserializedObject = unserialize($object);src\igotweb\fwk\model\manager\SessionManager.class.php:121

passthrupassthru($command, $return);src\igotweb\fwk\utilities\DBUtils-mysql.class.php:280

passthrupassthru($command, $return);src\igotweb\fwk\utilities\DBUtils.class.php:336

SQL Query Safety

0% prepared1 total queries

Output Escaping

26% escaped69 total outputs

Data Flows

7 unsanitized

Data Flow Analysis

7 flows7 with unsanitized paths

dispatchToPage (src\igotweb\fwk\model\bean\Request.class.php:280)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

MemberPress Menu Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 16

actionadmin_enqueue_scriptssrc\igotweb\wp\plugin\Admin.php:41

actionmepr_menusrc\igotweb\wp\plugin\Admin.php:44

actionadmin_initsrc\igotweb\wp\plugin\Options.php:42

actionmepr_account_navsrc\igotweb\wp\plugin\Web.php:49

actionplugins_loadedsrc\igotweb\wp\Plugin.php:377

actionadmin_enqueue_scriptssrc\igotweb\wp\Plugin.php:393

actionadmin_noticessrc\igotweb\wp\utilities\ActivationUtils.php:55

actionadmin_initsrc\igotweb\wp\utilities\ActivationUtils.php:58

actioninitsrc\igotweb\wp\utilities\RewriteUtils.php:70

actiontemplate_redirectsrc\igotweb\wp\utilities\RewriteUtils.php:71

filterpre_set_site_transient_update_pluginssrc\igotweb\wp\utilities\UpdateUtils.php:48

filterplugins_apisrc\igotweb\wp\utilities\UpdateUtils.php:50

actionadmin_enqueue_scriptssrc\igotweb\wp\utilities\ViewsUtils.php:144

actionwp_enqueue_scriptssrc\igotweb\wp\utilities\ViewsUtils.php:145

actionadmin_footersrc\igotweb\wp\utilities\ViewsUtils.php:148

actionwp_footersrc\igotweb\wp\utilities\ViewsUtils.php:149

Maintenance & Trust

MemberPress Menu Maintenance & Trust

Maintenance Signals

WordPress version tested5.0.25

Last updatedOct 21, 2018

PHP min version7.0

Downloads14K

Community Trust

Rating76/100

Number of ratings5

Active installs400

Alternatives

MemberPress Menu Alternatives

Better Internal Link Search

better-internal-link-search

A

85

Improve the internal link popup manager with time-saving enhancements and features.

1K No CVEs

Floating Side Tab

floating-side-tab

A

100

Floating Side Tab lets you add customizable sticky tab menus on any page to showcase quick links, social icons, forms, or custom content.

500 No CVEs

Instant Breadcrumbs

instant-breadcrumbs

A

85

Instant Breadcrumbs adds a breadcrumb trail to your WordPress blog's primary navigation menu. No theme editing required!

300 No CVEs

Gou Manage My Account Menu – User Roles

gou-wc-account-tabs

A

99

Extension for WooCommerce to manage my account menus. Functionality to add/update/rename, show/hide, build multi-level menus.

100 1 CVE

BuddyMenu BuddyLinks

buddymenu-buddylinks

A

85

BuddyPress BuddyLinks does three things really well:

60 No CVEs

Developer Profile

MemberPress Menu Developer Profile

Nicolas Igot

1 plugin · 400 total installs

84

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect MemberPress Menu

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/igotweb-wp-mp-links/assets/css/admin.css/wp-content/plugins/igotweb-wp-mp-links/assets/js/admin.js

Script Paths

/wp-content/plugins/igotweb-wp-mp-links/assets/js/admin.js

Version Parameters

igotweb-wp-mp-links/assets/css/admin.css?ver=igotweb-wp-mp-links/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

igotweb-wp-mp-links-admin-wrapper

Data Attributes

data-plugin-slugdata-plugin-namedata-plugin-versiondata-plugin-uridata-plugin-authordata-plugin-description

JS Globals

igotweb_wp_mp_links_vars

Shortcode Output

[igotweb_mp_links_manager]

FAQ

MemberPress Menu Security & Risk Analysis