Does Posts Footer Manager have any unpatched vulnerabilities?

Yes — Posts Footer Manager currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Posts Footer Manager compatible with WordPress 6.7.5?

According to WordPress.org data, Posts Footer Manager 2.2.0 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Posts Footer Manager compatible with PHP 7.3+?

Posts Footer Manager requires PHP 7.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Posts Footer Manager updated?

Posts Footer Manager was last updated on Jan 15, 2025. Frequent updates are generally a positive security signal.

What is Posts Footer Manager's security score?

Posts Footer Manager has a WP-Safety security score of 69/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Posts Footer Manager Security & Risk Analysis

wordpress.org/plugins/intelly-posts-footer-manager

Clean the mess after your content! Organize your post's footer, insert what you want, order elements, create groups for specific categories.

20 active installs v2.2.0 PHP 7.3+ WP 2.7+ Updated Jan 15, 2025

after-contentcall-to-actioncontent-in-post-footerpage-footerpost-footer

C · Use Caution

CVEs total2

Unpatched1

Last CVEApr 4, 2025

Plugin page Download

Safety Verdict

Is Posts Footer Manager Safe to Use in 2026?

Use With Caution

Score 69/100

Posts Footer Manager has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

2 known CVEs 1 unpatched Last CVE: Apr 4, 2025Updated 1yr ago

Risk Assessment

The "intelly-posts-footer-manager" v2.2.0 plugin presents a mixed security posture. While it demonstrates good practices by utilizing prepared statements for a high percentage of its SQL queries and performing a reasonable number of output escapes, several significant concerns emerge from the static analysis and vulnerability history. The presence of an unprotected AJAX handler significantly increases the attack surface, potentially allowing unauthenticated users to trigger malicious actions. The lack of comprehensive capability checks is also a notable weakness, leaving functionalities vulnerable to unauthorized access. Furthermore, the plugin's vulnerability history, with two known CVEs, one of which remains unpatched and is of medium severity, indicates a recurring pattern of security flaws. The common vulnerability type being Cross-site Scripting suggests that user-supplied input is not always adequately sanitized, creating opportunities for attackers to inject malicious scripts.

Key Concerns

Unpatched Medium Severity CVE
AJAX handler without auth checks
Zero capability checks
Only 41% of outputs properly escaped
Bundled library (Select2)

Vulnerabilities

Posts Footer Manager Security Vulnerabilities

CVEs by Year

2 CVEs in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2025-32130medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Posts Footer Manager <= 2.2.0 - Authenticated (Administrator+) Stored Cross-Site Scripting

Apr 4, 2025Unpatched

CVE-2025-22734medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Posts Footer Manager <= 2.1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting

Jan 14, 2025 Patched in 2.2.0 (9d)

Code Analysis

Analyzed Mar 16, 2026

Posts Footer Manager Code Analysis

Dangerous Functions

Raw SQL Queries

24 prepared

Unescaped Output

137

95 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

92% prepared26 total queries

Output Escaping

41% escaped232 total outputs

Attack Surface

1 unprotected

Posts Footer Manager Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 1

authwp_ajax_IPFM_changeOrderincludes\classes\core\Manager.php:9

Shortcodes 1

[pfm] includes\core.php:42

WordPress Hooks 17

actionplugins_loadedincludes\classes\session\session.php:78

actionshutdownincludes\classes\session\session.php:109

actionipfm_session_garbage_collectionincludes\classes\session\session.php:152

actionwpincludes\classes\session\session.php:162

filterwp_enqueue_scriptsincludes\classes\ui\Tabs.php:8

actionadmin_menuincludes\classes\ui\Tabs.php:10

filterplugin_action_linksincludes\classes\ui\Tabs.php:11

actionadmin_enqueue_scriptsincludes\classes\ui\Tabs.php:13

filtercron_schedulesincludes\classes\utils\Cron.php:9

actionipfm_weekly_scheduled_eventsincludes\classes\utils\Tracking.php:6

filterwp_mail_content_typeincludes\classes\utils\Utils.php:2311

filterwp_headincludes\core.php:5

filterwp_footerincludes\core.php:10

filteradmin_footerincludes\core.php:18

filterthe_contentincludes\core.php:60

actionadmin_initincludes\install.php:50

actionadmin_noticesindex.php:21

Scheduled Events 1

ipfm_session_garbage_collection

Maintenance & Trust

Posts Footer Manager Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 15, 2025

PHP min version7.3

Downloads5K

Community Trust

Rating60/100

Number of ratings1

Active installs20

Alternatives

Posts Footer Manager Alternatives

dpaBottomofPostPage

dpabottomofpostpage

This plugin can add several messages or adverts to the bottom of every WordPress post and page and now messages can be shown in in Home, Category &amp …

30 No CVEs

Boxzilla – Pop-Ups for WordPress

boxzilla

100

Flexible pop-ups or slide-ins, showing up at just the right time.

20K No CVEs

Icegram Engage – Popups, Optins, CTAs & lot more…

icegram

Create popups, opt-in forms, and call-to-action messages to capture leads and engage visitors on your WordPress site.

20K 18 CVEs

Mobile Contact Bar

mobile-contact-bar

Allow your visitors to contact you via mobile phones, or access your site's pages instantly.

10K 1 CVE

Simple Side Tab

simple-side-tab

Display a side tab that you can easily link to any page. Customize the tab text, font and colors. It's that simple. That's Simple Side Tab.

10K 1 CVE

Developer Profile

Posts Footer Manager Developer Profile

Data443 Risk Mitigation, Inc.

10 plugins · 213K total installs

trust score

Avg Security Score

84/100

Avg Patch Time

411 days

View full developer profile

Detection Fingerprints

How We Detect Posts Footer Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/intelly-posts-footer-manager/assets/css/theme.css/wp-content/plugins/intelly-posts-footer-manager/assets/css/admin-forms.css/wp-content/plugins/intelly-posts-footer-manager/assets/css/all-themes.css/wp-content/plugins/intelly-posts-footer-manager/assets/deps/starrr/starrr.js/wp-content/plugins/intelly-posts-footer-manager/assets/deps/select2/css/core.css/wp-content/plugins/intelly-posts-footer-manager/assets/deps/select2/select2.min.js/wp-content/plugins/intelly-posts-footer-manager/assets/deps/qtip/jquery.qtip.min.js/wp-content/plugins/intelly-posts-footer-manager/assets/deps/magnific/magnific-popup.css+8 more

Script Paths

/wp-content/plugins/intelly-posts-footer-manager/assets/js/library.js/wp-content/plugins/intelly-posts-footer-manager/assets/deps/starrr/starrr.js/wp-content/plugins/intelly-posts-footer-manager/assets/deps/select2/select2.min.js/wp-content/plugins/intelly-posts-footer-manager/assets/deps/magnific/jquery.magnific-popup.js/wp-content/plugins/intelly-posts-footer-manager/assets/deps/datepicker/js/bootstrap-datetimepicker.js/wp-content/plugins/intelly-posts-footer-manager/assets/deps/colorpicker/js/bootstrap-colorpicker.min.js+3 more

Version Parameters

/wp-content/plugins/intelly-posts-footer-manager/assets/css/theme.css?v=/wp-content/plugins/intelly-posts-footer-manager/assets/css/admin-forms.css?v=/wp-content/plugins/intelly-posts-footer-manager/assets/css/all-themes.css?v=/wp-content/plugins/intelly-posts-footer-manager/assets/deps/starrr/starrr.js?v=/wp-content/plugins/intelly-posts-footer-manager/assets/deps/select2/css/core.css?v=/wp-content/plugins/intelly-posts-footer-manager/assets/deps/select2/select2.min.js?v=/wp-content/plugins/intelly-posts-footer-manager/assets/deps/qtip/jquery.qtip.min.js?v=/wp-content/plugins/intelly-posts-footer-manager/assets/deps/magnific/magnific-popup.css?v=/wp-content/plugins/intelly-posts-footer-manager/assets/deps/magnific/jquery.magnific-popup.js?v=/wp-content/plugins/intelly-posts-footer-manager/assets/deps/datepicker/css/bootstrap-datetimepicker.css?v=/wp-content/plugins/intelly-posts-footer-manager/assets/deps/datepicker/js/bootstrap-datetimepicker.js?v=/wp-content/plugins/intelly-posts-footer-manager/assets/deps/colorpicker/css/bootstrap-colorpicker.min.css?v=/wp-content/plugins/intelly-posts-footer-manager/assets/deps/colorpicker/js/bootstrap-colorpicker.min.js?v=/wp-content/plugins/intelly-posts-footer-manager/assets/js/utility.js?v=/wp-content/plugins/intelly-posts-footer-manager/assets/js/library.js?v=/wp-content/plugins/intelly-posts-footer-manager/assets/js/plugin.js?v=

HTML / DOM Fingerprints

CSS Classes

iwp

FAQ