Does JSM Show User Metadata have any unpatched vulnerabilities?

No. All known vulnerabilities in JSM Show User Metadata have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is JSM Show User Metadata compatible with WordPress 6.9.4?

According to WordPress.org data, JSM Show User Metadata 4.8.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is JSM Show User Metadata compatible with PHP 7.4.33+?

JSM Show User Metadata requires PHP 7.4.33 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is JSM Show User Metadata updated?

JSM Show User Metadata was last updated on Mar 11, 2026. Frequent updates are generally a positive security signal.

What is JSM Show User Metadata's security score?

JSM Show User Metadata has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

JSM Show User Metadata Security & Risk Analysis

wordpress.org/plugins/jsm-show-user-meta

Show user metadata in a metabox when editing users - a great tool for debugging issues with user metadata.

3K active installs v4.8.0 PHP 7.4.33+ WP 6.0+ Updated Mar 11, 2026

custom-fieldsinspectormetadataprofileusers

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is JSM Show User Metadata Safe to Use in 2026?

Generally Safe

Score 100/100

JSM Show User Metadata has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 23d ago

Risk Assessment

The static analysis of jsm-show-user-meta v4.8.0 indicates a strong security posture based on the provided metrics. There are no identified AJAX handlers, REST API routes, shortcodes, or cron events that could serve as entry points for attackers. Furthermore, the code signals show a commendable absence of dangerous functions, raw SQL queries, unescaped output, file operations, external HTTP requests, and crucially, any checks for nonces or capabilities. The taint analysis also reveals no identified flows with unsanitized paths or any critical or high severity issues.

The vulnerability history is equally positive, with no recorded CVEs, either historical or currently unpatched. This suggests a development team that is either highly proactive in preventing vulnerabilities or has not encountered any in the past. The lack of common vulnerability types reinforces this impression. Overall, jsm-show-user-meta v4.8.0 presents a very low risk profile due to its minimal attack surface, clean code signals, and unblemished vulnerability history. The absence of any identifiable security weaknesses in the provided static analysis and historical data is a significant strength.

Vulnerabilities

None known

JSM Show User Metadata Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

JSM Show User Metadata Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

JSM Show User Metadata Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actioninitjsm-show-user-meta.php:50

actioninitjsm-show-user-meta.php:51

Maintenance & Trust

JSM Show User Metadata Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 11, 2026

PHP min version7.4.33

Downloads96K

Community Trust

Rating100/100

Number of ratings2

Active installs3K

Alternatives

JSM Show User Metadata Alternatives

JSM Show Post Metadata

jsm-show-post-meta

Show post metadata (aka custom fields) in a metabox when editing posts / pages - a great tool for debugging issues with post metadata.

10K 1 CVE

JSM Show Order Metadata for WooCommerce HPOS

jsm-show-order-meta

100

Show WooCommerce order metadata in a metabox when editing HPOS orders - a great tool for debugging issues with HPOS order metadata.

700 No CVEs

JSM Show Comment Metadata

jsm-show-comment-meta

100

Show comment metadata in a metabox when editing comments - a great tool for debugging issues with comment metadata.

40 No CVEs

One User Avatar | User Profile Picture

one-user-avatar

Use any image from your WordPress Media Library as a custom user avatar or user profile picture. Add your own Default Avatar.

100K 2 CVEs

Simple Local Avatars

simple-local-avatars

Adds an avatar upload field to user profiles. Generates requested sizes on demand just like Gravatar!

100K 6 CVEs

Developer Profile

JSM Show User Metadata Developer Profile

JS Morisset

31 plugins · 33K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

12 days

View full developer profile

Detection Fingerprints

How We Detect JSM Show User Metadata

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/jsm-show-user-meta/assets/js/backend/jsm-show-user-meta.js/wp-content/plugins/jsm-show-user-meta/assets/css/backend/jsm-show-user-meta.css

Script Paths

/wp-content/plugins/jsm-show-user-meta/assets/js/backend/jsm-show-user-meta.js

Version Parameters

jsm-show-user-meta/assets/js/backend/jsm-show-user-meta.js?ver=jsm-show-user-meta/assets/css/backend/jsm-show-user-meta.css?ver=

HTML / DOM Fingerprints

CSS Classes

jsm-show-user-meta-wrap

HTML Comments

JS Globals

JSM_SUM_DATA

FAQ