WP-Safety

Lotos Author Fields Security & Risk Analysis

wordpress.org/plugins/lotos-author-fields

This plugin adds additional fields in user info.

10 active installs v1.9 PHP 5.2+ WP 4.2+ Updated Jun 29, 2024
adminprofileuser
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Lotos Author Fields Safe to Use in 2026?

Generally Safe

Score 92/100

Lotos Author Fields has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

Based on the provided static analysis and vulnerability history, the "lotos-author-fields" plugin v1.9 exhibits a strong security posture. The static analysis reveals no identified attack vectors such as unprotected AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, the code shows excellent adherence to secure coding practices, with no dangerous functions, file operations, or external HTTP requests. All SQL queries utilize prepared statements, and all output is properly escaped, indicating a low risk of common injection and cross-site scripting vulnerabilities. The absence of any recorded vulnerabilities, including critical or high-severity ones, reinforces this positive assessment. This suggests that the developers have prioritized security and implemented robust defenses within the plugin. The lack of any identified taint flows further supports the conclusion that the plugin is well-secured against potential data manipulation attacks.

Vulnerabilities
None known

Lotos Author Fields Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Lotos Author Fields Release Timeline

v4.4
Code Analysis
Analyzed Apr 16, 2026

Lotos Author Fields Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0
Attack Surface

Lotos Author Fields Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 1
filteruser_contactmethodslotos-author-fields.php:28
Maintenance & Trust

Lotos Author Fields Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8
Last updatedJun 29, 2024
PHP min version5.2
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Lotos Author Fields Alternatives

User Role Switcher

User Role Switcher

wp-user-role-switcher

A
92

Instant switching between user roles in WordPress.

100 No CVEs
IWG Hide Dashboard

IWG Hide Dashboard

iwg-hide-dashboard

A
85

"Hide Dashboard" hides the dashboard for all users with the capability "hide_dashboard".

90 No CVEs
Tismy User Profile Upload

Tismy User Profile Upload

tismy-user-profile-upload

A
85

Upload your own user profile picture rather than falling back to the default or having your users create a Gravatar account.

40 No CVEs
User Register Date

User Register Date

user-register-date

A
100

Displays the registration date of users in WordPress on the user profile page and in the user list in the admin panel.

30 No CVEs
User Profile Fields Control

User Profile Fields Control

user-profile-dashboard-fields-control

A
100

The User Profile Fields Control plugin allows you to manage WordPress user profile fields with role-based customization.

20 No CVEs
Developer Profile

Lotos Author Fields Developer Profile

Excellent Dynamics

2 plugins · 210 total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Lotos Author Fields

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Version Parameters
lotos-author-fields/style.css?ver=1.9lotos-author-fields/js/main.js?ver=1.9

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Lotos Author Fields