Does MB Comment Meta have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is MB Comment Meta compatible with WordPress 6.6.5?

According to WordPress.org data, MB Comment Meta 1.0.2 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

How often is MB Comment Meta updated?

MB Comment Meta was last updated on Feb 14, 2025. Frequent updates are generally a positive security signal.

What is MB Comment Meta's security score?

MB Comment Meta has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

MB Comment Meta Security & Risk Analysis

wordpress.org/plugins/mb-comment-meta

Add custom fields for comments. Support 40+ field types with easy config.

40 active installs v1.0.2 PHP + WP 4.3+ Updated Feb 14, 2025

commentcomment-custom-fieldscomment-metacommentscustom-fields

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is MB Comment Meta Safe to Use in 2026?

Generally Safe

Score 92/100

MB Comment Meta has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "mb-comment-meta" plugin v1.0.2 demonstrates an excellent security posture based on the provided static analysis. It boasts zero attack surface points, meaning no AJAX handlers, REST API routes, shortcodes, or cron events are exposed. Crucially, all discovered SQL queries utilize prepared statements, and all output is properly escaped, eliminating common vulnerabilities like SQL injection and cross-site scripting. The complete absence of dangerous functions, file operations, and external HTTP requests further strengthens its security. Taint analysis yielding no critical or high severity flows is also a very positive indicator. The plugin's vulnerability history is clean, with no recorded CVEs, which suggests a consistent focus on secure development practices. While the lack of nonces and capability checks on potential entry points might be a concern in a more complex plugin, the fact that there are no discernible entry points in this instance mitigates this risk significantly. The plugin's strengths lie in its minimal attack surface and robust code hygiene.

Key Concerns

No Nonce Checks
No Capability Checks

Vulnerabilities

None known

MB Comment Meta Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

MB Comment Meta Release Timeline

v1.0.2Current

v1.0.1

v1.0

Code Analysis

Analyzed Mar 16, 2026

MB Comment Meta Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped1 total outputs

Attack Surface

MB Comment Meta Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionadd_meta_boxes_commentinc\class-mb-comment-meta-box.php:26

actionedit_commentinc\class-mb-comment-meta-box.php:27

filterrwmb_meta_box_class_nameinc\class-mb-comment-meta-loader.php:18

filterrwmb_meta_typeinc\class-mb-comment-meta-loader.php:19

actioninitmb-comment-meta.php:22

Maintenance & Trust

MB Comment Meta Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedFeb 14, 2025

PHP min version

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs40

Alternatives

MB Comment Meta Alternatives

Comments Extra Fields For Post,Pages and CPT

wp-comment-fields

This plugin allow admin to add extra fields in comment area. These fields are saved as comment meta and is displayed under comment text.

600 3 CVEs

JSM Show Comment Metadata

jsm-show-comment-meta

100

Show comment metadata in a metabox when editing comments - a great tool for debugging issues with comment metadata.

50 No CVEs

Comment Meta Display

comment-meta-display

View comment meta beneath the comment on the admin edit screen.

30 No CVEs

CIO Multimedia Comments

multimedia-comments

Upload media files to comments, add custom fields, interact with readers. Conditional display by page or post, access control by field group*.

10 No CVEs

WP Private Comment Notes

wp-private-comment-notes

Add private notes to WordPress comments with an option to email the original commenter.

10 No CVEs

Developer Profile

MB Comment Meta Developer Profile

Anh Tran

18 plugins · 84K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

76 days

View full developer profile

Detection Fingerprints

How We Detect MB Comment Meta

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mb-comment-meta/inc/class-mb-comment-meta-box.php/wp-content/plugins/mb-comment-meta/inc/class-mb-comment-meta-loader.php/wp-content/plugins/mb-comment-meta/inc/class-rwmb-comment-storage.php

HTML / DOM Fingerprints

FAQ