WP-Safety

Menu Optimizer Security & Risk Analysis

wordpress.org/plugins/menu-optimizer

Boost site speed with static menu caching. Lazy-load submenus to keep DOM size under 1,500 nodes for better Core Web Vitals.

0 active installs v1.0 PHP 7.4+ WP 5.8+ Updated Nov 1, 2025
cachemenuoptimizationperformancespeed
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Menu Optimizer Safe to Use in 2026?

Generally Safe

Score 100/100

Menu Optimizer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The "menu-optimizer" v1.0 plugin demonstrates a strong security posture based on the provided static analysis. The absence of any identified dangerous functions, raw SQL queries, or critical/high severity taint flows is highly encouraging. The plugin also implements a commendable level of output escaping, with 94% of outputs properly handled, and utilizes nonce and capability checks appropriately for its detected entry points. The vulnerability history is equally positive, with no recorded CVEs, suggesting a well-maintained and secure development process.

Despite the overwhelmingly positive indicators, the presence of file operations (5 instances) without further context on their nature warrants a minor note of caution. While not explicitly flagged as insecure, file operations can sometimes introduce vulnerabilities if not meticulously handled with proper sanitization and validation, especially concerning paths. However, the absence of unsanitized paths in the taint analysis mitigates this concern significantly.

In conclusion, "menu-optimizer" v1.0 appears to be a securely developed plugin. Its adherence to prepared statements, robust output escaping, and absence of historical vulnerabilities are significant strengths. The low attack surface and the secure handling of detected entry points further bolster its security. While file operations are present, the taint analysis suggests they are not exploitable in this version.

Key Concerns

  • File operations present
Vulnerabilities
None known

Menu Optimizer Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Menu Optimizer Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
6
96 escaped
Nonce Checks
1
Capability Checks
2
File Operations
5
External Requests
0
Bundled Libraries
0

Output Escaping

94% escaped102 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
render_admin_page (includes\class-ommo-admin-page.php:76)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Menu Optimizer Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[menu_optimizer] includes\class-ommo-shortcodes.php:25
WordPress Hooks 5
actionadmin_menuincludes\class-ommo-admin-page.php:25
actionadmin_initincludes\class-ommo-admin-page.php:26
actionadmin_post_ommo_regenerate_menuincludes\class-ommo-admin-page.php:27
actionwp_enqueue_scriptsmenu-optimizer.php:100
actionplugins_loadedmenu-optimizer.php:102
Maintenance & Trust

Menu Optimizer Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedNov 1, 2025
PHP min version7.4
Downloads156

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Menu Optimizer Alternatives

LWS Optimize – All-in-One Speed Booster & Cache Tools

LWS Optimize – All-in-One Speed Booster & Cache Tools

lws-optimize

A
99

All-in-one speed optimization: caching, WebP/AVIF, Critical CSS, lazy loading, CDN, and more. Instantly boost Core Web Vitals and site speed!

10K 2 CVEs
WP Compress – Instant Performance & Speed Optimization

WP Compress – Instant Performance & Speed Optimization

wp-compress-image-optimizer

B
82

Everything you need for a faster website – smart optimization, advanced caching, adaptive images, WebP creation, script improvements, optional CDN del …

10K 13 CVEs
Zero Config Performance Optimization

Zero Config Performance Optimization

wpo-tweaks

A
100

Advanced performance optimizations for WordPress. Improves speed, reduces server resources and optimizes PageSpeed.

2K No CVEs
Core Web Vitals & PageSpeed Booster

Core Web Vitals & PageSpeed Booster

core-web-vitals-pagespeed-booster

B
76

Core Web Vitals (CWV) is the new ranking factor

1K 1 unpatched
GoCache

GoCache

gocache-cdn

B
70

Acelere seu site e reduza seus custos com cloud.

1K 1 unpatched
Developer Profile

Menu Optimizer Developer Profile

Oxford Metadata Ltd

2 plugins · 30 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Menu Optimizer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/menu-optimizer/assets/css/menu-optimizer.css/wp-content/plugins/menu-optimizer/assets/js/menu-optimizer.js
Script Paths
/wp-content/plugins/menu-optimizer/assets/js/menu-optimizer.js
Version Parameters
menu-optimizer/assets/css/menu-optimizer.css?ver=menu-optimizer/assets/js/menu-optimizer.js?ver=

HTML / DOM Fingerprints

CSS Classes
ommo-menu-wrapommo-safe-containerommo-horizontalommo-vertical
HTML Comments
<!-- Menu Optimizer: No menu ID specified. Use [menu_optimizer id="MENU_ID"] --><!-- Menu Optimizer: Menu ID has not been generated yet. Please generate it in the admin panel. --><!-- Menu Optimizer: Menu file not found for Menu ID --><!-- Menu Optimizer: Error reading menu file -->
Data Attributes
data-ommo-menu-id
JS Globals
ommoConfig_
Shortcode Output
<div id="ommo-menu-wrap" class="ommo-menu-wrap"<div class="ommo-safe-container
FAQ

Frequently Asked Questions about Menu Optimizer