Does MIF BP Customizer have any unpatched vulnerabilities?

No. All known vulnerabilities in MIF BP Customizer have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is MIF BP Customizer compatible with WordPress 4.9.29?

According to WordPress.org data, MIF BP Customizer 1.0.0 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is MIF BP Customizer updated?

MIF BP Customizer was last updated on Unknown. Frequent updates are generally a positive security signal.

What is MIF BP Customizer's security score?

MIF BP Customizer has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

MIF BP Customizer Security & Risk Analysis

wordpress.org/plugins/mif-bp-customizer

Buddypress features extension plugin for creation of social network site.

10 active installs v1.0.0 PHP + WP 4.8+ Updated Unknown

buddypresslikeprivate-profilerepostsocial-network

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is MIF BP Customizer Safe to Use in 2026?

Generally Safe

Score 100/100

MIF BP Customizer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "mif-bp-customizer" v1.0.0 plugin presents a mixed security posture. On the positive side, it boasts a clean vulnerability history with no known CVEs and a high percentage of SQL queries utilizing prepared statements, indicating good practices in data handling. The presence of numerous nonce and capability checks also suggests an effort towards securing its functionality. However, significant concerns arise from the static analysis. The plugin exposes a substantial attack surface of 47 AJAX handlers, with one handler lacking any authentication checks. This unprotected entry point is a critical vulnerability waiting to be exploited. Furthermore, the use of the `unserialize` function without explicit sanitization, combined with a high percentage of improperly escaped output (81%), creates a substantial risk of cross-site scripting (XSS) and deserialization vulnerabilities, especially when combined with unsanitized paths identified in the taint analysis.

Key Concerns

AJAX handler without authentication
Unsanitized output (81% unescaped)
Dangerous function 'unserialize' used
Unsanitized paths in taint analysis

Vulnerabilities

None known

MIF BP Customizer Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

MIF BP Customizer Code Analysis

Dangerous Functions

Raw SQL Queries

84 prepared

Unescaped Output

152

36 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$likes_ids = implode( ',', array_keys( unserialize( $item['meta_value'] ) ) );inc\like-button.php:555

SQL Query Safety

94% prepared89 total queries

Output Escaping

19% escaped188 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

25 flows2 with unsanitized paths

repost_form (inc\repost-button.php:159)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

MIF BP Customizer Attack Surface

Entry Points47

Unprotected1

AJAX Handlers 47

authwp_ajax_members-page-add-remove-buttonclasses\members-page.php:57

authwp_ajax_favorite-button-pressinc\activity-button-customize.php:36

authwp_ajax_remove-button-pressinc\activity-button-customize.php:40

authwp_ajax_disable-activity-type-buttoninc\activity-exclude.php:47

authwp_ajax_banned-user-buttoninc\banned-users.php:49

authwp_ajax_mif-bpc-dialogues-thread-items-moreinc\dialogues\dialogues-ajax.php:21

authwp_ajax_mif-bpc-dialogues-thread-searchinc\dialogues\dialogues-ajax.php:22

authwp_ajax_mif-bpc-dialogues-member-items-moreinc\dialogues\dialogues-ajax.php:23

authwp_ajax_mif-bpc-dialogues-member-searchinc\dialogues\dialogues-ajax.php:24

authwp_ajax_mif-bpc-dialogues-messagesinc\dialogues\dialogues-ajax.php:25

authwp_ajax_mif-bpc-dialogues-messages-items-moreinc\dialogues\dialogues-ajax.php:26

authwp_ajax_mif-bpc-dialogues-messages-sendinc\dialogues\dialogues-ajax.php:27

authwp_ajax_mif-bpc-dialogues-write-notificationinc\dialogues\dialogues-ajax.php:28

authwp_ajax_mif-bpc-dialogues-compose-sendinc\dialogues\dialogues-ajax.php:29

authwp_ajax_mif-bpc-dialogues-refreshinc\dialogues\dialogues-ajax.php:30

authwp_ajax_mif-bpc-dialogues-joininc\dialogues\dialogues-ajax.php:31

authwp_ajax_mif-bpc-dialogues-compose-forminc\dialogues\dialogues-ajax.php:32

authwp_ajax_mif-bpc-message-removeinc\dialogues\dialogues-ajax.php:33

authwp_ajax_mif-bpc-thread-remove-windowinc\dialogues\dialogues-ajax.php:34

authwp_ajax_mif-bpc-thread-removeinc\dialogues\dialogues-ajax.php:35

authwp_ajax_mif-bpc-docs-upload-files-activityinc\docs\docs-activity.php:25

authwp_ajax_mif-bpc-docs-upload-filesinc\docs\docs-ajax.php:21

authwp_ajax_mif-bpc-docs-network-link-filesinc\docs\docs-ajax.php:22

authwp_ajax_mif-bpc-docs-collection-showinc\docs\docs-ajax.php:23

authwp_ajax_mif-bpc-collection-reorderinc\docs\docs-ajax.php:24

authwp_ajax_mif-bpc-docs-new-folderinc\docs\docs-ajax.php:26

authwp_ajax_mif-bpc-docs-removeinc\docs\docs-ajax.php:27

authwp_ajax_mif-bpc-docs-folder-publisherinc\docs\docs-ajax.php:28

authwp_ajax_mif-bpc-docs-folder-statusbar-infoinc\docs\docs-ajax.php:29

authwp_ajax_mif-bpc-docs-folder-settingsinc\docs\docs-ajax.php:30

authwp_ajax_mif-bpc-docs-folder-settings-saveinc\docs\docs-ajax.php:31

authwp_ajax_mif-bpc-docs-doc-publisherinc\docs\docs-ajax.php:32

authwp_ajax_mif-bpc-docs-doc-settingsinc\docs\docs-ajax.php:33

authwp_ajax_mif-bpc-docs-doc-settings-saveinc\docs\docs-ajax.php:34

authwp_ajax_mif-bpc-docs-doc-statusbar-infoinc\docs\docs-ajax.php:35

authwp_ajax_mif-bpc-docs-doc-metainc\docs\docs-ajax.php:36

authwp_ajax_mif-bpc-docs-upload-files-dialoguesinc\docs\docs-dialogues.php:23

authwp_ajax_mif-bpc-friendship-actionsinc\followers.php:41

authwp_ajax_following-user-buttoninc\followers.php:51

authwp_ajax_like-button-pressinc\like-button.php:59

authwp_ajax_mif-bpc-notifications-load-moreinc\notifications.php:43

authwp_ajax_mif-bpc-notification-deleteinc\notifications.php:44

authwp_ajax_mif-bpc-notification-to-newinc\notifications.php:45

authwp_ajax_mif-bpc-notification-to-not-newinc\notifications.php:46

authwp_ajax_mif-bpc-notification-bulk-not-is-newinc\notifications.php:47

authwp_ajax_mif-bpc-notification-bulk-deleteinc\notifications.php:48

authwp_ajax_mif-bpc-float-notification-updateinc\notifications.php:49

WordPress Hooks 147

actionwp_print_scriptsclasses\members-page.php:55

actionbp_template_titleclasses\members-page.php:79

actionbp_template_contentclasses\members-page.php:80

actionbp_directory_members_actionsclasses\members-page.php:103

filterbp_ajax_querystringclasses\members-page.php:104

actionbp_directory_members_actionsclasses\members-page.php:109

actionbp_activity_entry_metainc\activity-button-customize.php:35

filtermif_bpc_activity_action_menuinc\activity-button-customize.php:39

actionwp_print_scriptsinc\activity-button-customize.php:43

filterwp_headinc\activity-button-customize.php:46

actionbp_activity_setup_navinc\activity-exclude.php:42

actionbp_initinc\activity-exclude.php:43

actionwp_print_scriptsinc\activity-exclude.php:46

filtermif_bpc_activity_action_menuinc\activity-exclude.php:49

actionbp_template_titleinc\activity-exclude.php:199

actionbp_template_contentinc\activity-exclude.php:200

actionbp_activity_setup_navinc\activity-stream.php:33

filterbp_activity_get_where_conditionsinc\activity-stream.php:34

actionbp_before_member_activity_post_forminc\activity-stream.php:35

actionbp_activity_entry_metainc\activity-stream.php:37

actionadmin_menuinc\banned-users-admin.php:17

actionbp_activity_setup_navinc\banned-users.php:45

actionbp_member_header_actionsinc\banned-users.php:47

actionwp_print_scriptsinc\banned-users.php:48

actionbp_get_add_friend_buttoninc\banned-users.php:51

filterbp_activity_can_commentinc\banned-users.php:52

filterbp_activity_can_comment_replyinc\banned-users.php:53

filterbp_get_friendship_requestsinc\banned-users.php:54

filterbp_use_legacy_activity_queryinc\banned-users.php:56

filterbp_activity_comments_user_join_filterinc\banned-users.php:57

filtermif_bpc_like_button_get_likesinc\banned-users.php:59

filtermif_bpc_like_button_like_buttoninc\banned-users.php:60

filtermif_bpc_repost_button_is_reposted_activityinc\banned-users.php:61

actionbp_initinc\custom-background.php:17

filterbody_classinc\custom-background.php:75

actionwp_headinc\custom-background.php:76

actionbp_setup_navinc\custom-background.php:77

actionbp_initinc\custom-background.php:78

actionbp_template_titleinc\custom-background.php:114

actionbp_template_contentinc\custom-background.php:115

actionwp_enqueue_scriptsinc\dialogues\dialogues-screen.php:26

actionbp_initinc\dialogues.php:31

actionbp_screensinc\dialogues.php:32

filtermessages_template_view_messageinc\dialogues.php:33

filterbp_get_total_unread_messages_countinc\dialogues.php:34

filterbp_get_send_private_message_linkinc\dialogues.php:35

filtermif_bpc_dialogues_message_item_messageinc\dialogues.php:38

filtermif_bpc_dialogues_message_item_messageinc\dialogues.php:39

filtermif_bpc_docs_dialogues_doc_accessinc\dialogues.php:48

actionbp_template_contentinc\dialogues.php:91

actionbp_template_contentinc\dialogues.php:140

actionbp_after_activity_post_forminc\docs\docs-activity.php:20

actionbp_after_activity_post_forminc\docs\docs-activity.php:21

filterbp_get_activity_content_bodyinc\docs\docs-activity.php:22

filterbp_get_activity_latest_update_excerptinc\docs\docs-activity.php:23

actionwp_enqueue_scriptsinc\docs\docs-ajax.php:38

actionmif_bpc_dialogues_get_messages_form_attachmentinc\docs\docs-dialogues.php:20

actionbp_initinc\docs\docs-group.php:14

actionbp_activity_setup_navinc\docs.php:29

actionbp_screensinc\docs.php:30

actionbp_initinc\docs.php:33

actionbp_initinc\docs.php:36

actionbefore_delete_postinc\docs.php:39

actionmif_bpc_get_attachments_datainc\docs.php:42

actionbp_template_contentinc\docs.php:132

actionbp_initinc\edit-group-slug.php:14

filtermif_bpc_activity_stream_friendsinc\followers.php:29

actionbp_activity_setup_navinc\followers.php:32

actionbp_activity_setup_navinc\followers.php:33

actionbp_initinc\followers.php:35

actionbp_get_add_friend_buttoninc\followers.php:38

actionwp_print_scriptsinc\followers.php:39

actionbp_directory_members_actionsinc\followers.php:42

actionfriends_friendship_post_deleteinc\followers.php:45

actionfriends_friendship_acceptedinc\followers.php:46

filterbp_get_friend_reject_request_linkinc\followers.php:47

filtermif_bpc_banned_user_buttoninc\followers.php:50

filterbp_friends_single_friendship_request_notificationinc\followers.php:54

filterbp_friends_multiple_friendship_request_notificationinc\followers.php:55

actionbp_template_contentinc\followers.php:543

filterbp_ajax_querystringinc\followers.php:552

filterbp_is_current_componentinc\followers.php:571

actionbp_initinc\group-tags.php:12

actionbp_before_directory_groups_contentinc\group-tags.php:32

actioninitinc\group-tags.php:33

filtergroups_forbidden_namesinc\group-tags.php:35

actionwidgets_initinc\groups-widget.php:13

actionbp_activity_entry_metainc\like-button.php:57

actionwp_print_scriptsinc\like-button.php:58

actionwidgets_initinc\members-widget.php:13

filterbp_is_current_componentinc\members-widget.php:95

actionpre_user_queryinc\members-widget.php:140

actionbp_activity_setup_navinc\notifications.php:38

actionbp_initinc\notifications.php:39

actionwp_print_scriptsinc\notifications.php:42

filterbp_notifications_get_where_conditionsinc\notifications.php:52

actionbp_notification_before_updateinc\notifications.php:54

actionbp_notification_before_deleteinc\notifications.php:55

actionwp_footerinc\notifications.php:57

actionbp_template_contentinc\notifications.php:310

actionwpinc\profile-as-homepage.php:13

actionwp_logoutinc\profile-as-homepage.php:29

actionbp_activity_setup_navinc\profile-privacy.php:79

actionbp_initinc\profile-privacy.php:80

filterbp_get_template_partinc\profile-privacy.php:83

actionbp_before_member_home_contentinc\profile-privacy.php:84

actionbp_get_activity_latest_updateinc\profile-privacy.php:85

actionbp_before_member_headerinc\profile-privacy.php:88

actionbp_before_member_header_metainc\profile-privacy.php:89

actionbody_classinc\profile-privacy.php:90

filterbp_activity_template_my_activityinc\profile-privacy.php:93

actionbp_before_members_loopinc\profile-privacy.php:96

actionbp_after_members_loopinc\profile-privacy.php:97

filterbp_core_get_active_member_countinc\profile-privacy.php:98

actionbp_core_activated_userinc\profile-privacy.php:99

actionbp_core_process_spammer_statusinc\profile-privacy.php:100

actionbp_core_deleted_accountinc\profile-privacy.php:101

actionbp_first_activity_for_memberinc\profile-privacy.php:102

actiondeleted_userinc\profile-privacy.php:103

actionbp_core_activated_userinc\profile-privacy.php:114

filterbp_core_fetch_avatarinc\profile-privacy.php:284

filterbp_user_query_uid_clausesinc\profile-privacy.php:371

actionbp_template_titleinc\profile-privacy.php:443

actionbp_template_contentinc\profile-privacy.php:444

actionbp_activity_entry_metainc\repost-button.php:47

actionbp_activity_post_form_optionsinc\repost-button.php:50

filterbody_classinc\repost-button.php:51

actionwp_print_scriptsinc\repost-button.php:54

filterbp_activity_custom_updateinc\repost-button.php:55

filterbp_get_activity_content_bodyinc\repost-button.php:58

filterbp_get_activity_secondary_avatarinc\repost-button.php:59

filterbp_get_activity_secondary_avatar_item_idinc\repost-button.php:62

filterbp_get_activity_secondary_avatar_object_groupsinc\repost-button.php:63

filterbp_get_activity_secondary_avatar_object_blogsinc\repost-button.php:64

filterbp_get_activity_secondary_avatar_object_friendsinc\repost-button.php:65

actionadmin_menuinc\settings-page-admin.php:16

actionbp_notification_before_updateinc\websocket.php:69

actionbp_notification_before_deleteinc\websocket.php:70

actionbp_notification_before_saveinc\websocket.php:71

actionmif_bpc_dialogues_after_sendinc\websocket.php:75

actionmif_bpc_dialogues_write_notificationinc\websocket.php:76

actionwp_print_scriptsinc\websocket.php:80

actionwp_headinc\websocket.php:81

actionwp_enqueue_scriptsmif-bp-customizer.php:121

filterbp_get_template_stackmif-bp-customizer.php:139

actionbp_member_header_actionsmif-bp-customizer.php:166

actionbp_member_header_actionsmif-bp-customizer.php:171

Maintenance & Trust

MIF BP Customizer Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedUnknown

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

MIF BP Customizer Alternatives

NextScripts: Social Networks Auto-Poster

social-networks-auto-poster-facebook-twitter-g

Automatically publishes blogposts to profiles/pages/groups on Twitter, Google+, Pinterest, LinkedIn, Blogger, Tumblr ... 22 more

30K 2 unpatched

BuddyPress Edit Activity

buddypress-edit-activity

BuddyPress Edit Activity allows your members to edit their activity posts on the front-end of your BuddyPress-powered site.

900 No CVEs

BuddyPress Favorite Notification

bp-favorite-notification

BuddyPress Favorite Notification adds a notification for BuddyPress activity.

200 No CVEs

Advanced XProfile Fields for BuddyPress

advanced-xprofile-fields-for-buddypress

Enhance your BuddyPress profile fields with Advanced XProfile Fields for BuddyPress. Manage fields labels, validation and show fields in admin.

100 No CVEs

Buddy Notification Bell

buddy-notification-bell

Buddy Notification Bell convert BuddyPress notification to BuddyPress Bell Notification. It shows all notification with bell alert and anywhere you wa …

100 No CVEs

Developer Profile

MIF BP Customizer Developer Profile

asergeev34

2 plugins · 10 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect MIF BP Customizer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mif-bp-customizer/mif-bpc-styles.css/wp-content/plugins/mif-bp-customizer/css/font-awesome.min.css/wp-content/plugins/mif-bp-customizer/js/members-page.js

Version Parameters

mif-bpc-stylesfont-awesome

HTML / DOM Fingerprints

CSS Classes

mif-bp-customizer

Data Attributes

data-members-page-submitdata-members-page-add-remove

JS Globals

mif_bpc_members_page_vars

FAQ