Does MintNFT Plugin have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is MintNFT Plugin compatible with WordPress 6.5.8?

According to WordPress.org data, MintNFT Plugin 1.1.0 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

Is MintNFT Plugin compatible with PHP 7.2+?

MintNFT Plugin requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is MintNFT Plugin updated?

MintNFT Plugin was last updated on Jul 5, 2024. Frequent updates are generally a positive security signal.

What is MintNFT Plugin's security score?

MintNFT Plugin has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

MintNFT Plugin Security & Risk Analysis

wordpress.org/plugins/mintnft

The “MintNFT Plugin” is a useful tool for those who want to mint their own NFTs without having to build an entire minting platform from scratch.

10 active installs v1.1.0 PHP 7.2+ WP 5.2+ Updated Jul 5, 2024

blockchaincryptoethereumipfsnft

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is MintNFT Plugin Safe to Use in 2026?

Generally Safe

Score 92/100

MintNFT Plugin has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The mintnft plugin v1.1.0 presents a significant security risk due to its extensive unprotected AJAX handlers. With 28 AJAX handlers and none of them implementing authentication checks, any unauthenticated user can potentially trigger these functions, leading to a large attack surface. While the static analysis found no critical or high severity taint flows and SQL queries utilize prepared statements, the lack of capability checks and nonce verification on these numerous entry points is a major concern. The plugin also shows external HTTP requests, which could be exploited if not handled carefully. The absence of any recorded vulnerability history is positive, suggesting good development practices in the past, but it does not mitigate the immediate risks identified in the current code analysis. The plugin's strengths lie in its use of prepared statements for SQL and a majority of properly escaped output. However, these are overshadowed by the critical exposure of its AJAX functionality. A recommendation for immediate remediation is to implement proper authentication and authorization checks on all AJAX handlers.

Key Concerns

28 unprotected AJAX handlers
0 nonce checks on AJAX handlers
1 capability check on 28 entry points
79% properly escaped output

Vulnerabilities

None known

MintNFT Plugin Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

MintNFT Plugin Release Timeline

No version history available.

Code Analysis

Analyzed Mar 17, 2026

MintNFT Plugin Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

140 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

jQuery

Output Escaping

79% escaped178 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths

updateActiovationStatus (MintNFT.php:1321)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

28 unprotected

MintNFT Plugin Attack Surface

Entry Points28

Unprotected28

AJAX Handlers 28

authwp_ajax_deleteContractDataMintNFT.php:694

noprivwp_ajax_deleteContractDataMintNFT.php:695

authwp_ajax_deploycontractMintNFT.php:741

noprivwp_ajax_deploycontractMintNFT.php:742

authwp_ajax_getChainIdDataMintNFT.php:828

noprivwp_ajax_getChainIdDataMintNFT.php:829

authwp_ajax_purchaseNFTMintNFT.php:880

noprivwp_ajax_purchaseNFTMintNFT.php:881

authwp_ajax_getTotalNFTsMintNFT.php:942

noprivwp_ajax_getTotalNFTsMintNFT.php:943

authwp_ajax_deploymentTransactionMintNFT.php:979

noprivwp_ajax_deploymentTransactionMintNFT.php:980

authwp_ajax_getDeploycontractMintNFT.php:1034

noprivwp_ajax_getDeploycontractMintNFT.php:1035

authwp_ajax_updateDeploymentTransactionMintNFT.php:1123

noprivwp_ajax_updateDeploymentTransactionMintNFT.php:1124

authwp_ajax_updateMetadataMintNFT.php:1178

noprivwp_ajax_updateMetadataMintNFT.php:1179

authwp_ajax_onloadUpdateMetadataMintNFT.php:1230

noprivwp_ajax_onloadUpdateMetadataMintNFT.php:1231

authwp_ajax_updateActiovationStatusMintNFT.php:1392

noprivwp_ajax_updateActiovationStatusMintNFT.php:1393

authwp_ajax_activation_APIMintNFT.php:1677

noprivwp_ajax_activation_APIMintNFT.php:1678

authwp_ajax_mintGetNetworksMintNFT.php:1681

noprivwp_ajax_mintGetNetworksMintNFT.php:1682

authwp_ajax_getAbiBytecodeMintNFT.php:1727

noprivwp_ajax_getAbiBytecodeMintNFT.php:1728

WordPress Hooks 9

actionadmin_menuMintNFT.php:37

filtertheme_page_templatesMintNFT.php:108

filtertemplate_includeMintNFT.php:117

actionadmin_initMintNFT.php:166

actionadmin_enqueue_scriptsMintNFT.php:635

actionwp_enqueue_scriptsMintNFT.php:673

actionwp_enqueue_scriptsMintNFT.php:675

filterplugin_action_linksMintNFT.php:1272

actionwp_writehere_extension_activationMintNFT.php:1317

Maintenance & Trust

MintNFT Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedJul 5, 2024

PHP min version7.2

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

MintNFT Plugin Alternatives

Kredeum NFTs, the easiest way to sell your NFTs directly on your WordPress site

kredeum-nfts

Sell your NFTs directly on your WordPress site in an easy and fast way.

40 1 CVE

KoalaMint Plugin

koalamint

The No-Code Solution to Launch a Generative NFT Collection On your Website.

10 No CVEs

EthPress – Web3 Login

ethpress

EthPress Web3 Login Wordpress Plugin adds the capability to connect with cryptocurrency wallets such as MetaMask or WalletConnect QR code.

100 No CVEs

Ethereum Wallet

ethereum-wallet

100

The user friendly NFT and ERC20 tokens Ethereum Wallet with BSC and Polygon support for your WordPress site and WooCommerce store.

20 No CVEs

Token / NFT / Blockchain Page Gating

litprotocol-wp-lit-gated

Gate your content based on blockchain conditions like NFT ownership.

20 No CVEs

Developer Profile

MintNFT Plugin Developer Profile

techforceglobal

5 plugins · 20 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect MintNFT Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mintnft/assets/css/style.css/wp-content/plugins/mintnft/assets/js/main.js

Script Paths

/wp-content/plugins/mintnft/assets/js/main.js

Version Parameters

mintnft/assets/css/style.css?ver=mintnft/assets/js/main.js?ver=

HTML / DOM Fingerprints

CSS Classes

MintNFT_formNFTMintNFT_row_ServerTypeMintNFT_row_PinataKeypinata_dataMintNFT_row_PinataSecretMintNFT_row_getway_typeMintNFT_row_image_prefix+5 more

Data Attributes

data-settings-saved

JS Globals

MintNFT_option_name

FAQ