Does Moving Contents have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Moving Contents compatible with WordPress 7.0?

According to WordPress.org data, Moving Contents 1.13 has been tested up to WordPress 7.0. Check the plugin's changelog for the latest compatibility information.

Is Moving Contents compatible with PHP 8.0+?

Moving Contents requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Moving Contents updated?

Moving Contents was last updated on Mar 29, 2026. Frequent updates are generally a positive security signal.

What is Moving Contents's security score?

Moving Contents has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Moving Contents Security & Risk Analysis

wordpress.org/plugins/moving-contents

Supports the transfer of Contents between servers.

70 active installs v1.13 PHP 8.0+ WP 4.6+ Updated Mar 29, 2026

commentsmediamovingpagesposts

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Moving Contents Safe to Use in 2026?

Generally Safe

Score 100/100

Moving Contents has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "moving-contents" plugin v1.13 presents a seemingly strong security posture based on the provided static analysis. The absence of any identified dangerous functions, unescaped output, file operations, external HTTP requests, or taint flows suggests a well-written codebase with good practices for input sanitization and output encoding. Furthermore, the plugin's limited attack surface, with zero identified entry points for AJAX, REST API, shortcodes, or cron events, significantly reduces its potential for exploitation.

The vulnerability history is also exceptionally clean, with no recorded CVEs, which is a positive indicator. This lack of past vulnerabilities, combined with the current analysis, suggests a plugin that has historically been maintained with security in mind. However, a notable concern is the presence of a single SQL query that is not using prepared statements. While the attack surface is minimal, this unparameterized query, if ever exposed to user input in a future update or if the attack surface is misreported, could become a vector for SQL injection.

In conclusion, the "moving-contents" plugin v1.13 demonstrates good security development practices, particularly in its minimal attack surface and diligent output escaping. The lack of historical vulnerabilities is a strong positive. The primary weakness lies in the single, unparameterized SQL query, which, despite the current lack of exploitable context, is a deviation from best practices and should be addressed.

Key Concerns

SQL query not using prepared statements

Vulnerabilities

None known

Moving Contents Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Moving Contents Release Timeline

v1.13Current

v1.12

v1.11

v1.10

v1.09

v1.08

v1.07

v1.06

v1.05

v1.04

v1.03

v1.02

v1.01

v1.00

Code Analysis

Analyzed Mar 16, 2026

Moving Contents Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Attack Surface

Moving Contents Attack Surface

Entry Points0

Unprotected0

Maintenance & Trust

Moving Contents Maintenance & Trust

Maintenance Signals

WordPress version tested7.0

Last updatedMar 29, 2026

PHP min version8.0

Downloads9K

Community Trust

Rating90/100

Number of ratings2

Active installs70

Alternatives

Moving Contents Alternatives

Smart Bulk Delete & Content Cleaner for WordPress

smart-bulk-content-remover

100

Safely bulk delete posts, pages, media, and comments with flexible filters and a clean interface.

80 No CVEs

No Page Comment

no-page-comment

An admin interface to control the default comment and trackback settings on new posts, pages and custom post types.

10K 2 CVEs

Bulk Datetime Change

bulk-datetime-change

100

Bulk change date/time for posts.

7K 1 CVE

Disable Feeds and Comments

disable-rss-feeds-and-comments

This WordPress plugin, "Disable RSS Feeds and Comments," gives you the ability to turn off both the RSS feeds and comments on pages and/or p …

400 No CVEs

Simple Menu Order Column

simple-menu-order-column

100

Expose menu order column on your dashboard listings.

200 No CVEs

Developer Profile

Moving Contents Developer Profile

Katsushi Kawamori

54 plugins · 56K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

178 days

View full developer profile

Detection Fingerprints

How We Detect Moving Contents

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/moving-contents/assets/js/scripts.js/wp-content/plugins/moving-contents/assets/css/styles.css

Script Paths

/wp-content/plugins/moving-contents/assets/js/scripts.js

Version Parameters

moving-contents/assets/js/scripts.js?ver=moving-contents/assets/css/styles.css?ver=

HTML / DOM Fingerprints

CSS Classes

moving-contents-wrappermc-content-block

HTML Comments

Data Attributes

data-moving-content-iddata-moving-content-target

JS Globals

movingContentsGlobal

Shortcode Output

[moving_contents][moving_contents_widget]

FAQ