mPress Menu Wormhole Security & Risk Analysis

wordpress.org/plugins/mpress-menu-wormhole

Easily add a menu as a submenu to another menu.

10 active installs v1.1.2 PHP + WP 3.2+ Updated Jan 24, 2017
menumenusnavnavigationwormhole
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is mPress Menu Wormhole Safe to Use in 2026?

Generally Safe

Score 85/100

mPress Menu Wormhole has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago
Risk Assessment

The 'mpress-menu-wormhole' plugin v1.1.2 exhibits a very strong security posture based on the provided static analysis. The absence of any identifiable attack surface, dangerous functions, raw SQL queries, file operations, or external HTTP requests is highly commendable. Furthermore, the presence of nonce and capability checks, coupled with robust output escaping (92%), indicates good development practices aimed at preventing common web vulnerabilities.

The taint analysis showing zero flows with unsanitized paths, critical, or high severity further reinforces the plugin's secure design. The vulnerability history is also completely clear, with no recorded CVEs, indicating a history of stable and secure code.

Overall, this plugin appears to be exceptionally secure. The only slight area for consideration, though minor given the overall context, is the 8% of output not being properly escaped, which could theoretically present a very low risk in a highly specific edge case. However, given the lack of any other entry points or potential for malicious input, this is unlikely to be a practical concern. The plugin's strengths far outweigh any theoretical weaknesses.

Key Concerns

  • Minor unescaped output detected
Vulnerabilities
None known

mPress Menu Wormhole Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

mPress Menu Wormhole Release Timeline

v1.1.2Current
v1.1.1
v1.1
v1.0
v0.1
Code Analysis
Analyzed Apr 16, 2026

mPress Menu Wormhole Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
12 escaped
Nonce Checks
1
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

92% escaped13 total outputs
Attack Surface

mPress Menu Wormhole Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 6
actionadmin_initmpress-menu-wormhole.php:34
actionwp_update_nav_menu_itemmpress-menu-wormhole.php:35
filterwp_edit_nav_menu_walkermpress-menu-wormhole.php:36
filterwalker_nav_menu_start_elmpress-menu-wormhole.php:40
actionadmin_enqueue_scriptsmpress-menu-wormhole.php:82
actionwp_nav_menu_item_custom_fieldsmpress-menu-wormhole.php:236
Maintenance & Trust

mPress Menu Wormhole Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.33
Last updatedJan 24, 2017
PHP min version
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Developer Profile

mPress Menu Wormhole Developer Profile

Micah Wood

5 plugins · 270 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect mPress Menu Wormhole

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/mpress-menu-wormhole/js/jquery.wormhole.min.js/wp-content/plugins/mpress-menu-wormhole/js/jquery.wormhole.js
Script Paths
/wp-content/plugins/mpress-menu-wormhole/js/jquery.wormhole.min.js/wp-content/plugins/mpress-menu-wormhole/js/jquery.wormhole.js
Version Parameters
mpress-menu-wormhole/js/jquery.wormhole.min.js?ver=mpress-menu-wormhole/js/jquery.wormhole.js?ver=

HTML / DOM Fingerprints

CSS Classes
edit-menu-item-url
Data Attributes
name="menu-item-url
JS Globals
mPressMenuWormhole
FAQ

Frequently Asked Questions about mPress Menu Wormhole