Does MU Post to Multiple Blogs have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is MU Post to Multiple Blogs compatible with WordPress 3.7.41?

According to WordPress.org data, MU Post to Multiple Blogs 1.0 has been tested up to WordPress 3.7.41. Check the plugin's changelog for the latest compatibility information.

How often is MU Post to Multiple Blogs updated?

MU Post to Multiple Blogs was last updated on Jan 8, 2014. Frequent updates are generally a positive security signal.

What is MU Post to Multiple Blogs's security score?

MU Post to Multiple Blogs has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

MU Post to Multiple Blogs Security & Risk Analysis

wordpress.org/plugins/mu-post-to-multiple-blogs

Allows the posting to multiple blogs at a time, bubble-out style.

10 active installs v1.0 PHP + WP 3.0+ Updated Jan 8, 2014

wordpressmu

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is MU Post to Multiple Blogs Safe to Use in 2026?

Generally Safe

Score 85/100

MU Post to Multiple Blogs has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The "mu-post-to-multiple-blogs" plugin v1.0 presents a mixed security posture. While the plugin boasts zero identified CVEs and no apparent direct attack surface exposed through AJAX, REST API, shortcodes, or cron events, several concerning code signals warrant attention. The presence of the `unserialize` function is a significant risk, as it can lead to Remote Code Execution if improperly handled with untrusted input. Although a majority of SQL queries use prepared statements, a notable portion do not, and the taint analysis reveals one flow with an unsanitized path and a high severity taint, indicating a potential for code injection or other malicious data manipulation. The lack of capability checks on any entry points is also a concern, as it implies that any authenticated user, regardless of their role, could potentially trigger unintended actions. The plugin's vulnerability history is clean, which is a positive indicator, but it does not negate the risks identified in the static analysis.

Key Concerns

Dangerous function: unserialize detected
Taint analysis: High severity flow with unsanitized path
SQL queries not using prepared statements
Output escaping is not properly implemented (33% of outputs)
Capability checks are missing on entry points

Vulnerabilities

None known

MU Post to Multiple Blogs Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

MU Post to Multiple Blogs Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

MU Post to Multiple Blogs Code Analysis

Dangerous Functions

Raw SQL Queries

8 prepared

Unescaped Output

8 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$multi_post_meta = unserialize(get_post_meta( $post->ID, 'multi_post_meta', true ));mu-post-to-multiple-blogs.php:360

unserialize$multi_post_meta_last = unserialize(get_post_meta( $post->ID, 'multi_post_meta', true ));mu-post-to-multiple-blogs.php:428

unserialize$multi_post_meta = unserialize(get_post_meta( $post_id, 'multi_post_meta', true ));mu-post-to-multiple-blogs.php:616

SQL Query Safety

62% prepared13 total queries

Output Escaping

67% escaped12 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

3 flows1 with unsanitized paths

sitewide_tags_update_options (mu-post-to-multiple-blogs.php:166)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

MU Post to Multiple Blogs Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 20

actionadmin_menumu-post-to-multiple-blogs.php:37

actionnetwork_admin_menumu-post-to-multiple-blogs.php:42

actioninitmu-post-to-multiple-blogs.php:47

actionadmin_initmu-post-to-multiple-blogs.php:300

actioninitmu-post-to-multiple-blogs.php:335

actionadd_meta_boxesmu-post-to-multiple-blogs.php:399

actionsave_postmu-post-to-multiple-blogs.php:594

actiontrash_postmu-post-to-multiple-blogs.php:639

actiondelete_postmu-post-to-multiple-blogs.php:640

actiondelete_blogmu-post-to-multiple-blogs.php:708

actionarchive_blogmu-post-to-multiple-blogs.php:709

actiondeactivate_blogmu-post-to-multiple-blogs.php:710

actionmake_spam_blogmu-post-to-multiple-blogs.php:711

actionmature_blogmu-post-to-multiple-blogs.php:712

actiontransition_post_statusmu-post-to-multiple-blogs.php:714

actionupdate_option_blog_publicmu-post-to-multiple-blogs.php:741

filterpost_linkmu-post-to-multiple-blogs.php:761

filterpage_linkmu-post-to-multiple-blogs.php:762

filtersitewide_tags_allowed_post_typesmu-post-to-multiple-blogs.php:769

filterpost_thumbnail_htmlmu-post-to-multiple-blogs.php:784

Maintenance & Trust

MU Post to Multiple Blogs Maintenance & Trust

Maintenance Signals

WordPress version tested3.7.41

Last updatedJan 8, 2014

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

MU Post to Multiple Blogs Alternatives

Gravatar Favicon

gravatar-favicon

This plugin allows you to generate a gravatar favicon for your blog and admin logo included Apple touch icon.

100 No CVEs

Multiple Twitter Widgets

multiple-twitter-widgets

Allows for multiple twitter widgets to be displayed.

10 No CVEs

WDS Multisite Aggregate

wds-multisite-aggregate

A central area where all the posts on a WordPress MS network can be collected.

10 1 CVE

WPMU Admin Interface Language

wpmu-admin-interface-language

Lets WPMU user to select language in backend administration panel.

10 No CVEs

Developer Profile

MU Post to Multiple Blogs Developer Profile

bdombro

2 plugins · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect MU Post to Multiple Blogs

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mu-post-to-multiple-blogs/sitewide-tags.php

Version Parameters

mu-post-to-multiple-blogs/sitewide-tags.php?ver=

HTML / DOM Fingerprints

CSS Classes

wrap

HTML Comments

This section hidden b/c these params should not be changed. Populate feature hidden b/c no longe

Data Attributes

name="tags_blog_enabled"name="tags_max_posts"name="tags_blog_pages"name="tags_blog_thumbs"name="tags_blog_public"name="tags_blog_pub_check"+1 more

FAQ