Does MVP Docs have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is MVP Docs compatible with WordPress 6.9.4?

According to WordPress.org data, MVP Docs 1.0.7 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is MVP Docs compatible with PHP 8.0+?

MVP Docs requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is MVP Docs updated?

MVP Docs was last updated on Apr 12, 2026. Frequent updates are generally a positive security signal.

What is MVP Docs's security score?

MVP Docs has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

MVP Docs Security & Risk Analysis

wordpress.org/plugins/mvp-docs

A lightweight documentation plugin for WordPress. AI-friendly markdown import, native editor, no bloat.

0 active installs v1.0.7 PHP 8.0+ WP 6.7+ Updated Apr 12, 2026

aidocsdocumentationknowledge-basemarkdown

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is MVP Docs Safe to Use in 2026?

Generally Safe

Score 100/100

MVP Docs has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The mvp-docs plugin version 1.0.7 demonstrates a generally good security posture with some notable exceptions. The code analysis reveals that all SQL queries are properly prepared, and the vast majority of output is correctly escaped, indicating a strong commitment to preventing common web vulnerabilities like SQL injection and XSS. The absence of known CVEs and a clean vulnerability history further suggests a well-maintained and secure plugin. However, the presence of three AJAX handlers without authentication checks represents a significant security concern. These unprotected entry points could potentially be exploited by unauthenticated users to trigger unintended functionality or access sensitive data, depending on what these AJAX handlers are designed to do. While the taint analysis shows no critical or high severity unsanitized paths, the exposed AJAX handlers create a potential attack vector that requires careful consideration.

Key Concerns

Unprotected AJAX handlers

Vulnerabilities

None known

MVP Docs Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

MVP Docs Release Timeline

v1.0.7Current

Code Analysis

Analyzed Apr 16, 2026

MVP Docs Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

213 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

97% escaped220 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

1 flows

<Admin> (includes/Admin.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

MVP Docs Attack Surface

Entry Points11

Unprotected3

AJAX Handlers 5

authwp_ajax_mvpd_save_category_orderincludes/Admin.php:66

authwp_ajax_mvpd_exportincludes/Admin.php:129

authwp_ajax_mvpd_importincludes/Admin.php:198

authwp_ajax_mvpd_search_docsincludes/FrontAssets.php:65

noprivwp_ajax_mvpd_search_docsincludes/FrontAssets.php:66

Shortcodes 6

[mvpd_archive_header] includes/Shortcodes.php:10

[mvpd_category_header] includes/Shortcodes.php:24

[mvpd_search_header] includes/Shortcodes.php:32

[mvpd_archive] includes/Shortcodes.php:40

[mvpd_search] includes/Shortcodes.php:48

[mvpd_category] includes/Shortcodes.php:68

WordPress Hooks 16

actionadmin_initincludes/Admin.php:11

actionadmin_menuincludes/Admin.php:20

actionadmin_enqueue_scriptsincludes/Admin.php:32

filterthe_contentincludes/Breadcrumbs.php:10

actionwp_enqueue_scriptsincludes/FrontAssets.php:11

actionwp_enqueue_scriptsincludes/FrontAssets.php:31

actionenqueue_block_editor_assetsincludes/Markdown.php:11

actioninitincludes/PostType.php:82

actioninitincludes/PostType.php:85

filterquery_varsincludes/PostType.php:94

actioninitincludes/PostType.php:100

actionpre_get_postsincludes/PostType.php:108

actioninitincludes/Templates.php:28

filterpre_get_block_file_templateincludes/Templates.php:75

filterarchive_template_hierarchyincludes/Templates.php:85

filtertemplate_includeincludes/Templates.php:92

Maintenance & Trust

MVP Docs Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 12, 2026

PHP min version8.0

Downloads34

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

MVP Docs Alternatives

BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor

betterdocs

A full-featured documentation plugin including AI writing assistance to create knowledge bases, docs, FAQs, wikis, and more with easy drag & drop UI.

40K 10 CVEs

weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot

wedocs

Build a powerful documentation hub with an AI-powered knowledge base, docs, wiki tools, and an AI chatbot to help users find answers instantly.

4K 6 CVEs

Echo Knowledge Base – Documentation, FAQs, Chat & Smart Search

echo-knowledge-base

A fully featured, easy-to-use documentation plugin with AI chat, search, FAQs, and quizzes. Build beautiful knowledge bases, docs, and wikis.

10K 2 CVEs

Knowledge Base documentation & wiki plugin – BasePress Docs

basepress

Easily create & manage documentation. Reduce support tickets & scale your customer support workload. This simple plugin works with any theme.

2K 4 CVEs

Smart Docs

smart-docs

Knowledge Base & Documentation Plugin for WordPress.

70 1 unpatched

Developer Profile

MVP Docs Developer Profile

cartpauj

6 plugins · 32K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

1225 days

View full developer profile

Detection Fingerprints

How We Detect MVP Docs

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mvp-docs/assets/admin/settings.css/wp-content/plugins/mvp-docs/assets/admin/cat-order.js/wp-content/plugins/mvp-docs/assets/admin/cat-order.css/wp-content/plugins/mvp-docs/assets/admin/settings.js/wp-content/plugins/mvp-docs/assets/admin/export-import.js

Script Paths

/wp-content/plugins/mvp-docs/assets/admin/cat-order.js/wp-content/plugins/mvp-docs/assets/admin/settings.js/wp-content/plugins/mvp-docs/assets/admin/export-import.js

Version Parameters

mvp-docs/assets/admin/settings.css?ver=mvp-docs/assets/admin/cat-order.js?ver=mvp-docs/assets/admin/cat-order.css?ver=mvp-docs/assets/admin/settings.js?ver=mvp-docs/assets/admin/export-import.js?ver=

HTML / DOM Fingerprints

CSS Classes

mvpd-tab-intro

Data Attributes

data-mvpd-id

JS Globals

mvpdOrdermvpdExportImport

FAQ