Does Naveed Post Types have any unpatched vulnerabilities?

No. All known vulnerabilities in Naveed Post Types have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Naveed Post Types compatible with WordPress 6.5.8?

According to WordPress.org data, Naveed Post Types 1.2.0 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

Is Naveed Post Types compatible with PHP 5.6+?

Naveed Post Types requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Naveed Post Types updated?

Naveed Post Types was last updated on May 20, 2024. Frequent updates are generally a positive security signal.

What is Naveed Post Types's security score?

Naveed Post Types has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Naveed Post Types Security & Risk Analysis

wordpress.org/plugins/naveed-post-types

Naveed Post Types is an elegant way to create custom post types and custom taxonomies in WordPress.

10 active installs v1.2.0 PHP 5.6+ WP 4.0+ Updated May 20, 2024

cptcustom-post-typespostpost-typetaxonomy

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Naveed Post Types Safe to Use in 2026?

Generally Safe

Score 92/100

Naveed Post Types has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "naveed-post-types" plugin v1.2.0 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of any recorded CVEs or past vulnerabilities is a significant positive indicator. The code analysis reveals good security practices, such as 100% of SQL queries using prepared statements and the presence of nonce and capability checks on all AJAX handlers. Furthermore, there are no detected dangerous functions, file operations, or external HTTP requests, all contributing to a reduced attack surface.

However, there are a few areas that, while not presenting critical immediate risks based on this data, could be improved for enhanced security. The primary concern is that 20% of output is not properly escaped, which, while not a critical severity in this analysis, could lead to cross-site scripting (XSS) vulnerabilities if the unescaped output is user-controlled. The absence of taint analysis results means that potential complex data flow vulnerabilities may not have been detected. While the attack surface is relatively small and appears protected, a future expansion of functionality without continued diligence could introduce risks.

In conclusion, "naveed-post-types" v1.2.0 is a well-secured plugin with a clean vulnerability history and good implementation of core security practices. The main recommendation for improvement lies in addressing the 20% of unescaped output to mitigate potential XSS risks. The lack of taint analysis is a limitation of the reporting, but the absence of critical signals in other areas suggests a low current risk profile.

Key Concerns

Unescaped output present

Vulnerabilities

None known

Naveed Post Types Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Naveed Post Types Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

187 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

80% escaped235 total outputs

Attack Surface

Naveed Post Types Attack Surface

Entry Points4

Unprotected0

AJAX Handlers 4

authwp_ajax_npt_slug_validationincludes\ajax.php:65

noprivwp_ajax_npt_slug_validationincludes\ajax.php:66

authwp_ajax_npt_icon_scriptincludes\ajax.php:95

noprivwp_ajax_npt_icon_scriptincludes\ajax.php:96

WordPress Hooks 24

actionload-post.phpincludes\admin\meta-boxes\npt-post-type.php:10

actionload-post-new.phpincludes\admin\meta-boxes\npt-post-type.php:11

actionadd_meta_boxesincludes\admin\meta-boxes\npt-post-type.php:18

actionsave_postincludes\admin\meta-boxes\npt-post-type.php:19

actionload-post.phpincludes\admin\meta-boxes\npt-taxonomy.php:10

actionload-post-new.phpincludes\admin\meta-boxes\npt-taxonomy.php:11

actionadd_meta_boxesincludes\admin\meta-boxes\npt-taxonomy.php:18

actionsave_postincludes\admin\meta-boxes\npt-taxonomy.php:19

actionadmin_menuincludes\admin\npt-admin.php:19

actioncurrent_screenincludes\admin\npt-admin.php:20

filteradmin_footer_textincludes\admin\npt-admin.php:55

actionadmin_enqueue_scriptsincludes\admin\npt-admin.php:56

actionin_admin_headerincludes\admin\npt-admin.php:57

actionadmin_enqueue_scriptsincludes\admin\npt-enqueue.php:20

actionadmin_enqueue_scriptsincludes\admin\npt-enqueue.php:21

filtermanage_npt-post-type_posts_columnsincludes\npt-functions.php:611

filtermanage_edit-npt-post-type_sortable_columnsincludes\npt-functions.php:630

actionmanage_npt-post-type_posts_custom_columnincludes\npt-functions.php:698

filtermanage_npt-taxonomy_posts_columnsincludes\npt-functions.php:718

filtermanage_edit-npt-taxonomy_sortable_columnsincludes\npt-functions.php:736

actionmanage_npt-taxonomy_posts_custom_columnincludes\npt-functions.php:800

actioninitnpt.php:116

actioninitnpt.php:117

actioninitnpt.php:118

Maintenance & Trust

Naveed Post Types Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedMay 20, 2024

PHP min version5.6

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Naveed Post Types Alternatives

Custom Post Type UI

custom-post-type-ui

Admin UI for creating custom content types like post types and taxonomies

1.0M 4 CVEs

Essential Content Types

essential-content-types

100

Essential Content Types allows you to feature the impressive content through different content/post types on your website just the way you want it.

20K No CVEs

Post Types Unlimited

post-types-unlimited

100

Create unlimited custom post types and custom taxonomies.

10K No CVEs

Posts in Page

posts-in-page

Easily add one or more posts to any page using simple shortcodes.

10K 1 CVE

Custom post types, Custom Fields & more

custom-post-types

Custom Post Types, Custom Fields, Custom Taxonomies, Custom Templates, Custom Admin Pages, Custom Admin Notices. Directly from the WP dashboard.

3K 3 CVEs

Developer Profile

Naveed Post Types Developer Profile

Naveed Anjum

1 plugin · 10 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Naveed Post Types

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/naveed-post-types/assets/css/npt-style.css/wp-content/plugins/naveed-post-types/assets/css/npt-settings.css/wp-content/plugins/naveed-post-types/assets/js/npt-admin.js

Script Paths

/wp-content/plugins/naveed-post-types/assets/js/npt-admin.js

Version Parameters

naveed-post-types/assets/css/npt-style.css?ver=naveed-post-types/assets/css/npt-settings.css?ver=naveed-post-types/assets/js/npt-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

npt-post-type-formnpt-taxonomy-formnpt-fields-wrapnpt-field-wrapnpt-svg-icon

Data Attributes

data-npt-post-typedata-npt-taxonomy

JS Globals

npt_object

FAQ