WP-Safety

NS Mistercorporate Security & Risk Analysis

wordpress.org/plugins/ns-mistercorporate

This plugin add more awesome features to Mistercorporate WordPress Theme!

10 active installs v1.1.3 PHP + WP 4.3+ Updated Feb 9, 2022
mistercorporatemistercorporate-pluginmistercorporate-themeplugin-for-mistercorporatetheme-plugin
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is NS Mistercorporate Safe to Use in 2026?

Generally Safe

Score 85/100

NS Mistercorporate has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago
Risk Assessment

The plugin "ns-mistercorporate" v1.1.3 presents a mixed security posture. On the positive side, it demonstrates good practices regarding SQL queries, exclusively using prepared statements, and has no known vulnerabilities (CVEs). This indicates a potential commitment to secure coding principles in certain areas and a lack of historically exploitable flaws.

However, significant concerns arise from the static analysis. The plugin exposes two AJAX handlers, both entirely without authentication checks. This creates a substantial attack surface, as any unauthenticated user could potentially interact with these endpoints, leading to unpredictable behavior or even exploits if the logic within these handlers is vulnerable. Furthermore, the taint analysis reveals two flows with unsanitized paths, which, while not categorized as critical or high severity in this specific analysis, still represent potential pathways for malicious input to be processed in an unsafe manner.

The lack of output escaping on a significant portion (69%) of outputs is another critical weakness. This makes the plugin highly susceptible to Cross-Site Scripting (XSS) attacks. The absence of nonce checks and capability checks on the AJAX endpoints exacerbates these risks, as there are no built-in mechanisms to verify user intent or permissions. In conclusion, while the plugin has a clean vulnerability history and handles SQL securely, the combination of unprotected AJAX endpoints, unsanitized paths, and widespread output escaping issues presents a considerable risk.

Key Concerns

  • AJAX handlers without authentication
  • Unsanitized paths in taint analysis flows
  • Low output escaping percentage
  • AJAX handlers without nonce checks
  • AJAX handlers without capability checks
Vulnerabilities
None known

NS Mistercorporate Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

NS Mistercorporate Release Timeline

v1.1.3Current
v1.1.2
v1.1.1
v1.1.0
v1.0.3
v1.0.2
v1.0.1
v1.0.0
Code Analysis
Analyzed Mar 17, 2026

NS Mistercorporate Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
82
36 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
3
Bundled Libraries
0

Output Escaping

31% escaped118 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
pe_deactivation_ajax_function (plugineye\plugineye-ajax\plugineye_on_deactivation_function.php:5)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

NS Mistercorporate Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_pe_deactivation_ajax_functionplugineye\plugineye-ajax\plugineye_on_deactivation_function.php:2
noprivwp_ajax_pe_deactivation_ajax_functionplugineye\plugineye-ajax\plugineye_on_deactivation_function.php:3
WordPress Hooks 12
actioncustomize_registerns-mistercorporate-customize.php:1106
actionwp_enqueue_scriptsns-mistercorporate-map.php:69
actionwidgets_initns-mistercorporate-widget-contact.php:77
actionwp_enqueue_scriptsns-mistercorporate.php:52
filterpage_templatens-mistercorporate.php:74
filterplugin_action_linksplugineye\plugineye-class.php:96
actionadmin_menuplugineye\plugineye-class.php:113
actionadmin_enqueue_scriptsplugineye\plugineye-class.php:125
actionadmin_enqueue_scriptsplugineye\plugineye-class.php:136
actionactivated_pluginplugineye\plugineye-class.php:147
actionin_admin_footerplugineye\plugineye-class.php:401
actionactivated_pluginplugineye\plugineye-class.php:440
Maintenance & Trust

NS Mistercorporate Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13
Last updatedFeb 9, 2022
PHP min version
Downloads5K

Community Trust

Rating80/100
Number of ratings1
Active installs10
Alternatives

NS Mistercorporate Alternatives

Monster Downloader

Monster Downloader

monster-downloader

A
85

Monster Downloader is the best plugin for download plugin and themes.Perfect plugin for quickly downloading themes and plugins.

70 No CVEs
Ultimate Thesis Theme Options

Ultimate Thesis Theme Options

ultimate-thesis-options

A
85

A very powerful plugin that will make Thesis Theme costomization more flexible

30 No CVEs
Easy Theme plugin Switcher

Easy Theme plugin Switcher

easy-theme-plugin-switcher

A
85

Easy Theme Plugin Switcher allows you to toggle activate/deactivate theme, plugins only with one single click.

0 No CVEs
Developer Profile

NS Mistercorporate Developer Profile

NsThemes

24 plugins · 4K total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect NS Mistercorporate

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ns-mistercorporate/css/mistercorporate-contact-style.css/wp-content/plugins/ns-mistercorporate/js/mistercorporate-map.js
Script Paths
https://maps.googleapis.com/maps/api/jshttps://maps.googleapis.com/maps/api/js?key=/wp-content/plugins/ns-mistercorporate/js/mistercorporate-map.js
Version Parameters
ns-mistercorporate/style.css?ver=mistercorporate-contact-style.css?ver=mistercorporate-map.js?ver=

HTML / DOM Fingerprints

CSS Classes
mistercorporate-contact-stylemistercorporate-map
Data Attributes
id="map"
JS Globals
google.mapsinit
FAQ

Frequently Asked Questions about NS Mistercorporate