Does NWMC Login Support have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is NWMC Login Support compatible with WordPress 6.1.10?

According to WordPress.org data, NWMC Login Support 1.6.0 has been tested up to WordPress 6.1.10. Check the plugin's changelog for the latest compatibility information.

How often is NWMC Login Support updated?

NWMC Login Support was last updated on Dec 28, 2022. Frequent updates are generally a positive security signal.

What is NWMC Login Support's security score?

NWMC Login Support has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

NWMC Login Support Security & Risk Analysis

wordpress.org/plugins/nwmc-login-and-support

This plugin will add the nwmc logo to the bottom of your login box and NW Media Collective's support info to the bottom of your admin area in Wor …

10 active installs v1.6.0 PHP + WP 3.5+ Updated Dec 28, 2022

loginnwmcsupport

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is NWMC Login Support Safe to Use in 2026?

Generally Safe

Score 85/100

NWMC Login Support has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The "nwmc-login-and-support" plugin v1.6.0 exhibits a strong security posture based on the provided static analysis. There are no identified AJAX handlers, REST API routes, shortcodes, or cron events, resulting in a zero-total attack surface. Furthermore, the code signals indicate a lack of dangerous functions, no file operations, no external HTTP requests, and no vulnerability history.

Despite the absence of critical vulnerabilities, there are areas for concern. Notably, 100% of the total output operations are not properly escaped, posing a risk of cross-site scripting (XSS) vulnerabilities if any dynamic data is outputted without sanitization. The complete lack of nonce checks and capability checks, while potentially mitigated by the zero attack surface, represents a weakness in fundamental security practices that could become exploitable if the attack surface were to expand or if future features are added without proper security considerations.

Overall, the plugin appears to be secure due to its limited functionality and lack of known vulnerabilities. However, the unescaped output is a significant oversight that could lead to security issues. The absence of nonce and capability checks indicates a lack of robust security hardening, which could be a future concern. Addressing the unescaped output and implementing basic security checks should be prioritized for a more secure plugin.

Key Concerns

Output escaping is not properly implemented
No nonce checks implemented
No capability checks implemented

Vulnerabilities

None known

NWMC Login Support Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

NWMC Login Support Release Timeline

No version history available.

Code Analysis

Analyzed Apr 16, 2026

NWMC Login Support Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped1 total outputs

Attack Surface

NWMC Login Support Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actionwp_headlogin-box-logo.php:13

actionlogin_formlogin-box-logo.php:20

filteradmin_footer_textlogin-box-logo.php:38

Maintenance & Trust

NWMC Login Support Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10

Last updatedDec 28, 2022

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

NWMC Login Support Alternatives

Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More

themeisle-companion

Add modules like share buttons, header & footer scripts, disable comments, reading progress bar, custom fonts, custom login page & more in one plugin.

100K 20 CVEs

Hibiscus Login As Customer for WooCommerce

hibiscus-login-as-customer

100

Securely log in as any WooCommerce customer and return to admin with one click.

10 No CVEs

TrustedLogin Connector

trustedlogin-connector

Empower support team members to securely and easily log into client sites using TrustedLogin.

10 No CVEs

Magefan Login As Customer

magefan-login-as-customer

100

Easily log in as any customer from the WordPress admin. Perfect for support teams and store administrators.

0 No CVEs

NNFP – Passwordless Email OTP Login

no-need-for-password

100

Short Description: Enable secure passwordless login and registration using secure email-based one-time passwords (OTP).

0 No CVEs

Developer Profile

NWMC Login Support Developer Profile

nwmcinc

5 plugins · 140 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect NWMC Login Support

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output

<div style="text-align: center; padding:2px;"> <div style="float:left;"><img src="plugins_url( 'nwmc-login-and-support/imgs/nwmc-pill.jpg', '_FILE_' )

FAQ