Oomph Filter Widgets Security & Risk Analysis

wordpress.org/plugins/oomph-filter-widgets

Allow back-end users to filter widgets by name for quickly finding the widgets you need.

10 active installs v0.1 PHP + WP 3.2+ Updated Jul 5, 2013
clonesidebarwidget
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is Oomph Filter Widgets Safe to Use in 2026?

Generally Safe

Score 85/100

Oomph Filter Widgets has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago
Risk Assessment

The "oomph-filter-widgets" plugin, version 0.1, exhibits a strong security posture based on the provided static analysis. The code demonstrates excellent adherence to secure coding practices, with no dangerous functions, all SQL queries utilizing prepared statements, and all output properly escaped. Furthermore, there are no file operations, external HTTP requests, or identified taint flows, indicating a low risk of injection vulnerabilities or unauthorized data handling. The absence of any recorded vulnerabilities, past or present, is a significant positive indicator of the plugin's security. The plugin also boasts a minimal attack surface, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events that could be exploited. However, the complete lack of nonce checks and capability checks across all entry points, despite there being zero entry points, is a potential concern if the plugin were to evolve and introduce new functionalities. While the current state is highly secure, this lack of fundamental security checks could become a weakness if not addressed in future development.

Key Concerns

  • Missing capability checks on entry points
  • Missing nonce checks on entry points
Vulnerabilities
None known

Oomph Filter Widgets Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Oomph Filter Widgets Release Timeline

v0.1Current
Code Analysis
Analyzed Apr 16, 2026

Oomph Filter Widgets Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0
Attack Surface

Oomph Filter Widgets Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 1
filteradmin_headoomph-filter-widgets.php:32
Maintenance & Trust

Oomph Filter Widgets Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2
Last updatedJul 5, 2013
PHP min version
Downloads2K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Developer Profile

Oomph Filter Widgets Developer Profile

Ben Doherty (Oomph, Inc)

3 plugins · 910 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Oomph Filter Widgets

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes
widget-holderdescriptionwidget-searchwidget-listwidgetwidget-title
Data Attributes
titleplaceholder
JS Globals
window.Oomphwindow.Oomph.FilterWidgets
FAQ

Frequently Asked Questions about Oomph Filter Widgets