Orbisius Quick Nav Security & Risk Analysis
wordpress.org/plugins/orbisius-quick-navSwitch quickly between pages, posts, or any other custom post types.
Is Orbisius Quick Nav Safe to Use in 2026?
Generally Safe
Score 85/100Orbisius Quick Nav has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'orbisius-quick-nav' plugin version 1.0.8 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of any identified CVEs and the lack of critical or high-severity issues in taint analysis are positive indicators. Furthermore, the plugin has no reported vulnerabilities in its history, suggesting a history of secure development or timely patching by maintainers.
However, there are notable areas of concern within the static analysis. The most significant is the presence of a single SQL query that does not utilize prepared statements, increasing the risk of SQL injection vulnerabilities. Additionally, a substantial portion of the plugin's output (87%) is not properly escaped, which opens the door to cross-site scripting (XSS) vulnerabilities. The complete lack of nonce and capability checks across all entry points also presents a significant security gap, particularly if any functionalities were to be added in the future that could be leveraged by unauthenticated or unauthorized users.
In conclusion, while the plugin has a clean vulnerability history and no identified critical flaws, the identified code-level weaknesses in SQL handling and output escaping, coupled with a lack of robust authentication checks, present tangible risks. These issues should be addressed to improve the overall security of the plugin.
Key Concerns
- SQL queries without prepared statements
- Low percentage of properly escaped output
- No nonce checks on entry points
- No capability checks on entry points
Orbisius Quick Nav Security Vulnerabilities
Orbisius Quick Nav Release Timeline
Orbisius Quick Nav Code Analysis
SQL Query Safety
Output Escaping
Orbisius Quick Nav Attack Surface
WordPress Hooks 9
Maintenance & Trust
Orbisius Quick Nav Maintenance & Trust
Maintenance Signals
Community Trust
Orbisius Quick Nav Alternatives
BE REST Endpoints
be-rest-endpoints
Major features in BE REST Endpoints include:
i20 Custom Widgets for WordPress Posts Header, Footer & Sidebar
i20-sidebar-widgets
Customizable Related Posts Sidebar Widgets for WordPress Blogs to display on Posts, Pages & Taxonomies. On-page SEO booster. Works with all Themes.
Ocean Extra
ocean-extra
The ultimate companion for OceanWP. Adds local Google Fonts, mega menus, site templates, and per-page settings for total design authority.
Custom Sidebars – Dynamic Sidebar Classic Widget Area Manager
custom-sidebars
Flexible sidebars for custom classic widget configurations on any page or post. Create custom sidebars with ease!
Widget Logic
widget-logic
Widget Logic lets you control on which pages widgets appear using WP's conditional tags.
Orbisius Quick Nav Developer Profile
28 plugins · 12K total installs
How We Detect Orbisius Quick Nav
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/orbisius-quick-nav/css/style.css/wp-content/plugins/orbisius-quick-nav/js/orbisius-quick-nav.js//cdnjs.cloudflare.com/ajax/libs/chosen/1.4.2/chosen.jquery.min.jsorbisius-quick-nav/css/style.css?ver=orbisius-quick-nav/js/orbisius-quick-nav.js?ver=HTML / DOM Fingerprints
<!-- /orbisius_quick_nav_dropdown_container -->name="orb_quick_nav_select"id="orb_quick_nav_select_page_id"id="orb_quick_nav_select_post_id"orbisius_quick_nav_cfgorbisius_quick_nav_admin_inline_js