WP-Safety

Org. Departments Security & Risk Analysis

wordpress.org/plugins/org-departments

Hierarchical Structure of Departments. For each User, you can set a binding to several Departments.

0 active installs v5.10 PHP 5.4+ WP 4.9+ Updated Dec 9, 2024
departmentshierarchyorgtreeusers
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Org. Departments Safe to Use in 2026?

Generally Safe

Score 92/100

Org. Departments has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "org-departments" plugin v5.10 exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for its SQL queries and avoiding file operations and external HTTP requests. The presence of nonce and capability checks, although limited, is also a positive sign. However, significant concerns arise from the identified attack surface. Two AJAX handlers are exposed without any authentication checks, creating a clear entry point for potential unauthorized actions. Furthermore, the taint analysis reveals a flow with an unsanitized path, identified as high severity. This suggests that user-supplied data might be processed in a way that could lead to vulnerabilities if not properly validated and sanitized. The plugin's history of zero known CVEs is a strong indicator of past security diligence, but the current code analysis points to specific weaknesses that need immediate attention. The combination of unprotected entry points and a high-severity unsanitized taint flow presents a notable risk, despite the absence of historical vulnerabilities.

Key Concerns

  • AJAX handlers without auth checks
  • High severity unsanitized taint flow
  • Unescaped output
  • Limited nonce checks
Vulnerabilities
None known

Org. Departments Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Org. Departments Release Timeline

No version history available.
Code Analysis
Analyzed Apr 16, 2026

Org. Departments Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
24
58 escaped
Nonce Checks
1
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

71% escaped82 total outputs
Data Flows · Security
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<ajax_departments> (includes/ajax_departments.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Org. Departments Attack Surface

Entry Points3
Unprotected2

AJAX Handlers 2

authwp_ajax_orgdepartmentsorg-departments.php:115
noprivwp_ajax_orgdepartmentsorg-departments.php:116

Shortcodes 1

[org.departments] includes/shortcodes.php:10
WordPress Hooks 20
actionadmin_menuincludes/admin/admin.php:10
actionadmin_enqueue_scriptsincludes/admin/admin.php:34
filterparent_fileincludes/admin/admin.php:52
filtermanage_edit-departments_columnsincludes/admin/admin.php:65
filtermanage_departments_custom_columnincludes/admin/admin.php:76
actiondepartments_add_form_fieldsincludes/admin/admin.php:87
actiondepartments_edit_form_fieldsincludes/admin/admin.php:98
actioncreated_departmentsincludes/admin/admin.php:115
actionedited_departmentsincludes/admin/admin.php:116
filtermanage_users_columnsincludes/admin/admin.php:129
filtermanage_users_custom_columnincludes/admin/admin.php:142
filtermanage_users_sortable_columnsincludes/admin/admin.php:170
filterpre_user_queryincludes/admin/admin.php:179
actionedit_user_profileincludes/admin/admin.php:196
actionuser_new_formincludes/admin/admin.php:197
actionedit_user_profile_updateincludes/admin/admin.php:266
actioninitorg-departments.php:30
actionwp_enqueue_scriptsorg-departments.php:85
actionplugins_loadedorg-departments.php:120
actiondelete_userorg-departments.php:129
Maintenance & Trust

Org. Departments Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedDec 9, 2024
PHP min version5.4
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Org. Departments Alternatives

Admin Menu Tree Page View

Admin Menu Tree Page View

admin-menu-tree-page-view

A
100

Get a tree view of all your pages directly in the admin menu. Search, add, edit, view, re-order – all is just one click away!

10K No CVEs
F4 Post Tree

F4 Post Tree

f4-tree

A
99

This plugin adds a neat and easy to use sidebar tree view to your posts and pages backend.

500 1 CVE
Display Categories Tree

Display Categories Tree

post-categories-tree

A
85

This plugin is a widget to customize and add more css options to the Default Wordpress Category Widget. This plugin requires fontawesome in your theme &hellip;

200 No CVEs
Subpage Listing

Subpage Listing

subpage-listing

A
85

Allows you to display a list of the child pages of the currently viewed page.

200 No CVEs
Easy Hierarchy

Easy Hierarchy

easy-hierarchy

A
100

Hierarchies made easy!

20 No CVEs
Developer Profile

Org. Departments Developer Profile

wpgear

18 plugins · 2K total installs

92
trust score
Avg Security Score
97/100
Avg Patch Time
21 days
View full developer profile
Detection Fingerprints

How We Detect Org. Departments

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/org-departments/style.css/wp-content/plugins/org-departments/includes/departments_frontend.js
Script Paths
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Version Parameters
org-departments/style.css?ver=org-departments/includes/departments_frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
org-departments-wrapper
Data Attributes
data-sub-treedata-ajaxurl
JS Globals
orgdepartments_frontend_script_params
Shortcode Output
[org.departments]
FAQ

Frequently Asked Questions about Org. Departments