Does PageManager have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is PageManager compatible with WordPress 5.9.13?

According to WordPress.org data, PageManager 1.0.9 has been tested up to WordPress 5.9.13. Check the plugin's changelog for the latest compatibility information.

Is PageManager compatible with PHP 5.6+?

PageManager requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is PageManager updated?

PageManager was last updated on Apr 5, 2022. Frequent updates are generally a positive security signal.

What is PageManager's security score?

PageManager has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

PageManager Security & Risk Analysis

wordpress.org/plugins/pagemanager

Wordpress content management on a new level. Curate your posts and compose page blocks with a variety of layouts. The plugin PageManager is perfect fo …

0 active installs v1.0.9 PHP 5.6+ WP 5.0+ Updated Apr 5, 2022

category-pages-archive-pagescmscontent-curatorcontent-managementpage-manager

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is PageManager Safe to Use in 2026?

Generally Safe

Score 85/100

PageManager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The "pagemanager" plugin v1.0.9 exhibits a mixed security posture. While it demonstrates good practices like 100% use of prepared statements for SQL queries and a high rate of output escaping, several concerning signals exist. The presence of two dangerous functions, `unserialize` and `create_function`, is a significant red flag, as these can lead to remote code execution if not handled with extreme care. Furthermore, the plugin has an unprotected AJAX handler, which presents a direct attack vector. The taint analysis reveals three high-severity flows with unsanitized paths, indicating potential for data injection or manipulation. The lack of any recorded vulnerabilities in its history is positive, suggesting either robust development or a lack of past exploitation attempts, but this does not negate the risks identified in the static analysis. The conclusion is that while the plugin has strengths in data handling, the identified dangerous functions, unprotected entry points, and high-severity taint flows represent critical security concerns that require immediate attention.

Key Concerns

Unprotected AJAX handler
Dangerous function: unserialize
Dangerous function: create_function
High severity taint flows (3)
No nonce checks
Bundled library: Freemius v1.0

Vulnerabilities

None known

PageManager Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

PageManager Release Timeline

vpagemanager.v1.0.9

vpagemanager.v1.0.8

Code Analysis

Analyzed Apr 16, 2026

PageManager Code Analysis

Dangerous Functions

Raw SQL Queries

16 prepared

Unescaped Output

215 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$settings = unserialize($result[0]->settings);src/Model/Settings.php:289

create_function$paramName = preg_replace_callback('/([A-Z])/', create_function('$matches','return \'-\' . strtolowesrc/api/LoadMore.php:52

Bundled Libraries

Freemius1.0

SQL Query Safety

100% prepared16 total queries

Output Escaping

88% escaped245 total outputs

Data Flows · Security

4 unsanitized

Data Flow Analysis

5 flows4 with unsanitized paths

callbackMetabox (src/PageManagerAdmin.php:480)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

PageManager Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 1

authwp_ajax_pagemanager-helper-searchsrc/PageManagerAdmin.php:79

Shortcodes 1

[pagemanager] pagemanager.php:52

WordPress Hooks 16

actionplugins_loadedpagemanager.php:44

actionplugins_loadedpagemanager.php:45

filterposts_fieldssrc/Model/Post.php:288

filterposts_joinsrc/Model/Post.php:289

filterposts_wheresrc/Model/Post.php:290

filterposts_orderbysrc/Model/Post.php:291

filterpost_limitssrc/Model/Post.php:292

actioninitsrc/PageManager.php:84

actiontemplate_redirectsrc/PageManager.php:85

filterget_the_datesrc/PageManager.php:86

actiontemplate_includesrc/PageManager.php:87

actionadmin_bar_menusrc/PageManagerAdmin.php:77

actionadmin_menusrc/PageManagerAdmin.php:78

actionget_footersrc/PageManagerAdmin.php:80

actionadd_meta_boxessrc/PageManagerAdmin.php:83

actionadmin_enqueue_scriptssrc/PageManagerAdmin.php:366

Maintenance & Trust

PageManager Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13

Last updatedApr 5, 2022

PHP min version5.6

Downloads3K

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

PageManager Alternatives

Navigation Du Lapin Blanc

navigation-du-lapin-blanc

This plugin provides integrated navigation for your website. Use WordPress as a CMS for your website and think in navigation terms (main, sub etc.)

30 1 unpatched

bCMS

bcms

A suite of tools that improve WordPress' CMS capabilities.

10 No CVEs

bSuite

bsuite

A suite of tools used to help surface interesting and popular stories as well as improve WordPress' CMS capabilities as an application platform.

10 1 CVE

Table of Contents Plus

table-of-contents-plus

A powerful yet user friendly plugin that automatically creates a table of contents. Can also output a sitemap listing all pages and categories.

200K 5 CVEs

White Label CMS

white-label-cms

Customise dashboard panels and branding, hide menus plus lots more.

200K 7 CVEs

Developer Profile

PageManager Developer Profile

AiSquire

1 plugin · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect PageManager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/pagemanager/css/style.css/wp-content/plugins/pagemanager/css/pagemanager.css/wp-content/plugins/pagemanager/js/pagemanager.js/wp-content/plugins/pagemanager/js/script.js

Script Paths

/wp-content/plugins/pagemanager/js/pagemanager.js/wp-content/plugins/pagemanager/js/script.js

Version Parameters

pagemanager/css/style.css?ver=pagemanager/css/pagemanager.css?ver=pagemanager/js/pagemanager.js?ver=pagemanager/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

pagemanagerpm-layout-creator-containerpm-layout-creator-rowpm-layout-creator-columnpm-layout-creator-blockpm-layout-creator-block-handlepm-layout-creator-block-settingspm-layout-creator-settings-panel+20 more

HTML Comments

Data Attributes

data-pm-block-iddata-pm-block-typedata-pm-column-iddata-pm-row-id

JS Globals

Pagemanager

Shortcode Output

[pagemanager]

FAQ

PageManager Security & Risk Analysis

Is PageManager Safe to Use in 2026?

Generally Safe

Key Concerns

PageManager Security Vulnerabilities

PageManager Release Timeline

PageManager Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

PageManager Attack Surface

AJAX Handlers 1

Shortcodes 1

PageManager Maintenance & Trust

Maintenance Signals

Community Trust

PageManager Alternatives

Navigation Du Lapin Blanc

bCMS

bSuite

Table of Contents Plus

White Label CMS

PageManager Developer Profile

How We Detect PageManager

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about PageManager