Does Pages Posts have any unpatched vulnerabilities?

No. All known vulnerabilities in Pages Posts have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Pages Posts compatible with WordPress 3.0.5?

According to WordPress.org data, Pages Posts 2.1 has been tested up to WordPress 3.0.5. Check the plugin's changelog for the latest compatibility information.

How often is Pages Posts updated?

Pages Posts was last updated on Dec 29, 2010. Frequent updates are generally a positive security signal.

What is Pages Posts's security score?

Pages Posts has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Pages Posts Security & Risk Analysis

wordpress.org/plugins/pages-posts

Amend pages and put posts inside them - either by category or tag

100 active installs v2.1 PHP + WP 2.9.1+ Updated Dec 29, 2010

pagespostsposts-in-pages

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Pages Posts Safe to Use in 2026?

Generally Safe

Score 85/100

Pages Posts has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 15yr ago

Risk Assessment

The 'pages-posts' v2.1 plugin presents a mixed security posture. On the positive side, there are no identified CVEs in its history, suggesting a generally stable development. Furthermore, the static analysis shows no dangerous functions, file operations, or external HTTP requests, which are common vectors for exploitation. All SQL queries utilize prepared statements, a crucial best practice for preventing SQL injection. The attack surface appears minimal with zero AJAX handlers, REST API routes, shortcodes, and cron events exposed.

Key Concerns

All output escaping is missing
All flows with unsanitized paths
No nonce checks implemented
No capability checks implemented

Vulnerabilities

None known

Pages Posts Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Pages Posts Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared4 total queries

Output Escaping

0% escaped20 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths

pagesPostsAdmin (functions.php:241)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Pages Posts Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

filterloop_startfunctions.php:115

filterthe_contentfunctions.php:123

filterpre_option_page_for_postsfunctions.php:127

actionadmin_menupages-posts.php:16

actionadmin_headpages-posts.php:18

actiontemplate_redirectpages-posts.php:22

Maintenance & Trust

Pages Posts Maintenance & Trust

Maintenance Signals

WordPress version tested3.0.5

Last updatedDec 29, 2010

PHP min version

Downloads35K

Community Trust

Rating100/100

Number of ratings3

Active installs100

Alternatives

Pages Posts Alternatives

Duplicate Post

copy-delete-posts

Duplicate post

300K 2 CVEs

Display Posts – Easy lists, grids, navigation, and more

display-posts-shortcode

Add a listing of content on your website using a simple shortcode. Filter the results by category, author, and more.

80K No CVEs

CMS Tree Page View

cms-tree-page-view

Adds a tree view of all pages & custom posts. Get a great overview + options to drag & drop to reorder & option to add multiple pages.

50K 3 CVEs

Sitemap by BestWebSoft – WordPress XML Site Map Page Generator Plugin

google-sitemap-plugin

100

Generate and add XML sitemap to WordPress website. Help search engines index your blog.

20K 1 CVE

Clone Posts

clone-posts

100

Easily clone (duplicate) Posts, Pages and Custom Post Types, including their custom fields (post_meta)

10K No CVEs

Developer Profile

Pages Posts Developer Profile

rgubby

5 plugins · 180 total installs

trust score

Avg Security Score

88/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Pages Posts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/pages-posts/css/pages-posts.css/wp-content/plugins/pages-posts/js/pages-posts.js

Script Paths

/wp-content/plugins/pages-posts/js/pages-posts.js

Version Parameters

pages-posts/css/pages-posts.css?ver=pages-posts/js/pages-posts.js?ver=

HTML / DOM Fingerprints

FAQ