Does Pending Indicator have any unpatched vulnerabilities?

No. All known vulnerabilities in Pending Indicator have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Pending Indicator compatible with WordPress 3.7.41?

According to WordPress.org data, Pending Indicator 1.1 has been tested up to WordPress 3.7.41. Check the plugin's changelog for the latest compatibility information.

How often is Pending Indicator updated?

Pending Indicator was last updated on Dec 18, 2013. Frequent updates are generally a positive security signal.

What is Pending Indicator's security score?

Pending Indicator has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Pending Indicator Security & Risk Analysis

wordpress.org/plugins/pending-inidicator

Show the number of pending posts waiting for approval in the admin menu, if any. Also automatically supports custom post types.

200 active installs v1.1 PHP + WP 3.5+ Updated Dec 18, 2013

admin-menuindicatorpendingpending-postsposts

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Pending Indicator Safe to Use in 2026?

Generally Safe

Score 85/100

Pending Indicator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 12yr ago

Risk Assessment

The 'pending-indicator' plugin version 1.1 exhibits an exceptionally strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface. Furthermore, the code signals indicate robust security practices, with no dangerous functions, all SQL queries using prepared statements, and all output properly escaped. The lack of file operations, external HTTP requests, and critically, the absence of nonce and capability checks, while unusual for interactive plugins, contribute to a low-risk profile in terms of direct code vulnerabilities. The plugin also has no recorded vulnerability history, further reinforcing its secure reputation.

Vulnerabilities

None known

Pending Indicator Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Pending Indicator Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Pending Indicator Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

filteradd_menu_classespending-indicator.php:75

Maintenance & Trust

Pending Indicator Maintenance & Trust

Maintenance Signals

WordPress version tested3.7.41

Last updatedDec 18, 2013

PHP min version

Downloads3K

Community Trust

Rating100/100

Number of ratings4

Active installs200

Alternatives

Pending Indicator Alternatives

Contributor Notifications

contributor-notifications

100

An incredibly simple and lightweight solution for alerting you of new pending posts from contributors and alerting contributors when their submissions …

80 No CVEs