Does Plugins In Groups have any unpatched vulnerabilities?

No. All known vulnerabilities in Plugins In Groups have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Plugins In Groups compatible with WordPress 4.9.29?

According to WordPress.org data, Plugins In Groups 1.0.2 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

Is Plugins In Groups compatible with PHP 5.0+?

Plugins In Groups requires PHP 5.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Plugins In Groups updated?

Plugins In Groups was last updated on Sep 5, 2018. Frequent updates are generally a positive security signal.

What is Plugins In Groups's security score?

Plugins In Groups has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Plugins In Groups Security & Risk Analysis

wordpress.org/plugins/plugins-in-groups

Organize the WP plugins in the groups. With this plugin you can keep your plugins page clear, manage them in bulk and filter plugins by the tags.

10 active installs v1.0.2 PHP 5.0+ WP 3.9+ Updated Sep 5, 2018

plugin-filterplugin-groupplugin-groupspluginsplugins-groups

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Plugins In Groups Safe to Use in 2026?

Generally Safe

Score 85/100

Plugins In Groups has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

The plugin "plugins-in-groups" v1.0.2 exhibits a generally good security posture based on the provided static analysis and vulnerability history. The absence of shortcodes, cron events, and REST API routes, coupled with only two AJAX entry points (both protected), significantly limits the attack surface. Furthermore, the plugin demonstrates strong practices in SQL query handling by using prepared statements exclusively. The presence of nonce checks and a decent percentage of properly escaped outputs are also positive indicators.

However, a significant concern arises from the presence of 14 instances of the `unserialize` function. While taint analysis did not reveal any immediate unsanitized flows, `unserialize` is inherently risky as it can lead to remote code execution if used with untrusted data. The complete absence of capability checks on its entry points is another notable weakness, meaning that any user, regardless of their role, could potentially trigger these AJAX actions. The plugin's history of zero known CVEs is positive but cannot fully mitigate the inherent risks associated with the aforementioned code signals, especially the widespread use of `unserialize` without apparent sanitization or permission checks.

In conclusion, while the plugin benefits from a small attack surface and good SQL practices, the heavy reliance on `unserialize` and the lack of capability checks present considerable risks. These areas require careful scrutiny and potential remediation to ensure the plugin's long-term security.

Key Concerns

14 instances of unserialize function
No capability checks on entry points
71% output escaping (potential XSS)

Vulnerabilities

None known

Plugins In Groups Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Plugins In Groups Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

12 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$groups = unserialize( get_option( 'pig_groups' ) );plugins-in-groups.php:60

unserialize$plugin_groups = unserialize( get_option( 'pig_' . $plugin_file ) );plugins-in-groups.php:65

unserialize$current_groups = unserialize( get_option( 'pig_' . $plugin_file ) );plugins-in-groups.php:71

unserialize$groups = unserialize( get_option( 'pig_groups' ) );plugins-in-groups.php:85

unserialize$plugin_groups = unserialize( get_option( 'pig_' . $plugin_file ) );plugins-in-groups.php:90

unserialize$current_groups = unserialize( get_option( 'pig_' . $plugin_file ) );plugins-in-groups.php:99

unserialize$groups = unserialize( get_option( 'pig_groups' ) );plugins-in-groups.php:113

unserialize$groups = unserialize( get_option( 'pig_groups' ) );plugins-in-groups.php:153

unserialize$groups = unserialize( get_option( 'pig_groups' ) );plugins-in-groups.php:174

unserialize$groups = unserialize( get_option( 'pig_' . $plugin_name ) );plugins-in-groups.php:185

unserialize$all_groups = unserialize( get_option( 'pig_groups' ) );plugins-in-groups.php:214

unserialize$selected_groups = unserialize( get_option( 'pig_' . $file ) );plugins-in-groups.php:215

unserialize$current_groups = unserialize( get_option( 'pig_' . $file ) );plugins-in-groups.php:223

unserialize$current_plugin_groups = unserialize( get_option( 'pig_' . $name ) );plugins-in-groups.php:250

Output Escaping

71% escaped17 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

assign_to_group (plugins-in-groups.php:59)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Plugins In Groups Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_assign_to_groupplugins-in-groups.php:28

authwp_ajax_reassign_from_groupplugins-in-groups.php:29

WordPress Hooks 8

actionadmin_enqueue_scriptsplugins-in-groups.php:18

actionadmin_enqueue_scriptsplugins-in-groups.php:19

actionadmin_initplugins-in-groups.php:20

actionadmin_initplugins-in-groups.php:21

actionpre_current_active_pluginsplugins-in-groups.php:22

filterplugin_row_metaplugins-in-groups.php:24

filterall_pluginsplugins-in-groups.php:25

filterviews_pluginsplugins-in-groups.php:26

Maintenance & Trust

Plugins In Groups Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedSep 5, 2018

PHP min version5.0

Downloads1K

Community Trust

Rating100/100

Number of ratings3

Active installs10

Alternatives

Plugins In Groups Alternatives

Plugin Groups

plugin-groups

Organize plugins in the Plugins Admin Page by creating groups and filter types

1K 1 CVE

WP Plugin Packer

wp-plugin-packer

WP Plugin Packer lets you create plugin packs (=groups) to export and import to various WordPress websites.

10 No CVEs

WP Rollback – Rollback Plugins and Themes

wp-rollback

Rollback (or forward) any WordPress.org plugin, theme, or block like a boss.

300K 2 CVEs

Download Plugin

download-plugin

Download any plugin from your WordPress admin panel's Plugins page by just one click! Now, download themes, users, blog posts, pages, custom post …

50K 5 CVEs

Advanced Automatic Updates

automatic-updater

Adds extra options to WordPress' built-in Automatic Updates feature.

30K No CVEs

Developer Profile

Plugins In Groups Developer Profile

Karol Sawka

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Plugins In Groups

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/plugins-in-groups/admin/css/pig-style.css/wp-content/plugins/plugins-in-groups/admin/js/pig-script.js

Script Paths

/wp-content/plugins/plugins-in-groups/admin/js/pig-script.js

Version Parameters

plugins-in-groups/admin/js/pig-script.js?ver=

HTML / DOM Fingerprints

CSS Classes

pig_plugin_grouppig-new-group-info

Data Attributes

id="pig_plugin_group"id="pig_new_group_name"id="pig_add_new"id="pig_remove_group"id="pig-add-group-nonce"id="pig-assign-to-group-nonce"+2 more

JS Globals

assign-to-groupreassign-from-group

FAQ