Does Point Maker have any unpatched vulnerabilities?

Yes — Point Maker currently has 1 published unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Point Maker compatible with WordPress 6.9.4?

According to WordPress.org data, Point Maker 0.1.7 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Point Maker compatible with PHP 5.6.0+?

Point Maker requires PHP 5.6.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Point Maker updated?

Point Maker was last updated on Jan 3, 2026. Frequent updates are generally a positive security signal.

What is Point Maker's security score?

Point Maker has a WP-Safety security score of 76/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Point Maker Security & Risk Analysis

wordpress.org/plugins/point-maker

Make a frame that can be easily used for the main points.

100 active installs v0.1.7 PHP 5.6.0+ WP 3.9.3+ Updated Jan 3, 2026

borderboxframemainpoint

B · Generally Safe

CVEs total2

Unpatched1

Last CVEMar 4, 2025

Download

Safety Verdict

Is Point Maker Safe to Use in 2026?

Mostly Safe

Score 76/100

Point Maker is generally safe to use. 2 past CVEs were resolved.

2 known CVEs 1 unpatched Last CVE: Mar 4, 2025Updated 4mo ago

Risk Assessment

The "point-maker" plugin v0.1.7 exhibits a mixed security posture. On the positive side, static analysis reveals a small attack surface with no identified unprotected entry points, no dangerous functions, and a strong adherence to using prepared statements for all SQL queries. The plugin also demonstrates good output escaping practices with 94% of outputs properly handled. However, significant concerns arise from its vulnerability history. The plugin has a history of two known CVEs, with one still unpatched, including a high-severity Cross-Site Scripting vulnerability and a medium-severity PHP Remote File Inclusion vulnerability. This pattern indicates a recurring struggle with input sanitization and secure coding practices, despite some strengths in other areas.

Key Concerns

Unpatched High Severity CVE
Unpatched Medium Severity CVE
No Nonce Checks
No Capability Checks
Bundled Outdated Library (TinyMCE)

Vulnerabilities

2 published

Point Maker Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

High

Medium

2 total CVEs

CVE-2024-12815medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Point Maker <= 0.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

Mar 4, 2025Unpatched

CVE-2024-49317high · 8.8Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Point Maker <= 0.1.4 - Authenticated (Contributor+) Local File Inclusion

Oct 15, 2024 Patched in 0.1.5 (4d)

Version History

Point Maker Release Timeline

v0.1.7Current1 CVE

CVE-2024-12815

v0.1.61 CVE

CVE-2024-12815

v0.1.51 CVE

CVE-2024-12815

v0.1.42 CVEs

CVE-2024-12815 CVE-2024-49317

v0.1.32 CVEs

CVE-2024-12815 CVE-2024-49317

v0.1.22 CVEs

CVE-2024-12815 CVE-2024-49317

v0.1.12 CVEs

CVE-2024-12815 CVE-2024-49317

v0.1.02 CVEs

CVE-2024-12815 CVE-2024-49317

v0.0.92 CVEs

CVE-2024-12815 CVE-2024-49317

v0.0.82 CVEs

CVE-2024-12815 CVE-2024-49317

v0.0.72 CVEs

CVE-2024-12815 CVE-2024-49317

v0.0.62 CVEs

CVE-2024-12815 CVE-2024-49317

v0.0.52 CVEs

CVE-2024-12815 CVE-2024-49317

v0.0.42 CVEs

CVE-2024-12815 CVE-2024-49317

v0.0.32 CVEs

CVE-2024-12815 CVE-2024-49317

v0.0.22 CVEs

CVE-2024-12815 CVE-2024-49317

Code Analysis

Analyzed Mar 16, 2026

Point Maker Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

34 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

TinyMCE

Output Escaping

94% escaped36 total outputs

Attack Surface

Point Maker Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[point_maker] inc\admin\admin.php:101

[point_maker] shortcode.php:162

WordPress Hooks 12

actionplugins_loadedinc\admin\admin.php:9

actionadmin_enqueue_scriptsinc\admin\admin.php:60

actionadmin_print_footer_scriptsinc\admin\admin.php:77

filtermce_buttonsinc\admin\admin.php:82

filtermce_external_pluginsinc\admin\admin.php:83

actionadmin_initinc\admin\admin.php:86

actionadmin_footerinc\admin\admin.php:116

actionenqueue_block_editor_assetsinc\admin\admin.php:119

actioncustomize_controls_enqueue_scriptsinc\admin\admin.php:131

actioncustomize_registerinc\admin\admin.php:135

filterthe_postsshortcode.php:116

actionwp_enqueue_scriptsshortcode.php:117

Maintenance & Trust

Point Maker Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 3, 2026

PHP min version5.6.0

Downloads6K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

Point Maker Alternatives

WP Magnific Popup

wp-magnific-popup

Plugin to add the Magnific Popup lightbox script to wordpress site for single images, image galleries, video, maps, dialog popups and other.

1K No CVEs

NutsForPress Maintenance Mode

nutsforpress-maintenance-mode

100

With NutsForPress Maintenance Mode you can redirect not logged users to a defined page or hide website content at defined breakpoints.

50 No CVEs

Feature Add-Ons For Booked

feature-add-ons-for-booked

Extending the capabilities of Boxy Studio's Booked Appointments plugin.

40 No CVEs

AS Metabox

as-metabox

As Metabox Easy To Use WordPress Metabox Framework.

0 No CVEs

Discko

discko

100

Integrate Discko.io forms into WordPress with customizable floating button or iframe embed options.

0 No CVEs

Developer Profile

Point Maker Developer Profile

ZIPANG

5 plugins · 330 total installs

trust score

Avg Security Score

86/100

Avg Patch Time

4 days

View full developer profile

Detection Fingerprints

How We Detect Point Maker

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/point-maker/css/admin/post.min.css/wp-content/plugins/point-maker/css/font/style.min.css/wp-content/plugins/point-maker/css/base.min.css

Script Paths

/wp-content/plugins/point-maker/js/admin/post_base.min.js/wp-content/plugins/point-maker/js/admin/post_content.min.js/wp-content/plugins/point-maker/js/admin/post_icon.min.js/wp-content/plugins/point-maker/js/admin/post_title.min.js/wp-content/plugins/point-maker/js/admin/post_style.min.js/wp-content/plugins/point-maker/js/admin/post_submit.min.js+2 more

Version Parameters

point-maker/css/admin/post.min.css?ver=point-maker/css/font/style.min.css?ver=point-maker/css/base.min.css?ver=point-maker/js/admin/post_base.min.js?ver=point-maker/js/admin/post_content.min.js?ver=point-maker/js/admin/post_icon.min.js?ver=point-maker/js/admin/post_title.min.js?ver=point-maker/js/admin/post_style.min.js?ver=point-maker/js/admin/post_submit.min.js?ver=point-maker/js/admin/post_setup.min.js?ver=point-maker/js/admin/tinymce/tinymce.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

point-maker-modalpoint-maker-modal-closepoint-maker-modal-contentpoint-maker-modal-body

Data Attributes

id="point_maker_modal_open"

JS Globals

window.point_maker_typewindow.point_maker_colorswindow.point_maker_iconswindow.point_maker_translations

FAQ

Point Maker Security & Risk Analysis

Is Point Maker Safe to Use in 2026?

Mostly Safe

Key Concerns

Point Maker Security Vulnerabilities

CVEs by Year

Severity Breakdown

Point Maker Release Timeline

Point Maker Code Analysis

Bundled Libraries

Output Escaping

Point Maker Attack Surface

Shortcodes 2

Point Maker Maintenance & Trust

Maintenance Signals

Community Trust

Point Maker Alternatives

WP Magnific Popup

NutsForPress Maintenance Mode

Feature Add-Ons For Booked

AS Metabox

Discko

Point Maker Developer Profile

How We Detect Point Maker

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Point Maker