Post Navigator Security & Risk Analysis
wordpress.org/plugins/post-navigatorAdds simple navigation tools to the admin area when editing or creating posts, allowing for quick and time saving navigation
Is Post Navigator Safe to Use in 2026?
Generally Safe
Score 85/100Post Navigator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "post-navigator" plugin v1.3.4 exhibits a mixed security posture. While it demonstrates good practices in several areas, including the absence of dangerous functions, SQL injection risks, and external HTTP requests, significant concerns arise from its attack surface and input sanitization. The presence of an unprotected AJAX handler represents a critical entry point that could be exploited by unauthenticated users. Furthermore, the taint analysis reveals flows with unsanitized paths, indicating potential vulnerabilities if user-supplied data is not properly handled before being processed.
The plugin's vulnerability history is currently clean, with no known CVEs recorded. This suggests a potentially well-maintained codebase or a lack of past scrutiny. However, this clean history, combined with the identified weaknesses in the static analysis, should not be interpreted as a guarantee of future security. The unprotected AJAX handler and unsanitized taint flows are clear indicators of immediate risk that require attention.
In conclusion, the "post-navigator" plugin has strengths in its avoidance of common risky practices. However, the identified unprotected AJAX handler and unsanitized taint flows are serious security weaknesses that significantly elevate the risk profile. The absence of known vulnerabilities is a positive, but it doesn't negate the existing code-level risks. Developers should prioritize addressing these entry points and sanitization issues.
Key Concerns
- Unprotected AJAX handler
- Flows with unsanitized paths
- Missing nonce checks on AJAX
- Unescaped output (25% of outputs)
- Missing capability checks
Post Navigator Security Vulnerabilities
Post Navigator Code Analysis
Output Escaping
Data Flow Analysis
Post Navigator Attack Surface
AJAX Handlers 1
WordPress Hooks 7
Maintenance & Trust
Post Navigator Maintenance & Trust
Maintenance Signals
Community Trust
Post Navigator Alternatives
Keep Pagination in Same Taxonomy
keep-pagination-in-same-taxonomy
Makes any previous/next post links use the same taxonomy as the current post.
WP Post Navigation
wp-post-navigation
Show Next and Previous Post Links at Posts.
Loop Post Navigation Links
loop-post-navigation-links
Template tags (for use in single.php) to create post navigation loop (previous to first post is last post; next/after last post is first post).
Admin Posts Navigation
admin-posts-navigation
Navigate between posts and pages without returning to the post list. Works with Classic Editor, Gutenberg, and all Custom Post Types.
RP Post Nav
rp-post-nav
Show Next and Previous Post Links, Thumbnails or Excerpt at Posts, Pages, Media or Custom Post Types.
Post Navigator Developer Profile
4 plugins · 710 total installs
How We Detect Post Navigator
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/post-navigator/assets/styles/style.css/wp-content/plugins/post-navigator/assets/js/scripts.js/wp-content/plugins/post-navigator/assets/js/scripts.jspost-navigator/assets/styles/style.css?ver=post-navigator/assets/js/scripts.js?ver=HTML / DOM Fingerprints
post-navigatoraction-titlepost-save-action-id-parentpost-navigator-buttonspost-navigator-prevpost-navigator-nextid="post-navigator"id="action-box"id="post-save-action"id="post-save-action-id"id="post_type"id="exclude"+4 moreAJAX.urlAJAX.template_directory/wp-json/post-navigator/