Does Post Type Icons have any unpatched vulnerabilities?

No. All known vulnerabilities in Post Type Icons have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Post Type Icons compatible with WordPress 3.9.40?

According to WordPress.org data, Post Type Icons 0.2.2 has been tested up to WordPress 3.9.40. Check the plugin's changelog for the latest compatibility information.

How often is Post Type Icons updated?

Post Type Icons was last updated on Apr 25, 2014. Frequent updates are generally a positive security signal.

What is Post Type Icons's security score?

Post Type Icons has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Post Type Icons Security & Risk Analysis

wordpress.org/plugins/post-type-icons

Quickly and easily add Font Awesome icons to your custom post types.

100 active installs v0.2.2 PHP + WP 3.6+ Updated Apr 25, 2014

custom-post-typecustom-post-typesfont-awesomeiconspizzazz

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Post Type Icons Safe to Use in 2026?

Generally Safe

Score 85/100

Post Type Icons has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The "post-type-icons" plugin v0.2.2 demonstrates a strong adherence to several security best practices, including a complete absence of SQL queries that are not prepared and no detected dangerous functions or file operations. The plugin also reports zero known vulnerabilities, including no critical or high severity CVEs, which is a positive indicator of its historical security record. However, a significant concern arises from the total lack of output escaping, meaning that any data processed and displayed by the plugin could be vulnerable to Cross-Site Scripting (XSS) attacks. While the attack surface appears minimal with no identified AJAX handlers, REST API routes, shortcodes, or cron events without proper checks, this is offset by the complete lack of output sanitization.

Key Concerns

100% of outputs are not properly escaped

Vulnerabilities

None known

Post Type Icons Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Post Type Icons Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped10 total outputs

Attack Surface

Post Type Icons Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 7

actionpti_plugin_icon_demosfont-awesome\class-pti-font-awesome.php:36

actionpti_plugin_set_icon_font_awesomefont-awesome\class-pti-font-awesome.php:37

actionpti_plugin_icon_cssfont-awesome\class-pti-font-awesome.php:69

actionadmin_print_stylespost-type-icons.php:54

actioninitpost-type-icons.php:55

actionadmin_menupost-type-icons.php:57

actionafter_setup_themepost-type-icons.php:106

Maintenance & Trust

Post Type Icons Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40

Last updatedApr 25, 2014

PHP min version

Downloads6K

Community Trust

Rating92/100

Number of ratings5

Active installs100

Alternatives

Post Type Icons Alternatives

WebMan Amplifier

webman-amplifier

Amplifies functionality of WP themes. Provides custom post types, shortcodes, metaboxes, icons. Theme developer's best friend!

2K 1 CVE

Custom Post Type UI

custom-post-type-ui

Admin UI for creating custom content types like post types and taxonomies

1.0M 4 CVEs

Meta Box

meta-box

Meta Box plugin is a powerful, professional developer toolkit to create custom meta boxes and custom fields for your custom post types in WordPress.

500K 6 CVEs

Pods – Custom Content Types and Fields

pods

Pods is a framework for creating, managing, and deploying customized content types and fields for any project.

100K 14 CVEs

Sydney Toolbox

sydney-toolbox

Registers custom post types and custom fields for the Sydney theme

60K 5 CVEs

Developer Profile

Post Type Icons Developer Profile

Matthew Boynes

6 plugins · 8K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Post Type Icons

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/post-type-icons/font-awesome/css/font-awesome.min.css

HTML / DOM Fingerprints

CSS Classes

pti_icons

FAQ