WP-Safety

Pronamic Subscriptions Security & Risk Analysis

wordpress.org/plugins/pronamic-subscriptions

This plugin add some basic subscription functionalities to WordPress.

10 active installs v1.0.2 PHP + WP 3.0+ Updated Jul 21, 2014
companiespronamic
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Pronamic Subscriptions Safe to Use in 2026?

Generally Safe

Score 85/100

Pronamic Subscriptions has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago
Risk Assessment

This plugin exhibits a very strong security posture based on the provided static analysis. The absence of any identified attack surface entry points, coupled with a complete lack of direct SQL queries and a commendable effort in output escaping, suggests diligent security practices during development. The presence of nonce and capability checks further bolsters its defensibility against common WordPress attack vectors. The vulnerability history being completely clean with zero recorded CVEs reinforces this positive outlook, indicating a stable and well-maintained codebase over time.

However, the static analysis also reveals a potential area for concern regarding output escaping. While there are outputs being processed, only 31% are properly escaped. This leaves a significant portion of output vulnerable to cross-site scripting (XSS) attacks if not handled with extreme care in the remaining unescaped portions. The lack of taint analysis results (0 flows analyzed) means that the effectiveness of the sanitization and escaping measures, particularly in complex data flows, cannot be definitively assessed. Without any identified vulnerabilities to date, the plugin has performed admirably, but the unescaped output remains a notable weakness that could be exploited.

Key Concerns

  • Unescaped output is a concern
Vulnerabilities
None known

Pronamic Subscriptions Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Pronamic Subscriptions Release Timeline

v1.0.2Current
v1.0.1
v1.0.0
v0.2.0
v0.1
Code Analysis
Analyzed Mar 17, 2026

Pronamic Subscriptions Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
9
4 escaped
Nonce Checks
2
Capability Checks
5
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

31% escaped13 total outputs
Attack Surface

Pronamic Subscriptions Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 11
actiongform_field_advanced_settingsincludes\gravityforms.php:23
actiongform_editor_jsincludes\gravityforms.php:41
actiongform_pre_renderincludes\gravityforms.php:225
actiongform_admin_pre_renderincludes\gravityforms.php:226
actioninitpronamic-subscriptions.php:45
actionadmin_initpronamic-subscriptions.php:46
filtermanage_pronamic_subs_posts_columnspronamic-subscriptions.php:100
filtermanage_pronamic_subs_posts_custom_columnpronamic-subscriptions.php:101
actionadd_meta_boxespronamic-subscriptions.php:103
actionsave_postpronamic-subscriptions.php:105
actionsave_postpronamic-subscriptions.php:106
Maintenance & Trust

Pronamic Subscriptions Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40
Last updatedJul 21, 2014
PHP min version
Downloads2K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

Pronamic Subscriptions Alternatives

WP LinkedIn Auto Publish

WP LinkedIn Auto Publish

wp-linkedin-auto-publish

A
100

WP LinkedIn Auto Publish automatically publishes posts, custom posts and pages to your LinkedIn profile and/or company pages.

8K 1 CVE
Pronamic Pay

Pronamic Pay

pronamic-ideal

A
100

The Pronamic Pay plugin adds payment methods like iDEAL, Bancontact, credit card and more to your WordPress site for a variety of payment providers.

3K No CVEs
MAS Companies For WP Job Manager

MAS Companies For WP Job Manager

mas-wp-job-manager-company

A
99

MAS Companies For WP Job Manager is a free plugin that allow you to manage companies from the WordPress admin panel, and allow employers to post their …

2K 1 CVE
WP Job Manager – Company Profiles

WP Job Manager – Company Profiles

wp-job-manager-companies

A
91

Outputs a list of all companies that have submitted jobs with links to their listings and profile.

2K 1 CVE
Pronamic Google Maps

Pronamic Google Maps

pronamic-google-maps

A
98

This plugin makes it easy to add Google Maps to your WordPress post, pages or other custom post types.

1K 2 CVEs
Developer Profile

Pronamic Subscriptions Developer Profile

Pronamic

16 plugins · 5K total installs

98
trust score
Avg Security Score
97/100
Avg Patch Time
6 days
View full developer profile
Detection Fingerprints

How We Detect Pronamic Subscriptions

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/pronamic-subscriptions/admin/css/meta-box-subscription-details.css/wp-content/plugins/pronamic-subscriptions/admin/js/meta-box-subscription-details.js
Script Paths
/wp-content/plugins/pronamic-subscriptions/admin/js/meta-box-subscription-details.js
Version Parameters
pronamic-subscriptions/admin/css/meta-box-subscription-details.css?ver=pronamic-subscriptions/admin/js/meta-box-subscription-details.js?ver=

HTML / DOM Fingerprints

CSS Classes
pronamic-subscription-details-wrap
HTML Comments
<!-- begin meta box subscription details --><!-- end meta box subscription details --><!-- begin meta box subscription capabilities --><!-- end meta box subscription capabilities -->+2 more
Data Attributes
name="pronamic_subscription_price"name="pronamic_subscription_role"name="pronamic_subscription_id"
FAQ

Frequently Asked Questions about Pronamic Subscriptions