Query Multiple Taxonomies Security & Risk Analysis
wordpress.org/plugins/query-multiple-taxonomiesFilter posts through multiple taxonomies.
Is Query Multiple Taxonomies Safe to Use in 2026?
Generally Safe
Score 85/100Query Multiple Taxonomies has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The plugin "query-multiple-taxonomies" v1.6.2 exhibits a generally good security posture based on the provided static analysis. The absence of known vulnerabilities and the fact that all identified attack surface points are protected are strong indicators of a well-maintained and secure codebase. The plugin also avoids the use of dangerous functions and external HTTP requests, further contributing to its safety.
However, there are some areas of concern highlighted by the static analysis. Specifically, the taint analysis reveals four "high severity" flows with unsanitized paths. While the absence of direct SQL injection risks due to prepared statements is positive, these unsanitized paths could potentially lead to other vulnerabilities if not handled carefully. Furthermore, the output escaping is not consistently applied, with only 17% of outputs being properly escaped, which could expose the application to cross-site scripting (XSS) vulnerabilities.
In conclusion, while the plugin benefits from a clean vulnerability history and a protected attack surface, the high number of unsanitized paths in taint flows and the low rate of output escaping present notable risks. Addressing these specific code-level concerns would significantly improve the plugin's overall security.
Key Concerns
- High severity taint flows with unsanitized paths
- Low percentage of properly escaped output
Query Multiple Taxonomies Security Vulnerabilities
Query Multiple Taxonomies Release Timeline
Query Multiple Taxonomies Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Query Multiple Taxonomies Attack Surface
WordPress Hooks 14
Maintenance & Trust
Query Multiple Taxonomies Maintenance & Trust
Maintenance Signals
Community Trust
Query Multiple Taxonomies Alternatives
Bellows Accordion Menu
bellows-accordion-menu
A flexible and robust accordion menu plugin
Custom Post Type Widgets
custom-post-type-widgets
Custom Post Type Widgets plugin adds default custom post type widgets.
List Custom Taxonomy Widget
list-custom-taxonomy-widget
The List Custom Taxonomy Widget is a quick and easy way to display custom taxonomies. Simply choose the taxonomy name you want to display from an auto …
WP Categories Widget
wp-categories-widget
Display the list of categories for any taxonomies type (WooCommerce Product Category, Blog Category, Project Category...etc) in sidebar
Brands for WooCommerce
brands-for-woocommerce
Brands for WooCommerce plugin allows you to add brands for products in your shop.
Query Multiple Taxonomies Developer Profile
24 plugins · 28K total installs
How We Detect Query Multiple Taxonomies
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/query-multiple-taxonomies/js/admin.js/wp-content/plugins/query-multiple-taxonomies/css/admin.css/wp-content/plugins/query-multiple-taxonomies/js/admin.jsquery-multiple-taxonomies/js/admin.js?ver=query-multiple-taxonomies/css/admin.css?ver=HTML / DOM Fingerprints
qmt-widget-wrapqmt-taxonomy-selectqmt-term-select<!-- BEGIN QMT Widget --><!-- END QMT Widget --><!-- QMT Admin Settings -->data-qmt-taxonomy-idsdata-qmt-term-idsqmt_get_terms[query_multiple_taxonomies]