Does recipe-master have any unpatched vulnerabilities?

No. All known vulnerabilities in recipe-master have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is recipe-master compatible with WordPress 6.9.4?

According to WordPress.org data, recipe-master 1.7.9 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is recipe-master compatible with PHP 5.6+?

recipe-master requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is recipe-master updated?

recipe-master was last updated on Unknown. Frequent updates are generally a positive security signal.

What is recipe-master's security score?

recipe-master has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

recipe-master Security & Risk Analysis

wordpress.org/plugins/recipe-master

Professional Recipe management and pricing for small businesses (chocolatiers, bakeries, cafes etc.)

0 active installs v1.7.9 PHP 5.6+ WP 5.3+ Updated Unknown

cookingfoodreciperecipesschema

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is recipe-master Safe to Use in 2026?

Generally Safe

Score 100/100

recipe-master has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "recipe-master" v1.7.9 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of any recorded vulnerabilities (CVEs) and the plugin's diligent use of prepared statements for SQL queries, proper output escaping, nonce checks, and capability checks are significant strengths. The total entry points are limited to shortcodes, and crucially, none of these are found to be unprotected, indicating a well-managed attack surface. Furthermore, the taint analysis reveals no unsanitized flows, which is a very positive indicator of secure coding practices regarding data handling.

Despite the overall positive assessment, there are two minor areas of concern. The presence of the `unserialize` function is a potential risk. While no unsanitized flows were detected in the taint analysis, `unserialize` can become a vulnerability if it's ever used with user-supplied or untrusted data without prior sanitization or validation. Additionally, the bundled Freemius library is a bundled library and its version (v1.0) might be outdated, potentially introducing unpatched vulnerabilities if the library itself has known issues. These are relatively low risks given the other security controls in place and the lack of historical vulnerabilities, but they represent areas that warrant attention for absolute security.

In conclusion, "recipe-master" v1.7.9 appears to be a secure plugin with robust security implementations. The developers have clearly prioritized security by implementing strong input validation and output sanitization, and maintaining a clean vulnerability history. The use of `unserialize` and the potentially outdated bundled library are the only points of caution, and these are minor compared to the overall secure design.

Key Concerns

Dangerous function found: unserialize
Bundled library (Freemius v1.0) potentially outdated

Vulnerabilities

None known

recipe-master Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

recipe-master Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

358 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$arr = unserialize($custom["rcpmst_amount_meta"][0]);admin\listings.php:121

unserialize$arr = unserialize($custom["rcpmst_amount_meta"][0]);admin\listings.php:125

Bundled Libraries

Freemius1.0

SQL Query Safety

100% prepared2 total queries

Output Escaping

100% escaped359 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

debug_meta_cb (admin\single-edit.php:271)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

recipe-master Attack Surface

Entry Points14

Unprotected0

Shortcodes 14

[rcpmst_ingredients] includes\shortcodes.php:125

[rcpmst_description] includes\shortcodes.php:126

[rcpmst_allergens] includes\shortcodes.php:127

[rcpmst_dietary_notes] includes\shortcodes.php:128

[rcpmst_storage] includes\shortcodes.php:129

[rcpmst_sku] includes\shortcodes.php:130

[rcpmst_title] includes\shortcodes.php:131

[rcpmst_image] includes\shortcodes.php:132

[rcpmst_taxonomy_list] public\public-content.php:335

[rcpmst_taxonomy_ingredients] public\public-content.php:336

[rcpmst_recipe_list] public\public-content.php:337

[rcpmst_menu] public\public-content.php:338

[rcpmst_user_defined] public\public-content.php:339

[rcpmst_checklist] public\public-content.php:340

WordPress Hooks 42

actioninitincludes\main.php:51

actioninitincludes\main.php:52

actioninitincludes\main.php:53

actioninitincludes\main.php:54

filterwp_insert_post_dataincludes\main.php:55

actioninitincludes\main.php:56

filterwp_insert_post_dataincludes\main.php:57

actioninitincludes\main.php:58

actionadmin_menuincludes\main.php:66

actionadmin_initincludes\main.php:67

actionadmin_enqueue_scriptsincludes\main.php:68

actionadmin_enqueue_scriptsincludes\main.php:69

actionadmin_enqueue_scriptsincludes\main.php:70

actionsave_postincludes\main.php:71

actionadmin_menuincludes\main.php:72

actionadmin_menuincludes\main.php:73

actionadmin_noticesincludes\main.php:74

actionpre_post_updateincludes\main.php:75

actionrcpmst_dietary_notes_add_form_fieldsincludes\main.php:82

actionrcpmst_dietary_notes_edit_form_fieldsincludes\main.php:83

actioncreated_rcpmst_dietary_notesincludes\main.php:84

actionedited_rcpmst_dietary_notesincludes\main.php:85

actionadmin_enqueue_scriptsincludes\main.php:86

actionmanage_rcpmst_recipe_comp_posts_custom_columnincludes\main.php:87

filtermanage_rcpmst_recipe_comp_posts_columnsincludes\main.php:88

filtermanage_edit-rcpmst_recipe_comp_sortable_columnsincludes\main.php:89

actionrestrict_manage_postsincludes\main.php:90

filterparse_queryincludes\main.php:91

actionpre_get_postsincludes\main.php:92

actionquick_edit_custom_boxincludes\main.php:93

actionadmin_enqueue_scriptsincludes\main.php:100

filterpost_row_actionsincludes\main.php:101

filterviews_edit-rcpmst_recipe_compincludes\main.php:108

actionadmin_initincludes\main.php:109

filterget_user_option_meta-box-order_rcpmst_recipe_compincludes\main.php:110

filtertheme_page_templatesincludes\main.php:111

actionwp_enqueue_scriptsincludes\main.php:122

actionwp_enqueue_scriptsincludes\main.php:123

actioninitincludes\main.php:124

filtersingle_templateincludes\main.php:125

filterpage_templateincludes\main.php:126

actionafter_uninstallrecipe-master.php:124

Maintenance & Trust

recipe-master Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedUnknown

PHP min version5.6

Downloads821

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

recipe-master Alternatives

WP Recipe Maker

wp-recipe-maker

The easy and user-friendly recipe plugin for everyone. Automatic JSON-LD metadata for food AND how-to recipes will improve your SEO!

50K 20 CVEs

Cooked – Recipe Management

cooked

Cooked is the absolute best way to create & display recipes with WordPress. SEO optimized, galleries, timers, and much more.

3K 11 CVEs

Delisho – Recipe Widgets and Blocks

dr-widgets-blocks

Delisho includes 12+ Elementor Widgets and 4 Gutenberg blocks for WP Delicious plugin to create a beautiful and SEO-friendly food blog.

1K 2 CVEs

CuratorCrowd Recipe Box

curatorcrowd-recipe-box

An award-winning add-on for your existing recipe cards that enables your visitors to easily save, organize, and share your delicious recipes.

10 No CVEs

Kulinarian Recipe Embed

kulinarian-recipe-embed

Display recipes on your food blog or cooking related website.

10 No CVEs

Developer Profile

recipe-master Developer Profile

zcesl53

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect recipe-master

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/recipe-master/admin/css/admin.css/wp-content/plugins/recipe-master/admin/js/admin.js

Script Paths

/wp-content/plugins/recipe-master/freemius/start.php

Version Parameters

recipe-master/admin/css/admin.css?ver=recipe-master/admin/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

recipe-master-main

HTML Comments

Data Attributes

data-freemius-iddata-freemius-slugdata-freemius-typedata-freemius-is-premiumdata-freemius-has-addonsdata-freemius-has-paid-plans+7 more

JS Globals

window.rcpmst_settingswindow.rcpmst_nonce

FAQ

recipe-master Security & Risk Analysis

Is recipe-master Safe to Use in 2026?

Generally Safe

Key Concerns

recipe-master Security Vulnerabilities

recipe-master Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

recipe-master Attack Surface

Shortcodes 14

recipe-master Maintenance & Trust

Maintenance Signals

Community Trust

recipe-master Alternatives

WP Recipe Maker

Cooked – Recipe Management

Delisho – Recipe Widgets and Blocks

CuratorCrowd Recipe Box

Kulinarian Recipe Embed

recipe-master Developer Profile

How We Detect recipe-master

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about recipe-master