Recipes to Grocery Lists Security & Risk Analysis
wordpress.org/plugins/recipes-to-grocery-listsAutomatically add organized grocery lists with nutritional estimates to your recipe posts with just a click. Brought to you by Say Mmm.
Is Recipes to Grocery Lists Safe to Use in 2026?
Generally Safe
Score 85/100Recipes to Grocery Lists has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "recipes-to-grocery-lists" plugin v1.5 presents a concerning security posture despite its seemingly small attack surface and lack of recorded vulnerabilities. The static analysis reveals a critical weakness in output escaping, with 100% of outputs being unescaped. This means that any data displayed by the plugin, if it originates from user input or external sources, is vulnerable to cross-site scripting (XSS) attacks. The absence of nonce checks and capability checks, combined with no observed taint flows or dangerous functions, might suggest an unintentional lack of direct vulnerabilities. However, the critical output escaping issue creates a significant risk for arbitrary code execution within the user's browser. The plugin's history of zero CVEs is positive, but this can be misleading if the plugin is not actively scrutinized or if vulnerabilities have gone unnoticed due to a limited attack surface or perhaps due to the plugin not being widely used. The primary concern is the unescaped output, which is a direct, exploitable vulnerability waiting to be triggered by malicious input.
Key Concerns
- Unescaped output across all outputs
- Missing nonce checks
- Missing capability checks
Recipes to Grocery Lists Security Vulnerabilities
Recipes to Grocery Lists Release Timeline
Recipes to Grocery Lists Code Analysis
Output Escaping
Recipes to Grocery Lists Attack Surface
WordPress Hooks 3
Maintenance & Trust
Recipes to Grocery Lists Maintenance & Trust
Maintenance Signals
Community Trust
Recipes to Grocery Lists Alternatives
Cooked – Recipe Management
cooked
Cooked is the absolute best way to create & display recipes with WordPress. SEO optimized, galleries, timers, and much more.
NutritionWP
nutritionwp
Super easy recipe plugin with nutritional facts. Made by a foodie!
The SGDiet TDEE Calculator
sgdiet-tdee-calculator
Calculate Total Daily Energy Expenditure on your frontend for your users to use.
WP Recipe Maker
wp-recipe-maker
The easy and user-friendly recipe plugin for everyone. Automatic JSON-LD metadata for food AND how-to recipes will improve your SEO!
Recipe Card Blocks Lite
recipe-card-blocks-by-wpzoom
Recipe Card Blocks with Schema Markup — create SEO-optimized recipes with Gutenberg, Elementor & AMP support
Recipes to Grocery Lists Developer Profile
1 plugin · 10 total installs
How We Detect Recipes to Grocery Lists
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/recipes-to-grocery-lists/mmmlist_style.css/wp-content/plugins/recipes-to-grocery-lists/mmmlist.js/wp-content/plugins/recipes-to-grocery-lists/imggrocerylist.png/wp-content/plugins/recipes-to-grocery-lists/addtolist.jpg/wp-content/plugins/recipes-to-grocery-lists/icon.jpg/wp-content/plugins/recipes-to-grocery-lists/mmmlist.jsHTML / DOM Fingerprints
mmmlist_iframe_titlemmmlist_iframe_captionmmmlist_leftfloatermmmlist_clearmmmlist_padtopmmmlist_inputmmmlist_addbuttononclick="mmm_Place_link('wwwgooglecom');"mmm_Place_link_maintb_removetinyMCEtinymceedInsertContent<p><a href="http://www.saymmm.com/grocerylist.php?url=[mmmlist:url]" target="_blank"><img src="/wp-content/plugins/recipes-to-grocery-lists/imggrocerylist.png" border="0" alt="" title="" /></a></p>