Does Remove All Post Slug have any unpatched vulnerabilities?

No. All known vulnerabilities in Remove All Post Slug have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Remove All Post Slug compatible with WordPress 4.8.28?

According to WordPress.org data, Remove All Post Slug 1.0.0 has been tested up to WordPress 4.8.28. Check the plugin's changelog for the latest compatibility information.

How often is Remove All Post Slug updated?

Remove All Post Slug was last updated on Sep 11, 2017. Frequent updates are generally a positive security signal.

What is Remove All Post Slug's security score?

Remove All Post Slug has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Remove All Post Slug Security & Risk Analysis

wordpress.org/plugins/remove-all-post-slug

Add rewrite rules for custom post type so that the urls for them are in the same way as normal posts: http://siteurl/%custom_post_type_title%/.

0 active installs v1.0.0 PHP + WP 2.9+ Updated Sep 11, 2017

custom-post-typepost-typeremoveremove-slugslug

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Remove All Post Slug Safe to Use in 2026?

Generally Safe

Score 85/100

Remove All Post Slug has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "remove-all-post-slug" v1.0.0 plugin exhibits a generally positive security posture based on the provided static analysis. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events with unprotected entry points is a significant strength, drastically limiting the plugin's attack surface. Furthermore, all identified SQL queries utilize prepared statements, which is a critical best practice for preventing SQL injection vulnerabilities. The lack of any recorded CVEs and a clean vulnerability history further supports the perception of a secure plugin.

However, a notable concern arises from the output escaping analysis. With 8 total outputs and 0% properly escaped, this indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any data processed or displayed by the plugin that originates from user input or external sources is likely to be rendered directly in the browser without sanitization, allowing attackers to inject malicious scripts. While the taint analysis found no unsanitized paths, this does not negate the XSS risk stemming from the lack of output escaping.

In conclusion, the plugin excels in preventing common web vulnerabilities by minimizing its attack surface and securing its database interactions. The primary and significant weakness lies in its inadequate output escaping, which opens the door to XSS attacks. The absence of any past vulnerabilities is encouraging, but the identified output escaping issue requires immediate attention to ensure the plugin's continued security.

Key Concerns

Output not properly escaped

Vulnerabilities

None known

Remove All Post Slug Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Remove All Post Slug Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared6 total queries

Output Escaping

0% escaped8 total outputs

Data Flows

All sanitized

Data Flow Analysis

4 flows

menu_page (index.php:49)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Remove All Post Slug Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 16

actionadmin_menuindex.php:21

actionwp_insert_postindex.php:22

filterpost_type_linkindex.php:23

filterredirect_canonicalindex.php:24

actionadmin_noticesindex.php:188

actionadmin_noticesindex.php:203

filterrequestindex.php:229

actioninitindex.php:272

actionadmin_menuremove-post-slug.php:18

actionwp_insert_postremove-post-slug.php:19

filterpost_type_linkremove-post-slug.php:21

filterredirect_canonicalremove-post-slug.php:22

actionadmin_noticesremove-post-slug.php:198

actionadmin_noticesremove-post-slug.php:216

filterrequestremove-post-slug.php:244

actioninitremove-post-slug.php:275

Maintenance & Trust

Remove All Post Slug Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28

Last updatedSep 11, 2017

PHP min version

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Remove All Post Slug Alternatives

Custom Permalinks for Custom Post Types

custom-permalinks-for-custom-post-types

Remove base slug of Custom Post Types and change the permalink structure of Custom Post Types.

100 No CVEs

Remove CPT base

remove-cpt-base

Remove custom post type base slug from url

10K 1 CVE

Custom Post Type Slug Manager

cptsm-slug-manager

Easily edit or remove slugs for any custom post type. Customize your content URLs without coding.

100 No CVEs

WP Change Custom Posts Slugs

wp-change-custom-post-slug

The plugin allows to can easily change slug of custom post types from WordPress admin panel.

700 No CVEs

WP Alternative Slug by 010Pixel

wp-alternative-slug-by-010pixel

Create alternative slug (url) for each page, post or custom post type which will redirect to same main page.

40 No CVEs

Developer Profile

Remove All Post Slug Developer Profile

Saeed Ullah Khan

1 plugin · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Remove All Post Slug

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

JS Globals

window.asoft_permalink_customtype_suffix

FAQ