Does RoleMatrix have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is RoleMatrix compatible with WordPress 6.8.5?

According to WordPress.org data, RoleMatrix 1.0.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is RoleMatrix compatible with PHP 7.4+?

RoleMatrix requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is RoleMatrix updated?

RoleMatrix was last updated on Dec 6, 2025. Frequent updates are generally a positive security signal.

What is RoleMatrix's security score?

RoleMatrix has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

RoleMatrix Security & Risk Analysis

wordpress.org/plugins/rolematrix-gw

A powerful plugin to manage user roles, capabilities, and admin menu access with advanced URL restrictions.

0 active installs v1.0.1 PHP 7.4+ WP 5.8+ Updated Dec 6, 2025

access-controladmin-menucapabilitiessecurityuser-roles

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is RoleMatrix Safe to Use in 2026?

Generally Safe

Score 100/100

RoleMatrix has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The rolematrix-gw v1.0.1 plugin exhibits a strong security posture based on the provided static analysis. The plugin has no identified attack surface through common entry points like AJAX, REST API, shortcodes, or cron events. Furthermore, the code demonstrates excellent security practices, with all SQL queries utilizing prepared statements and a very high percentage of output being properly escaped. The presence of nonce and capability checks further reinforces its secure design principles.

The taint analysis reveals no critical or high-severity flows with unsanitized paths, indicating that user-controlled input is not being mishandled in a way that would lead to common web vulnerabilities like SQL injection or XSS. The plugin also has no history of known vulnerabilities, which is a positive indicator of its development quality and ongoing maintenance.

Overall, rolematrix-gw v1.0.1 appears to be a very secure plugin. The lack of attack surface, robust code practices, and absence of past vulnerabilities contribute to a low-risk profile. The primary strength lies in its proactive approach to security by minimizing entry points and diligently employing security best practices in its code.

Vulnerabilities

None known

RoleMatrix Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

RoleMatrix Release Timeline

v1.0.1Current

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

RoleMatrix Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

131 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

98% escaped133 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

rolematrix_gw_render_caps_page (includes/admin-pages.php:307)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

RoleMatrix Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 9

actionadmin_menurolematrix-gw.php:79

actionadmin_initrolematrix-gw.php:80

actionadmin_menurolematrix-gw.php:83

actionadmin_initrolematrix-gw.php:84

actionadmin_noticesrolematrix-gw.php:87

actionadmin_enqueue_scriptsrolematrix-gw.php:90

actionactivated_pluginrolematrix-gw.php:94

actiondeactivated_pluginrolematrix-gw.php:95

actionafter_switch_themerolematrix-gw.php:96

Maintenance & Trust

RoleMatrix Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedDec 6, 2025

PHP min version7.4

Downloads219

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

RoleMatrix Alternatives

PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus

capability-manager-enhanced

PublishPress Capabilities is the access control plugin. You can manage user capabilities, permissions, user roles, admin menus and more.

100K 5 CVEs

Admin Menu Editor, Admin Column Editor – EditX

editx

100

A powerful WordPress plugin to customize admin menus and admin columns with ease

10 No CVEs

Admin Menu Restrictor

admin-menu-restrictor

Restricts the WordPress admin menu for non-admin users, showing only the \"Posts\" menu to simplify the interface and enhance security.

0 No CVEs

Advanced Access Manager – Access Governance for WordPress

advanced-access-manager

Access Governance for WordPress. Control roles, users, content, admin areas, and APIs to prevent broken access controls and excessive privileges.

100K 11 CVEs

Restrict User Access – Ultimate Membership & Content Protection

restrict-user-access

Create Access Levels and restrict any post, page, category, etc. Supports bbPress, BuddyPress, WooCommerce, WPML, and more.

10K 2 CVEs

Developer Profile

RoleMatrix Developer Profile

Mohammadreza Maghsoudipour

2 plugins · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect RoleMatrix

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/rolematrix-gw/assets/css/rolematrix-gw-admin.css/wp-content/plugins/rolematrix-gw/assets/js/rolematrix-gw-admin.js

Script Paths

/wp-content/plugins/rolematrix-gw/assets/js/rolematrix-gw-admin.js

Version Parameters

rolematrix-gw/assets/css/rolematrix-gw-admin.css?ver=rolematrix-gw/assets/js/rolematrix-gw-admin.js?ver=

HTML / DOM Fingerprints

FAQ