Does Schema have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Schema compatible with WordPress 6.8.5?

According to WordPress.org data, Schema 1.7.9.6 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Schema compatible with PHP 5.4+?

Schema requires PHP 5.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Schema updated?

Schema was last updated on Jun 14, 2025. Frequent updates are generally a positive security signal.

What is Schema's security score?

Schema has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Schema Security & Risk Analysis

wordpress.org/plugins/schema

Get the next generation of Schema Structured Data to enhance your WordPress site presentation in Google search results.

40K active installs v1.7.9.6 PHP 5.4+ WP 4.0+ Updated Jun 14, 2025

json-ldrich-snippetsschemaschema-orgstructured-data

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Schema Safe to Use in 2026?

Generally Safe

Score 100/100

Schema has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

The 'schema' plugin v1.7.9.6 exhibits a mixed security posture. On the positive side, it has no recorded historical vulnerabilities (CVEs), and its code signals show a good practice in using prepared statements for SQL queries (82%) and a decent rate of output escaping (63%). It also correctly implements capability checks and nonce checks in several areas. However, there are significant concerns arising from the static analysis.

A notable weakness is the presence of 4 AJAX handlers, with a concerning 3 of them lacking proper authentication checks. This creates a substantial attack surface that could be exploited by unauthenticated users. Furthermore, the taint analysis reveals 6 flows with unsanitized paths, although no critical or high severity issues were found in this regard. This suggests a potential for injection-type vulnerabilities if these unsanitized paths are ever exposed to user input.

Overall, while the plugin's history is clean, the current analysis highlights immediate risks due to unprotected entry points and potential unsanitized data flows. The lack of historical vulnerabilities is a positive indicator, but the identified weaknesses in the current version necessitate attention to mitigate potential security exposures.

Key Concerns

Unprotected AJAX handlers
Taint flows with unsanitized paths
Output escaping is not fully implemented

Vulnerabilities

None known

Schema Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Schema Release Timeline

v1.7.9.5

v1.7.9.4

v1.7.9.3

v1.7.9.2

v1.7.9.1

v1.7.9.0

v1.7.8.9

v1.7.8.8

v1.7.8.7

v1.7.8.6

v1.7.8.5

v1.7.8.4

v1.7.8.3

v1.7.8.2

v1.7.8.1

v1.7.8

v1.7.7

v1.7.6

v1.7.5

v1.7.4

Code Analysis

Analyzed Mar 16, 2026

Schema Code Analysis

Dangerous Functions

Raw SQL Queries

9 prepared

Unescaped Output

169

289 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

82% prepared11 total queries

Output Escaping

63% escaped458 total outputs

Data Flows · Security

6 unsanitized

Data Flow Analysis

11 flows6 with unsanitized paths

schema_wp_admin_extensions_page (includes\admin\extensions.php:24)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

Schema Attack Surface

Entry Points4

Unprotected3

AJAX Handlers 4

authwp_ajax_at_delete_fileincludes\admin\meta-tax\class-meta-tax.php:252

authwp_ajax_at_reorder_imagesincludes\admin\meta-tax\class-meta-tax.php:253

authwp_ajax_at_delete_muploadincludes\admin\meta-tax\class-meta-tax.php:255

authwp_ajax_schema_wp_pre_submit_validationincludes\admin\post-type\schema-wp-ajax.php:80

WordPress Hooks 151

actionadmin_bar_menuincludes\admin\admin-bar-menu.php:13

actionwp_headincludes\admin\admin-bar-menu.php:59

actionschema_wp_do_after_settings_updatedincludes\admin\admin-functions.php:16

actionadmin_initincludes\admin\class-feedback.php:50

actionadmin_initincludes\admin\class-feedback.php:51

actionadmin_noticesincludes\admin\class-feedback.php:125

actionadmin_initincludes\admin\class-feedback.php:285

actionadmin_menuincludes\admin\class-menu.php:18

actionadmin_menuincludes\admin\class-menu.php:19

actionadmin_menuincludes\admin\class-menu.php:20

actionadmin_menuincludes\admin\class-menu.php:21

actionadmin_menuincludes\admin\class-menu.php:22

actionadmin_noticesincludes\admin\class-notices.php:10

actionschema_wp_dismiss_noticesincludes\admin\class-notices.php:11

actionadmin_menuincludes\admin\class-setup-wizard.php:30

actionadmin_headincludes\admin\class-setup-wizard.php:31

actionadmin_initincludes\admin\class-setup-wizard.php:32

actionadmin_menuincludes\admin\class-welcome.php:35

actionadmin_headincludes\admin\class-welcome.php:36

actionadmin_initincludes\admin\class-welcome.php:37

actionadmin_enqueue_scriptsincludes\admin\meta\class-meta.php:615

actionadmin_headincludes\admin\meta\class-meta.php:616

actionadd_meta_boxesincludes\admin\meta\class-meta.php:617

actionsave_postincludes\admin\meta\class-meta.php:618

actioncurrent_screenincludes\admin\meta-exclude.php:17

actionadmin_initincludes\admin\meta-tax\class-meta-tax.php:126

actionadmin_print_stylesincludes\admin\meta-tax\class-meta-tax.php:130

actiondelete_termincludes\admin\meta-tax\class-meta-tax.php:135

actionadmin_footerincludes\admin\meta-tax\class-meta-tax.php:267

actioninitincludes\admin\meta-tax\migration\tax_to_term_meta.php:48

actionshutdownincludes\admin\meta-tax\migration\tax_to_term_meta.php:50

actionadmin_initincludes\admin\meta-tax.php:16

actioninitincludes\admin\meta.php:17

filterpre_get_postsincludes\admin\post-type\class-columns.php:76

actionadmin_initincludes\admin\post-type\schema-columns.php:12

actioninitincludes\admin\post-type\schema-post-type.php:16

filterpost_updated_messagesincludes\admin\post-type\schema-post-type.php:68

actiontransition_post_statusincludes\admin\post-type\schema-post-type.php:178

actionadmin_enqueue_scripts-post.phpincludes\admin\post-type\schema-wp-ajax.php:16

actionadmin_enqueue_scripts-post-new.phpincludes\admin\post-type\schema-wp-ajax.php:17

actionadmin_head-post.phpincludes\admin\post-type\schema-wp-ajax.php:32

actionadmin_head-post-new.phpincludes\admin\post-type\schema-wp-ajax.php:33

actionadmin_menuincludes\admin\post-type\schema-wp-submit.php:42

actionsave_postincludes\admin\ref.php:16

actionwp_insert_postincludes\admin\ref.php:169

actionfuture_postincludes\admin\ref.php:201

actionadmin_enqueue_scriptsincludes\admin\scripts.php:43

actionadmin_enqueue_scriptsincludes\admin\scripts.php:67

actionadmin_initincludes\admin\settings\register-settings.php:145

filterschema_wp_settings_sanitize_textincludes\admin\settings\register-settings.php:700

filteroption_page_capability_schema_wp_settingsincludes\admin\settings\register-settings.php:1623

filterschema_wp_after_setting_nameincludes\admin\settings\register-settings.php:1634

actionadmin_print_footer_scriptsincludes\admin\settings\register-settings.php:1662

filterschema_wp_settings_licensesincludes\admin\updater\class-license-handler.php:97

actionschema_wp_settings_tab_topincludes\admin\updater\class-license-handler.php:100

actionadmin_initincludes\admin\updater\class-license-handler.php:103

actionadmin_initincludes\admin\updater\class-license-handler.php:106

actionschema_wp_weekly_scheduled_eventsincludes\admin\updater\class-license-handler.php:109

actionadmin_initincludes\admin\updater\class-license-handler.php:115

actionadmin_noticesincludes\admin\updater\class-license-handler.php:118

filterpre_set_site_transient_update_pluginsincludes\admin\updater\class-updater.php:77

filterplugins_apiincludes\admin\updater\class-updater.php:78

actionadmin_initincludes\admin\updater\class-updater.php:81

filterpre_set_site_transient_update_pluginsincludes\admin\updater\class-updater.php:215

actionadmin_initincludes\extensions\audio-object.php:14

actioncurrent_screenincludes\extensions\audio-object.php:72

filterschema_wp_cpt_enabledincludes\extensions\audio-object.php:167

filterschema_outputincludes\extensions\audio-object.php:228

filterschema_outputincludes\extensions\author.php:13

actionwp_headincludes\extensions\breadcrumbs.php:80

actionwpincludes\extensions\breadcrumbs.php:423

filterschema_outputincludes\extensions\comment.php:14

filterschema_outputincludes\extensions\comment.php:41

filterschema_outputincludes\extensions\page-about.php:11

actionwp_headincludes\extensions\page-about.php:32

filterschema_outputincludes\extensions\page-contact.php:12

actionwp_headincludes\extensions\page-contact.php:33

actiontemplate_redirectincludes\extensions\post-meta-generator.php:91

actioncurrent_screenincludes\extensions\post-meta-generator.php:103

actioncurrent_screenincludes\extensions\sameAs.php:15

filterschema_outputincludes\extensions\sameAs.php:84

filterschema_about_page_outputincludes\extensions\sameAs.php:85

filterschema_contact_page_outputincludes\extensions\sameAs.php:86

actionadmin_initincludes\extensions\video-object.php:13

actioncurrent_screenincludes\extensions\video-object.php:72

filterschema_wp_cpt_enabledincludes\extensions\video-object.php:167

filterschema_outputincludes\extensions\video-object.php:226

actionadmin_initincludes\install.php:147

actionadmin_initincludes\install.php:175

filteramp_post_template_metadataincludes\integrations\amp.php:13

actionschema_wp_action_post_type_archiveincludes\integrations\edd.php:29

filteredd_add_schema_microdataincludes\integrations\edd.php:38

filtergenesis_attr_search-formincludes\integrations\genesis.php:21

filtergenesis_attr_bodyincludes\integrations\genesis.php:26

filtergenesis_attr_contentincludes\integrations\genesis.php:28

filtergenesis_attr_entryincludes\integrations\genesis.php:30

filtergenesis_attr_entry-authorincludes\integrations\genesis.php:31

filtergenesis_attr_entry-author-nameincludes\integrations\genesis.php:32

filtergenesis_attr_entry-author-linkincludes\integrations\genesis.php:33

filtergenesis_attr_entry-imageincludes\integrations\genesis.php:34

filtergenesis_attr_entry-image-widgetincludes\integrations\genesis.php:35

filtergenesis_attr_entry-image-grid-loopincludes\integrations\genesis.php:36

filtergenesis_attr_entry-timeincludes\integrations\genesis.php:37

filtergenesis_attr_entry-titleincludes\integrations\genesis.php:38

filtergenesis_attr_entry-contentincludes\integrations\genesis.php:39

filtergenesis_attr_entry-commentsincludes\integrations\genesis.php:40

filtergenesis_attr_authorincludes\integrations\genesis.php:42

filtergenesis_attr_author-boxincludes\integrations\genesis.php:43

filtergenesis_attr_commentincludes\integrations\genesis.php:45

filtergenesis_attr_comment-contentincludes\integrations\genesis.php:46

filtergenesis_attr_comment-authorincludes\integrations\genesis.php:47

filtergenesis_attr_comment-time-linkincludes\integrations\genesis.php:48

actioninitincludes\integrations\genesis.php:70

filterget_search_formincludes\integrations\genesis.php:86

actioninitincludes\integrations\genesis.php:174

filtergenesis_attr_breadcrumbincludes\integrations\genesis.php:186

filtergenesis_attr_breadcrumb-link-wrapincludes\integrations\genesis.php:187

actiongenesis_breadcrumb_linkincludes\integrations\genesis.php:192

filterschema_wp_filter_output_knowledge_graphincludes\integrations\seo-framework.php:15

filterschema_wp_output_sitelinks_search_boxincludes\integrations\seo-framework.php:27

actiondo_meta_boxesincludes\integrations\thesis.php:40

actionschema_wp_post_typesincludes\integrations\thirstyaffiliates.php:16

filterschema_wp_breadcrumb_enabledincludes\integrations\woocommerce.php:15

actionschema_outputincludes\integrations\wp-rich-snippets.php:16

actioninitincludes\integrations\wp-rich-snippets.php:31

filterwpseo_json_ld_outputincludes\integrations\yoast-seo.php:15

filterwpseo_breadcrumb_outputincludes\integrations\yoast-seo.php:32

actionadmin_initincludes\integrations\yoast-seo.php:55

filterschema_wp_settings_advancedincludes\integrations\yoast-seo.php:65

filterschema_wp_yoast_knowledge_graph_removeincludes\integrations\yoast-seo.php:88

filterschema_wp_output_sitelinks_search_boxincludes\integrations\yoast-seo.php:110

actionwp_headincludes\json\author-archive.php:11

actionwp_headincludes\json\blog.php:11

actionwp_headincludes\json\category.php:11

filterschema_wp_filter_output_knowledge_graphincludes\json\knowledge-graph.php:11

actionwp_headincludes\json\knowledge-graph.php:25

actionwp_headincludes\json\post-type-archive.php:11

actionwp_headincludes\json\schema-output.php:11

actionwp_headincludes\json\search-results.php:11

actionwp_headincludes\json\tag.php:11

actionwp_headincludes\json\taxonomy.php:11

actionwp_headincludes\json\web-page-element.php:12

filtergenesis_attr_site-headerincludes\json\web-page-element.php:32

filtergenesis_attr_site-footerincludes\json\web-page-element.php:34

filterschema_wp_typesincludes\misc-functions.php:14

actionsave_postincludes\misc-functions.php:538

actionsave_postincludes\misc-functions.php:645

actionadmin_noticesschema.php:97

actionplugins_loadedschema.php:105

actionplugins_loadedschema.php:109

actioninitschema.php:113

Maintenance & Trust

Schema Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJun 14, 2025

PHP min version5.4

Downloads1.4M

Community Trust

Rating86/100

Number of ratings221

Active installs40K

Alternatives

Schema Alternatives

Schema App Structured Data

schema-app-structured-data-for-schemaorg

Get Schema.org structured data for all pages, posts, categories and profile pages on activation. Use Schema App to customize any Schema Markup.

7K 4 CVEs

FAQ Schema For Pages And Posts

faq-schema-for-pages-and-posts

FAQ Schema For Pages And Posts by Krystian Szastok Founder of RobotZebra - a London based SEO agency, allows you to turn questions and answers on your …

8K No CVEs

Websitescanner Custom Schema

websitescanner-custom-schema

Adds custom field to the post & pages editor for custom JSON-ld schema markup also known as structured data.

600 No CVEs

SCHEMA for Article

schema-for-article

SCHEMA for Article is simply the easiest solution to add valid schema.org as a JSON script in the head of blog posts or articles.

300 No CVEs

WPSSO Strip Schema Microdata

wpsso-strip-schema-microdata

100

Remove Schema Microdata and RDFa from the webpage for better Google Rich Results using Schema JSON-LD markup.

300 No CVEs

Developer Profile

Schema Developer Profile

Hesham Zebida

9 plugins · 41K total installs

trust score

Avg Security Score

87/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Schema

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/schema/assets/css/frontend.min.css/wp-content/plugins/schema/assets/css/backend.min.css/wp-content/plugins/schema/assets/js/frontend.min.js/wp-content/plugins/schema/assets/js/backend.min.js/wp-content/plugins/schema/assets/js/schema-admin-bar.min.js/wp-content/plugins/schema/assets/js/schema-frontend.min.js

Script Paths

/wp-content/plugins/schema/assets/js/frontend.min.js/wp-content/plugins/schema/assets/js/backend.min.js/wp-content/plugins/schema/assets/js/schema-admin-bar.min.js/wp-content/plugins/schema/assets/js/schema-frontend.min.js

Version Parameters

schema/assets/css/frontend.min.css?ver=schema/assets/css/backend.min.css?ver=schema/assets/js/frontend.min.js?ver=schema/assets/js/backend.min.js?ver=schema/assets/js/schema-admin-bar.min.js?ver=schema/assets/js/schema-frontend.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

schema-wp-backend-options

JS Globals

SchemaAdminSchemaFrontendSchemaAdminBar

FAQ