Does Show Content by User Level have any unpatched vulnerabilities?

No. All known vulnerabilities in Show Content by User Level have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Show Content by User Level compatible with WordPress 2.7.1?

According to WordPress.org data, Show Content by User Level 0.1 has been tested up to WordPress 2.7.1. Check the plugin's changelog for the latest compatibility information.

How often is Show Content by User Level updated?

Show Content by User Level was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Show Content by User Level's security score?

Show Content by User Level has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Show Content by User Level Security & Risk Analysis

wordpress.org/plugins/show-content-by-user-level

This simple plug-in hides content from all users except those that exceed a specific user level.

10 active installs v0.1 PHP + WP 2.5+ Updated Unknown

contentpermissionroleuser-level

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Show Content by User Level Safe to Use in 2026?

Generally Safe

Score 100/100

Show Content by User Level has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The 'show-content-by-user-level' plugin version 0.1 exhibits a strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly minimizes the plugin's attack surface. Furthermore, the code signals indicate robust security practices, with all SQL queries utilizing prepared statements, a crucial defense against SQL injection. The presence of nonce and capability checks on the limited entry points is also a positive indicator.

However, a key concern arises from the output escaping. With 50% of the identified outputs not properly escaped, there is a potential risk of Cross-Site Scripting (XSS) vulnerabilities. While the taint analysis shows no unsanitized paths and no high-severity issues, the unescaped output remains a tangible risk that could be exploited if user-supplied data indirectly reaches these output points.

The plugin's vulnerability history is clean, with no recorded CVEs. This, combined with the limited and seemingly well-protected attack surface, suggests a low overall risk profile. The primary area of improvement is ensuring all outputs are correctly escaped to mitigate potential XSS risks.

Key Concerns

Unescaped output detected

Vulnerabilities

None known

Show Content by User Level Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Show Content by User Level Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

50% escaped4 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

showcontentuserlevel_conf (showcontent_by_userlevel.php:98)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Show Content by User Level Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actioninitshowcontent_by_userlevel.php:23

actionadmin_menushowcontent_by_userlevel.php:33

filterthe_contentshowcontent_by_userlevel.php:47

Maintenance & Trust

Show Content by User Level Maintenance & Trust

Maintenance Signals

WordPress version tested2.7.1

Last updatedUnknown

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Show Content by User Level Alternatives

Show User Level Content

show-user-level-content

This simple plug-in hides content from all users except those that exceed a specific user level.

10 No CVEs

Manage User Roles

manage-user-roles

100

A flexible plugin to control content visibility for non-administrator users with advanced, role-based rules.

10 No CVEs

WPSAL (Simple Access List)

wpsal-simple-access-list

100

We have ONE goal in mind: making it easy to control access to pages and posts.

0 No CVEs

Members – Membership & User Role Editor Plugin

members

The best WordPress membership and user role editor plugin. User Roles & Capabilities editor helps you restrict content in just a few clicks.

300K 1 CVE

Advanced Access Manager – Access Governance for WordPress

advanced-access-manager

Access Governance for WordPress. Control roles, users, content, admin areas, and APIs to prevent broken access controls and excessive privileges.

100K 11 CVEs

Developer Profile

Show Content by User Level Developer Profile

nicholascaporusso

1 plugin · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Show Content by User Level

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output

[hide [/hide]

FAQ