WP-Safety

Sidebar Menu Security & Risk Analysis

wordpress.org/plugins/sidebar-menu

A sidebar menu allows you to organize information vertically, it is a part of a web page that makes it easy to place navigation or display links to he …

20 active installs v1.0.4 PHP 7.0+ WP 5.0+ Updated Nov 12, 2022
bootstrap-sidebarside-navigationside-navigation-menusidebarsidebar-menu
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Sidebar Menu Safe to Use in 2026?

Generally Safe

Score 85/100

Sidebar Menu has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The sidebar-menu plugin version 1.0.4 presents a generally strong security posture, with no recorded vulnerabilities or critical taint analysis findings. The static analysis indicates good practices in several areas, including a robust number of nonce and capability checks, and a respectable rate of prepared statements for SQL queries. The absence of dangerous functions and external HTTP requests further contributes to a positive security outlook. However, there are areas for improvement. The presence of unsanitized paths in taint analysis, though not reaching a critical severity, warrants attention as it could potentially lead to path traversal vulnerabilities if combined with other factors. Additionally, while the majority of output is properly escaped, the 34% that is not raises concerns about potential cross-site scripting (XSS) vulnerabilities, especially given the 1145 total outputs analyzed. The plugin also performs file operations, which, without proper sanitization, could introduce risks. Overall, the plugin demonstrates a solid foundation, but the identified potential weaknesses in path handling and output escaping require careful consideration and potential remediation to further strengthen its security.

Key Concerns

  • Flows with unsanitized paths
  • Unescaped output (34% of 1145)
  • File operations present
Vulnerabilities
None known

Sidebar Menu Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Sidebar Menu Code Analysis

Dangerous Functions
0
Raw SQL Queries
4
8 prepared
Unescaped Output
394
751 escaped
Nonce Checks
20
Capability Checks
4
File Operations
13
External Requests
3
Bundled Libraries
0

SQL Query Safety

67% prepared12 total queries

Output Escaping

66% escaped1145 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

12 flows1 with unsanitized paths
display_page (includes\option-tree\includes\class-ot-settings.php:227)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Sidebar Menu Attack Surface

Entry Points11
Unprotected0

AJAX Handlers 10

authwp_ajax_add_sectionincludes\option-tree\ot-loader.php:395
authwp_ajax_add_settingincludes\option-tree\ot-loader.php:398
authwp_ajax_add_the_contextual_helpincludes\option-tree\ot-loader.php:401
authwp_ajax_add_choiceincludes\option-tree\ot-loader.php:404
authwp_ajax_add_list_item_settingincludes\option-tree\ot-loader.php:407
authwp_ajax_add_layoutincludes\option-tree\ot-loader.php:410
authwp_ajax_add_list_itemincludes\option-tree\ot-loader.php:413
authwp_ajax_add_social_linksincludes\option-tree\ot-loader.php:416
authwp_ajax_ot_google_fontincludes\option-tree\ot-loader.php:419
authwp_ajax_gallery_updateincludes\option-tree\ot-loader.php:425

Shortcodes 1

[sidebarmenu] includes\Classes\Helper.class.php:31
WordPress Hooks 76
filterot_show_pagesincludes\Classes\Helper.class.php:16
filterot_show_options_uiincludes\Classes\Helper.class.php:17
filterot_show_new_layoutincludes\Classes\Helper.class.php:18
filterot_theme_options_parent_slugincludes\Classes\Helper.class.php:20
filterot_theme_options_page_titleincludes\Classes\Helper.class.php:21
filterot_theme_options_menu_titleincludes\Classes\Helper.class.php:22
filterot_theme_options_menu_slugincludes\Classes\Helper.class.php:23
filterot_settings_idincludes\Classes\Helper.class.php:24
filterot_header_version_textincludes\Classes\Helper.class.php:25
filterot_header_logo_linkincludes\Classes\Helper.class.php:26
actionplugins_loadedincludes\Classes\Helper.class.php:28
actionwp_enqueue_scriptsincludes\Classes\Helper.class.php:29
actionadmin_enqueue_scriptsincludes\Classes\Helper.class.php:30
filtersidebarmenu_beforeincludes\Classes\Helper.class.php:32
filtersidebarmenu_afterincludes\Classes\Helper.class.php:33
filtersidebarmenu_custom_cssincludes\Classes\Helper.class.php:35
filterwp_footerincludes\Classes\Helper.class.php:36
actioninitincludes\Classes\Helper.class.php:38
filtermanage_sidebar-menu_posts_columnsincludes\Classes\Helper.class.php:39
actionmanage_sidebar-menu_posts_custom_columnincludes\Classes\Helper.class.php:43
actionadmin_initincludes\meta-boxes.php:3
actionadmin_headincludes\option-tree\includes\class-ot-cleanup.php:37
actionadmin_menuincludes\option-tree\includes\class-ot-cleanup.php:40
actionot_pre_consolidate_postsincludes\option-tree\includes\class-ot-cleanup.php:43
actionadmin_noticesincludes\option-tree\includes\class-ot-cleanup.php:78
actionadd_meta_boxesincludes\option-tree\includes\class-ot-meta-box.php:55
actionsave_postincludes\option-tree\includes\class-ot-meta-box.php:57
actionadmin_initincludes\option-tree\includes\class-ot-post-formats.php:43
filterpre_pingincludes\option-tree\includes\class-ot-post-formats.php:46
actionadmin_menuincludes\option-tree\includes\class-ot-settings.php:74
actionadmin_initincludes\option-tree\includes\class-ot-settings.php:77
actionadmin_initincludes\option-tree\includes\class-ot-settings.php:80
actionadmin_initincludes\option-tree\includes\class-ot-settings.php:83
actionadmin_initincludes\option-tree\includes\class-ot-settings.php:86
actionadmin_noticesincludes\option-tree\includes\ot-functions-admin.php:107
filtersafe_style_cssincludes\option-tree\includes\ot-functions-admin.php:599
filterwp_kses_allowed_htmlincludes\option-tree\includes\ot-functions-admin.php:600
filterot_recognized_font_familiesincludes\option-tree\includes\ot-functions-admin.php:2415
actionot_after_theme_options_saveincludes\option-tree\includes\ot-functions-admin.php:5170
actionsplit_shared_termincludes\option-tree\includes\ot-functions-admin.php:6087
actionadmin_initincludes\option-tree\includes\ot-functions-compat.php:13
filterot_option_types_arrayincludes\option-tree\includes\ot-functions-compat.php:14
filterot_recognized_font_stylesincludes\option-tree\includes\ot-functions-compat.php:15
filterot_recognized_font_weightsincludes\option-tree\includes\ot-functions-compat.php:16
filterot_recognized_font_variantsincludes\option-tree\includes\ot-functions-compat.php:17
filterot_recognized_font_familiesincludes\option-tree\includes\ot-functions-compat.php:18
filterot_recognized_background_repeatincludes\option-tree\includes\ot-functions-compat.php:19
filterot_recognized_background_positionincludes\option-tree\includes\ot-functions-compat.php:20
filterot_measurement_unit_typesincludes\option-tree\includes\ot-functions-compat.php:21
filterot_theme_modeincludes\option-tree\ot-loader.php:5
actionadmin_noticesincludes\option-tree\ot-loader.php:14
actionafter_setup_themeincludes\option-tree\ot-loader.php:35
actioninitincludes\option-tree\ot-loader.php:292
actioninitincludes\option-tree\ot-loader.php:296
actionadmin_headincludes\option-tree\ot-loader.php:299
actioninitincludes\option-tree\ot-loader.php:335
actioninitincludes\option-tree\ot-loader.php:340
actioninitincludes\option-tree\ot-loader.php:345
actionadmin_print_scripts-post-new.phpincludes\option-tree\ot-loader.php:352
actionadmin_print_scripts-post.phpincludes\option-tree\ot-loader.php:353
actionadmin_print_styles-post-new.phpincludes\option-tree\ot-loader.php:356
actionadmin_print_styles-post.phpincludes\option-tree\ot-loader.php:357
actionadmin_bar_menuincludes\option-tree\ot-loader.php:362
actionadmin_initincludes\option-tree\ot-loader.php:365
actionadmin_initincludes\option-tree\ot-loader.php:368
actionadmin_initincludes\option-tree\ot-loader.php:371
actionadmin_initincludes\option-tree\ot-loader.php:374
actionadmin_initincludes\option-tree\ot-loader.php:377
actionadmin_initincludes\option-tree\ot-loader.php:380
actionadmin_initincludes\option-tree\ot-loader.php:383
actionwp_enqueue_scriptsincludes\option-tree\ot-loader.php:386
actionwp_enqueue_scriptsincludes\option-tree\ot-loader.php:389
actionot_after_theme_options_saveincludes\option-tree\ot-loader.php:392
filtermedia_view_settingsincludes\option-tree\ot-loader.php:422
filtergettextincludes\option-tree\ot-loader.php:428
actioninitincludes\plugin-options.php:3
Maintenance & Trust

Sidebar Menu Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11
Last updatedNov 12, 2022
PHP min version7.0
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs20
Alternatives

Sidebar Menu Alternatives

WPB Accordion Menu – Collapsible Vertical Sidebar Menu – WooCommerce Category Accordion

WPB Accordion Menu – Collapsible Vertical Sidebar Menu – WooCommerce Category Accordion

wpb-accordion-menu-or-category

A
100

WPB Accordion Menu is a collapsible vertical sidebar menu for WordPress. It can display WooCommerce product categories and the menu accordion.

10K No CVEs
Side Menu Lite – Sticky Floating Side Menu

Side Menu Lite – Sticky Floating Side Menu

side-menu-lite

A
95

Create a sticky vertical sidebar menu that enhances navigation and highlights important links on your website.

7K 5 CVEs
Easy Sidebar Menu Widget

Easy Sidebar Menu Widget

easy-sidebar-menu-widget

A
85

Add WordPress Dropdown Menu Widget easily! Upgrade your sidebar menus to responsive dropdown widget now!

3K No CVEs
Responsive Vertical Icon Menu

Responsive Vertical Icon Menu

wpdevart-vertical-menu

A
99

WordPress Responsive Vertical menu plugin is an nice and handy plugin for showing your menu in widget. It's very simple to use.

800 3 CVEs
Sidebar Menu Widget

Sidebar Menu Widget

sidebar-menu-widget

A
85

Easily add a sidebar menu to your widgetable sidebar. With this plugin you can create a sidebar menu.

300 No CVEs
Developer Profile

Sidebar Menu Developer Profile

HooThemes

6 plugins · 600 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Sidebar Menu

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/sidebar-menu/assets/css/custom.css/wp-content/plugins/sidebar-menu/assets/css/icon-style.css/wp-content/plugins/sidebar-menu/assets/css/style.css/wp-content/plugins/sidebar-menu/assets/js/custom.js/wp-content/plugins/sidebar-menu/assets/js/custom_backend.js
Script Paths
/wp-content/plugins/sidebar-menu/assets/js/custom.js/wp-content/plugins/sidebar-menu/assets/js/custom_backend.js
Version Parameters
sidebar-menu/assets/css/custom.css?ver=sidebar-menu/assets/css/icon-style.css?ver=sidebar-menu/assets/css/style.css?ver=sidebar-menu/assets/js/custom.js?ver=sidebar-menu/assets/js/custom_backend.js?ver=

HTML / DOM Fingerprints

CSS Classes
sidebarmenu-fixedhoo-side-iconhoo-animation
Data Attributes
data-post_id
JS Globals
custom_backend_data
Shortcode Output
[sidebarmenu id=
FAQ

Frequently Asked Questions about Sidebar Menu