Does Simple AMP have any unpatched vulnerabilities?

No. All known vulnerabilities in Simple AMP have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Simple AMP compatible with WordPress 4.6.30?

According to WordPress.org data, Simple AMP 0.1.1 has been tested up to WordPress 4.6.30. Check the plugin's changelog for the latest compatibility information.

How often is Simple AMP updated?

Simple AMP was last updated on Oct 25, 2016. Frequent updates are generally a positive security signal.

What is Simple AMP's security score?

Simple AMP has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Simple AMP Security & Risk Analysis

wordpress.org/plugins/simple-amp

A simple plugin that generates AMP pages based on current template.

10 active installs v0.1.1 PHP + WP 3.7+ Updated Oct 25, 2016

accelerated-mobile-pagesampgooglemobile

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Simple AMP Safe to Use in 2026?

Generally Safe

Score 85/100

Simple AMP has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The 'simple-amp' v0.1.1 plugin exhibits a strong security posture in several key areas. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits its attack surface. Furthermore, the plugin utilizes prepared statements exclusively for its SQL queries, mitigating common SQL injection risks. The static analysis reveals no dangerous functions, file operations, or external HTTP requests, all positive indicators. However, the low percentage of properly escaped output (25%) is a notable concern. This suggests that user-provided data or dynamic content might be rendered without sufficient sanitization, potentially leading to cross-site scripting (XSS) vulnerabilities. The lack of capability checks and nonce checks, while mitigated by the small attack surface, could become a risk if new entry points are introduced without proper security controls. The plugin's vulnerability history is clean, with no recorded CVEs. This, combined with the current static analysis findings, suggests a generally well-coded plugin, but the output escaping issue warrants attention.

Key Concerns

Low output escaping percentage
No capability checks
No nonce checks

Vulnerabilities

None known

Simple AMP Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Simple AMP Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Guzzle

Output Escaping

25% escaped4 total outputs

Attack Surface

Simple AMP Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actioninitincludes\class-simple-amp.php:11

actionwpincludes\class-simple-amp.php:26

actiontemplate_redirectincludes\class-simple-amp.php:39

actionwp_headincludes\class-simple-amp.php:96

actionadmin_noticessimple-amp.php:46

actionadmin_initsimple-amp.php:47

Maintenance & Trust

Simple AMP Maintenance & Trust

Maintenance Signals

WordPress version tested4.6.30

Last updatedOct 25, 2016

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Simple AMP Alternatives

AMP for WP – Accelerated Mobile Pages

accelerated-mobile-pages

AMP for WP is the most recommended AMP plugin by the community. Automatically add Accelerated Mobile Pages (Google AMP Project) functionality on your …

90K 14 CVEs