Does Simple Membership Menu have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Simple Membership Menu compatible with WordPress 4.3.34?

According to WordPress.org data, Simple Membership Menu 1.0.0 has been tested up to WordPress 4.3.34. Check the plugin's changelog for the latest compatibility information.

How often is Simple Membership Menu updated?

Simple Membership Menu was last updated on Oct 3, 2015. Frequent updates are generally a positive security signal.

What is Simple Membership Menu's security score?

Simple Membership Menu has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Simple Membership Menu Security & Risk Analysis

wordpress.org/plugins/simple-membership-menu

Simple membership Menu, permits to configure visibility on menu items, following Simple Membership available roles.

60 active installs v1.0.0 PHP + WP 3.3+ Updated Oct 3, 2015

membermembersmembers-onlymembershipmemberships

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Simple Membership Menu Safe to Use in 2026?

Generally Safe

Score 85/100

Simple Membership Menu has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The "simple-membership-menu" v1.0.0 plugin exhibits a strong security posture based on the provided static analysis. The absence of any identified dangerous functions, file operations, external HTTP requests, or raw SQL queries is highly commendable. Furthermore, all SQL queries utilize prepared statements, and outputs are 100% properly escaped, indicating good development practices for preventing common vulnerabilities like SQL injection and cross-site scripting. The presence of a nonce check is also a positive sign for security awareness.

However, the complete lack of any identified attack surface (AJAX handlers, REST API routes, shortcodes, cron events) is unusual and could potentially indicate an oversight in the analysis or a plugin with very limited functionality. The absence of capability checks on the one identified nonce is a potential concern, as it leaves the action vulnerable to unauthorized execution if the nonce itself were to be compromised or if the functionality it protects is sensitive.

The plugin's vulnerability history is completely clean, with no recorded CVEs. This, combined with the strong static analysis, suggests a low overall risk profile. The plugin appears to be well-developed with a focus on secure coding. The primary weakness lies in the potential for the nonce-protected action to lack proper authorization checks.

Key Concerns

Missing capability checks on nonce

Vulnerabilities

None known

Simple Membership Menu Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Simple Membership Menu Release Timeline

v1.0.0Current

Code Analysis

Analyzed Mar 16, 2026

Simple Membership Menu Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared1 total queries

Attack Surface

Simple Membership Menu Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

filterwp_edit_nav_menu_walkerswpm-menu.php:91

actionwp_update_nav_menu_itemswpm-menu.php:92

actionwp_nav_menu_item_custom_fieldsswpm-menu.php:93

filterwp_get_nav_menu_itemsswpm-menu.php:98

Maintenance & Trust

Simple Membership Menu Maintenance & Trust

Maintenance Signals

WordPress version tested4.3.34

Last updatedOct 3, 2015

PHP min version

Downloads5K

Community Trust

Rating76/100

Number of ratings5

Active installs60

Alternatives

Simple Membership Menu Alternatives

Simple Membership

simple-membership

Simple membership plugin adds membership functionality to your site. Protect members only content using content protection easily.

40K 26 CVEs

Membership Lock

membership-lock

Membership Lock down lets you easily lock all post content including attached images, video, docs, and everything else.

20 No CVEs

Members – Membership & User Role Editor Plugin

members

The best WordPress membership and user role editor plugin. User Roles & Capabilities editor helps you restrict content in just a few clicks.

300K 1 CVE

Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress

wp-user-avatar

Setup paid membership, accept payment, sell subscription & digital product, paywall, create login & registration form, user profile & member directory

100K 43 CVEs

Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More

content-control

Restrict content based on login status, user roles, device type & more. Monetize your content with a paywall or members-only content.

40K 4 CVEs

Developer Profile

Simple Membership Menu Developer Profile

gioindahouz

1 plugin · 60 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Simple Membership Menu

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

menu-item-checkbox

Data Attributes

name="menu-item-swpm-

FAQ