WP-Safety

Simple:Press Forum Security & Risk Analysis

wordpress.org/plugins/simplepress

The most versatile and feature-rich forum plugin for WordPress. Create unlimited forums with awesome features directly in your WordPress site.

300 active installs v6.11.14 PHP 7.0+ WP 5.7+ Updated Jan 29, 2026
community-forumdiscussion-forumforumforumswordpress-forum
90
A · Safe
CVEs total10
Unpatched0
Last CVEMar 31, 2025
Plugin page Download
Safety Verdict

Is Simple:Press Forum Safe to Use in 2026?

Generally Safe

Score 90/100

Simple:Press Forum has a strong security track record. Known vulnerabilities have been patched promptly.

10 known CVEsLast CVE: Mar 31, 2025Updated 2mo ago
Risk Assessment

The Simplepress plugin version 6.11.14 exhibits a mixed security posture. On the positive side, the plugin demonstrates strong adherence to secure coding practices in several key areas. The vast majority of SQL queries are prepared, and output escaping is extensively and properly implemented. Nonce and capability checks are also present in a significant portion of the code. However, a major concern is the exceptionally large attack surface exposed by unprotected AJAX handlers. With 102 AJAX handlers lacking authentication checks, this represents a significant potential entry point for malicious actors. The taint analysis further highlights this risk, with a high number of flows involving unsanitized paths, including 46 categorized as high severity. This suggests that user-supplied input might not be sufficiently validated before being used in path operations, potentially leading to vulnerabilities like path traversal or file system manipulation.

The plugin's vulnerability history, marked by 10 known CVEs including one critical and two high-severity issues, indicates a recurring pattern of security weaknesses. The common vulnerability types (Missing Authorization, CSRF, Path Traversal, XSS, Unrestricted File Upload) align with the concerns raised by the static and taint analysis. While there are currently no unpatched CVEs, the past prevalence of these issues suggests a persistent need for rigorous security auditing and patching. The last reported vulnerability in March 2025, if accurate, suggests ongoing discovery of issues, necessitating vigilance.

In conclusion, while Simplepress employs good practices in SQL preparation and output escaping, the high number of unprotected AJAX endpoints and the significant taint flows with unsanitized paths are substantial security risks. The historical vulnerability data reinforces the need for continued attention to authorization and input validation to mitigate potential exploits.

Key Concerns

  • Unprotected AJAX handlers
  • High severity taint flows with unsanitized paths
  • 1 critical CVE in history
  • 2 high severity CVEs in history
  • Common vulnerability: Missing Authorization
  • Common vulnerability: CSRF
  • Common vulnerability: Path Traversal
  • Common vulnerability: XSS
  • Common vulnerability: Unrestricted File Upload
  • Dangerous function: unserialize
Vulnerabilities
10

Simple:Press Forum Security Vulnerabilities

CVEs by Year

1 CVE in 2020
2020
5 CVEs in 2022
2022
4 CVEs in 2025
2025
Patched Has unpatched

Severity Breakdown

Critical
1
High
2
Medium
6
Low
1

10 total CVEs

CVE-2025-31386medium · 5.3Missing Authorization

Simple:Press <= 6.10.5 - Missing Authorization

Mar 31, 2025 Patched in 6.11.6 (134d)
CVE-2024-13518medium · 4.3Cross-Site Request Forgery (CSRF)

Simple:Press <= 6.10.12 - Cross-Site Request Forgery to Unauthorized Post Editing

Feb 28, 2025 Patched in 6.10.13 (125d)
CVE-2024-12409medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Simple:Press Forum <= 6.10.11 - Reflected Cross-Site Scripting

Jan 29, 2025 Patched in 6.10.12 (1d)
CVE-2024-10483medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Simple:Press Forum <= 6.10.10 - Reflected Cross-Site Scripting via msearch

Jan 17, 2025 Patched in 6.10.11 (46d)
CVE-2022-4031low · 3.8Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Simple:Press <= 6.8 - Authenticated (Admin+) Path Traversal to Arbitrary File Modification

Nov 29, 2022 Patched in 6.8.1 (420d)
CVE-2022-4030high · 8.1Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Simple:Press <= 6.8 - Authenticated (Subscriber+) Path Traversal to Arbitrary File Deletion

Nov 29, 2022 Patched in 6.8.1 (420d)
CVE-2022-4027high · 7.2Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Simple:Press <= 6.8 - Unauthenticated Stored Cross-Site Scripting via Forum Replies

Nov 29, 2022 Patched in 6.8.1 (420d)
CVE-2022-4029medium · 4.7Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Simple:Press <= 6.8 - Reflected Cross-Site Scripting via Cookie Value

Nov 29, 2022 Patched in 6.8.1 (420d)
CVE-2022-4028medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Simple:Press <= 6.8 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Profile Signatures

Nov 29, 2022 Patched in 6.8.1 (420d)
CVE-2020-36706critical · 9.8Unrestricted Upload of File with Dangerous Type

Simple:Press – WordPress Forum Plugin <= 6.6.0 - Arbitrary File Upload

Sep 25, 2020 Patched in 6.6.1 (1215d)
Code Analysis
Analyzed Mar 16, 2026

Simple:Press Forum Code Analysis

Dangerous Functions
30
Raw SQL Queries
1
54 prepared
Unescaped Output
64
5405 escaped
Nonce Checks
94
Capability Checks
69
File Operations
16
External Requests
12
Bundled Libraries
0

Dangerous Functions Found

unserialize$subForums = unserialize($thisForum->children);admin\panel-forums\forms\spa-forums-ordering-form.php:145
unserialize$childlist = [unserialize($forum->children)];admin\panel-forums\spa-forums-display-main.php:138
unserialize$children = unserialize($children);admin\panel-forums\support\spa-forums-save.php:504
unserialize$children = unserialize($children);admin\panel-forums\support\spa-forums-save.php:567
unserialize$childlist = array(unserialize($forum->children));admin\panel-forums\support\spa-forums-save.php:1108
unserialize$children = unserialize($childlist[0]->children);admin\panel-forums\support\spa-forums-save.php:1131
unserialize$childlist = array(unserialize($forum->children));admin\panel-forums\support\spa-forums-save.php:1312
unserialize$section = unserialize($d->log_data);admin\panel-toolbox\ajax\spa-ajax-install-log.php:32
unserialize$topSubs = unserialize($f[$fidx]->children);forum\content\classes\sp-view-class-spcforumview.php:338
unserialize$topSubs = unserialize($f[$forumid]->children);forum\content\classes\sp-view-class-spcforumview.php:437
unserialize$subs = unserialize($r->children);forum\content\classes\sp-view-class-spcforumview.php:652
unserialize$m[$ugidx]->members[$midx]->avatar = unserialize($r->avatar);forum\content\classes\sp-view-class-spcmemberslist.php:329
unserialize$m[$ugidx]->members[$midx]->user_options = unserialize($r->user_options);forum\content\classes\sp-view-class-spcmemberslist.php:331
unserialize$edits = unserialize($r->post_edit);forum\content\classes\sp-view-class-spctopicview.php:343
unserialize$postedits = (!empty($history)) ? unserialize($history) : array();forum\database\sp-db-management.php:97
unserialize$options = unserialize($user->admin_options);forum\database\sp-db-management.php:139
unserialize$options = unserialize($user->admin_options);forum\database\sp-db-management.php:254
unserialize$admin_opts = unserialize($admin->admin_options);forum\library\sp-post-support.php:28
unserialize$actions = unserialize($role->role_auths);sp-api\sp-api-class-spcauths.php:104
unserialize$actions = unserialize($role->role_auths);sp-api\sp-api-class-spcauths.php:157
unserialize$roles[$role->role_id] = unserialize($role->role_auths);sp-api\sp-api-class-spcauths.php:343
unserializereturn wp_unslash(unserialize($record));sp-api\sp-api-class-spccache.php:112
unserialize$notification = unserialize($notification);sp-api\sp-api-class-spcnotifications.php:115
unserialize$opts = unserialize($item);sp-api\sp-api-class-spcuser.php:236
unserialize$opts = unserialize($item);sp-api\sp-api-class-spcuser.php:241
unserialize$pluginData = unserialize($item);sp-api\sp-api-class-spcuser.php:246
unserialize$options = unserialize($member['user_options']);sp-api\sp-api-class-spcuser.php:654
unserializeif (is_serialized($content)) $config = @unserialize($content);sp-startup\admin\spa-admin-framework.php:580
unserialize$data = unserialize($rec->meta_value);sp-startup\install\sp-upgrade.php:63
unserialize$actions = unserialize($role->role_auths);sp-startup\install\sp-upgrade.php:98

SQL Query Safety

98% prepared55 total queries

Output Escaping

99% escaped5469 total outputs
Data Flows
69 unsanitized

Data Flow Analysis

25 flows69 with unsanitized paths
sp_search_admin_tasks (admin\help\search\spa-ajax-keywords.php:21)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
102 unprotected

Simple:Press Forum Attack Surface

Entry Points103
Unprotected102

AJAX Handlers 102

authwp_ajax_forums-loadersp-startup\admin\spa-admin-ajax-actions.php:18
noprivwp_ajax_forums-loadersp-startup\admin\spa-admin-ajax-actions.php:19
authwp_ajax_options-loadersp-startup\admin\spa-admin-ajax-actions.php:25
noprivwp_ajax_options-loadersp-startup\admin\spa-admin-ajax-actions.php:26
authwp_ajax_optionssp-startup\admin\spa-admin-ajax-actions.php:35
authwp_ajax_components-loadersp-startup\admin\spa-admin-ajax-actions.php:41
noprivwp_ajax_components-loadersp-startup\admin\spa-admin-ajax-actions.php:42
authwp_ajax_usergroups-loadersp-startup\admin\spa-admin-ajax-actions.php:48
noprivwp_ajax_usergroups-loadersp-startup\admin\spa-admin-ajax-actions.php:49
authwp_ajax_permissions-loadersp-startup\admin\spa-admin-ajax-actions.php:55
noprivwp_ajax_permissions-loadersp-startup\admin\spa-admin-ajax-actions.php:56
authwp_ajax_integration-loadersp-startup\admin\spa-admin-ajax-actions.php:62
noprivwp_ajax_integration-loadersp-startup\admin\spa-admin-ajax-actions.php:63
authwp_ajax_profiles-loadersp-startup\admin\spa-admin-ajax-actions.php:69
noprivwp_ajax_profiles-loadersp-startup\admin\spa-admin-ajax-actions.php:70
authwp_ajax_admins-loadersp-startup\admin\spa-admin-ajax-actions.php:76
noprivwp_ajax_admins-loadersp-startup\admin\spa-admin-ajax-actions.php:77
authwp_ajax_users-loadersp-startup\admin\spa-admin-ajax-actions.php:83
noprivwp_ajax_users-loadersp-startup\admin\spa-admin-ajax-actions.php:84
authwp_ajax_plugins-loadersp-startup\admin\spa-admin-ajax-actions.php:90
noprivwp_ajax_plugins-loadersp-startup\admin\spa-admin-ajax-actions.php:91
authwp_ajax_themes-loadersp-startup\admin\spa-admin-ajax-actions.php:97
noprivwp_ajax_themes-loadersp-startup\admin\spa-admin-ajax-actions.php:98
authwp_ajax_toolbox-loadersp-startup\admin\spa-admin-ajax-actions.php:104
noprivwp_ajax_toolbox-loadersp-startup\admin\spa-admin-ajax-actions.php:105
authwp_ajax_promotions-loadersp-startup\admin\spa-admin-ajax-actions.php:112
noprivwp_ajax_promotions-loadersp-startup\admin\spa-admin-ajax-actions.php:113
authwp_ajax_license-checksp-startup\admin\spa-admin-ajax-actions.php:120
noprivwp_ajax_license-checksp-startup\admin\spa-admin-ajax-actions.php:121
authwp_ajax_forumssp-startup\admin\spa-admin-ajax-actions.php:129
noprivwp_ajax_forumssp-startup\admin\spa-admin-ajax-actions.php:130
authwp_ajax_componentssp-startup\admin\spa-admin-ajax-actions.php:136
noprivwp_ajax_componentssp-startup\admin\spa-admin-ajax-actions.php:137
authwp_ajax_usergroupssp-startup\admin\spa-admin-ajax-actions.php:143
noprivwp_ajax_usergroupssp-startup\admin\spa-admin-ajax-actions.php:144
authwp_ajax_usermappingsp-startup\admin\spa-admin-ajax-actions.php:150
noprivwp_ajax_usermappingsp-startup\admin\spa-admin-ajax-actions.php:151
authwp_ajax_membershipssp-startup\admin\spa-admin-ajax-actions.php:157
noprivwp_ajax_membershipssp-startup\admin\spa-admin-ajax-actions.php:158
authwp_ajax_integration-permsp-startup\admin\spa-admin-ajax-actions.php:164
noprivwp_ajax_integration-permsp-startup\admin\spa-admin-ajax-actions.php:165
authwp_ajax_integration-langssp-startup\admin\spa-admin-ajax-actions.php:171
noprivwp_ajax_integration-langssp-startup\admin\spa-admin-ajax-actions.php:172
authwp_ajax_profilessp-startup\admin\spa-admin-ajax-actions.php:178
noprivwp_ajax_profilessp-startup\admin\spa-admin-ajax-actions.php:179
authwp_ajax_membergroupsp-startup\admin\spa-admin-ajax-actions.php:181
authwp_ajax_multiselectsp-startup\admin\spa-admin-ajax-actions.php:189
noprivwp_ajax_multiselectsp-startup\admin\spa-admin-ajax-actions.php:190
authwp_ajax_uploadersp-startup\admin\spa-admin-ajax-actions.php:196
authwp_ajax_iconset_uploadersp-startup\admin\spa-admin-ajax-actions.php:207
authwp_ajax_helpsp-startup\admin\spa-admin-ajax-actions.php:213
noprivwp_ajax_helpsp-startup\admin\spa-admin-ajax-actions.php:214
authwp_ajax_troubleshootingsp-startup\admin\spa-admin-ajax-actions.php:220
noprivwp_ajax_troubleshootingsp-startup\admin\spa-admin-ajax-actions.php:221
authwp_ajax_adminsearchsp-startup\admin\spa-admin-ajax-actions.php:227
noprivwp_ajax_adminsearchsp-startup\admin\spa-admin-ajax-actions.php:228
authwp_ajax_adminkeywordssp-startup\admin\spa-admin-ajax-actions.php:234
noprivwp_ajax_adminkeywordssp-startup\admin\spa-admin-ajax-actions.php:235
authwp_ajax_remove-newssp-startup\admin\spa-admin-ajax-actions.php:241
noprivwp_ajax_remove-newssp-startup\admin\spa-admin-ajax-actions.php:242
authwp_ajax_install-logsp-startup\admin\spa-admin-ajax-actions.php:248
noprivwp_ajax_install-logsp-startup\admin\spa-admin-ajax-actions.php:249
authwp_ajax_plugin-tipsp-startup\admin\spa-admin-ajax-actions.php:255
noprivwp_ajax_plugin-tipsp-startup\admin\spa-admin-ajax-actions.php:256
authwp_ajax_usergroup-tipsp-startup\admin\spa-admin-ajax-actions.php:262
noprivwp_ajax_usergroup-tipsp-startup\admin\spa-admin-ajax-actions.php:263
authwp_ajax_permission-tipsp-startup\admin\spa-admin-ajax-actions.php:269
noprivwp_ajax_permission-tipsp-startup\admin\spa-admin-ajax-actions.php:270
authwp_ajax_upgradesp-startup\admin\spa-admin-ajax-actions.php:278
noprivwp_ajax_upgradesp-startup\admin\spa-admin-ajax-actions.php:279
authwp_ajax_installsp-startup\admin\spa-admin-ajax-actions.php:285
noprivwp_ajax_installsp-startup\admin\spa-admin-ajax-actions.php:286
authwp_ajax_spAckPopupsp-startup\core\sp-core-ajax-actions.php:14
noprivwp_ajax_spAckPopupsp-startup\core\sp-core-ajax-actions.php:15
authwp_ajax_new-topicsp-startup\forum\sp-forum-ajax-actions.php:14
noprivwp_ajax_new-topicsp-startup\forum\sp-forum-ajax-actions.php:15
authwp_ajax_new-postsp-startup\forum\sp-forum-ajax-actions.php:16
noprivwp_ajax_new-postsp-startup\forum\sp-forum-ajax-actions.php:17
authwp_ajax_searchsp-startup\forum\sp-forum-ajax-actions.php:23
noprivwp_ajax_searchsp-startup\forum\sp-forum-ajax-actions.php:24
authwp_ajax_spForumTopicToolssp-startup\forum\sp-forum-ajax-actions.php:30
noprivwp_ajax_spForumTopicToolssp-startup\forum\sp-forum-ajax-actions.php:31
authwp_ajax_spForumPostToolssp-startup\forum\sp-forum-ajax-actions.php:32
noprivwp_ajax_spPostTopicToolssp-startup\forum\sp-forum-ajax-actions.php:33
authwp_ajax_spForumToolssp-startup\forum\sp-forum-ajax-actions.php:39
noprivwp_ajax_spForumToolssp-startup\forum\sp-forum-ajax-actions.php:40
authwp_ajax_spForumPageJumpsp-startup\forum\sp-forum-ajax-actions.php:46
noprivwp_ajax_spForumPageJumpsp-startup\forum\sp-forum-ajax-actions.php:47
authwp_ajax_spTopicPageJumpsp-startup\forum\sp-forum-ajax-actions.php:48
noprivwp_ajax_spTopicPageJumpsp-startup\forum\sp-forum-ajax-actions.php:49
authwp_ajax_spQuotePostsp-startup\forum\sp-forum-ajax-actions.php:55
noprivwp_ajax_spQuotePostsp-startup\forum\sp-forum-ajax-actions.php:56
authwp_ajax_spUserNoticesp-startup\forum\sp-forum-ajax-actions.php:62
noprivwp_ajax_spUserNoticesp-startup\forum\sp-forum-ajax-actions.php:63
authwp_ajax_spUnreadPostsPopupsp-startup\forum\sp-forum-ajax-actions.php:69
noprivwp_ajax_spUnreadPostsPopupsp-startup\forum\sp-forum-ajax-actions.php:70
authwp_ajax_permissionssp-startup\forum\sp-forum-ajax-actions.php:76
noprivwp_ajax_permissionssp-startup\forum\sp-forum-ajax-actions.php:77
authwp_ajax_profilesp-startup\forum\sp-forum-ajax-actions.php:83
noprivwp_ajax_profilesp-startup\forum\sp-forum-ajax-actions.php:84
authwp_ajax_profile-savesp-startup\forum\sp-forum-ajax-actions.php:90
noprivwp_ajax_profile-savesp-startup\forum\sp-forum-ajax-actions.php:91

Shortcodes 1

[spoiler] sp-startup\sp-load-class-spcforumloader.php:213
WordPress Hooks 160
actionwp_enqueue_scriptsadmin\library\spa-iconsets.php:188
actionadmin_enqueue_scriptsadmin\library\spa-iconsets.php:189
filtersp_privacy_profile_dataadmin\library\spa-privacy.php:19
filtersp_privacy_forum_dataadmin\library\spa-privacy.php:130
actionadmin_enqueue_scriptsadmin\library\spa-support.php:20
filtertiny_mce_before_initadmin\library\spa-tab-support.php:222
filtertiny_mce_before_initadmin\library\spa-tab-support.php:239
filtersph_topic_editor_toolbar_submitforum\content\forms\sp-form-components.php:28
filtersph_post_editor_toolbar_submitforum\content\forms\sp-form-components.php:29
filtersph_post_editor_edit_toolbar_submitforum\content\forms\sp-form-components.php:30
filtersph_topic_editor_above_toolbarforum\content\forms\sp-form-components.php:31
filtersph_post_editor_above_toolbarforum\content\forms\sp-form-components.php:32
filtersph_topic_editor_toolbar_buttonsforum\content\forms\sp-form-components.php:33
filtersph_topic_editor_toolbarforum\content\forms\sp-form-components.php:34
filtersph_post_editor_toolbar_buttonsforum\content\forms\sp-form-components.php:35
filtersph_post_editor_toolbarforum\content\forms\sp-form-components.php:36
filtersp_topic_editor_inline_submitforum\content\forms\sp-form-components.php:38
filtersp_post_editor_inline_submitforum\content\forms\sp-form-components.php:39
filtersp_post_editor_edit_inline_submitforum\content\forms\sp-form-components.php:40
filtersph_topic_editor_submit_topforum\content\forms\sp-form-components.php:41
filtersph_post_editor_submit_topforum\content\forms\sp-form-components.php:42
filtersp_topic_editor_inline_footerforum\content\forms\sp-form-components.php:43
filtersp_post_editor_inline_footerforum\content\forms\sp-form-components.php:44
filtersph_template_load_nameforum\content\legacy\sp-legacy-theme-support.php:65
actionwp_footerforum\content\sp-forum-view-functions.php:2303
actionwp_footerforum\content\sp-forum-view-functions.php:2326
actionwp_footerforum\content\sp-profile-view-functions.php:88
actionwp_footerforum\content\sp-profile-view-functions.php:207
filterthe_contentforum\content\sp-topic-view-functions.php:1564
actionwp_footerforum\content\sp-topic-view-functions.php:2421
actionwp_footerforum\content\sp-topic-view-functions.php:2530
filtersph_UserNotices_Customforum\database\sp-db-management.php:534
actionsph_remove_a_newpostforum\database\sp-db-newposts.php:261
actionsph_load_editor_supportforum\editor\sp-text-editor.php:30
actionsph_load_editorforum\editor\sp-text-editor.php:31
filtersph_editor_textareaforum\editor\sp-text-editor.php:32
actionwpsp-control.php:505
filterupgrader_source_selectionsp-startup\admin\spa-admin-class-spcpluginupgrader.php:100
filterupgrader_clear_destinationsp-startup\admin\spa-admin-class-spcpluginupgrader.php:134
filterupgrader_source_selectionsp-startup\admin\spa-admin-class-spcthemeupgrader.php:83
filterupgrader_clear_destinationsp-startup\admin\spa-admin-class-spcthemeupgrader.php:119
actionin_admin_footersp-startup\admin\spa-admin-framework.php:239
actionadmin_enqueue_scriptssp-startup\admin\spa-admin-menu.php:532
actionin_admin_footersp-startup\admin\spa-admin-support-functions.php:435
actionsph_before_PostIndexContentsp-startup\core\sp-core-compatibility.php:20
actionsph_after_PostIndexContentsp-startup\core\sp-core-compatibility.php:34
filterthe_contentsp-startup\core\sp-core-compatibility.php:37
filterwp_mail_fromsp-startup\core\sp-core-support-functions.php:498
filterwp_mail_from_namesp-startup\core\sp-core-support-functions.php:499
filterthe_contentsp-startup\forum\sp-forum-framework.php:508
filterthe_titlesp-startup\forum\sp-forum-support-functions.php:380
actionadmin_print_stylessp-startup\sp-load-class-spcadmincoreloader.php:109
actionadmin_menusp-startup\sp-load-class-spcadmincoreloader.php:110
actioninitsp-startup\sp-load-class-spcadmincoreloader.php:113
actionadmin_noticessp-startup\sp-load-class-spcadmincoreloader.php:118
actionwp_dashboard_setupsp-startup\sp-load-class-spcadmincoreloader.php:122
actioninitsp-startup\sp-load-class-spcadmincoreloader.php:126
actionpermalink_structure_changedsp-startup\sp-load-class-spcadmincoreloader.php:130
actionsave_postsp-startup\sp-load-class-spcadmincoreloader.php:133
actionupdate-core-custom_do-sp-plugin-upgradesp-startup\sp-load-class-spcadmincoreloader.php:139
actionupdate-custom_update-sp-pluginssp-startup\sp-load-class-spcadmincoreloader.php:140
actionupdate-custom_upload-sp-pluginsp-startup\sp-load-class-spcadmincoreloader.php:141
actionupdate-core-custom_do-sp-theme-upgradesp-startup\sp-load-class-spcadmincoreloader.php:144
actionupdate-custom_update-sp-themessp-startup\sp-load-class-spcadmincoreloader.php:145
actionupdate-custom_upload-sp-themesp-startup\sp-load-class-spcadmincoreloader.php:146
filterwp_get_update_datasp-startup\sp-load-class-spcadmincoreloader.php:149
filternetwork_admin_plugin_action_linkssp-startup\sp-load-class-spcadmincoreloader.php:154
filterplugin_action_linkssp-startup\sp-load-class-spcadmincoreloader.php:155
actionadmin_headsp-startup\sp-load-class-spcadmincoreloader.php:156
actionadmin_enqueue_scriptssp-startup\sp-load-class-spcadmincoreloader.php:166
actioncore_upgrade_preamblesp-startup\sp-load-class-spcadmincoreloader.php:172
actioncore_upgrade_preamblesp-startup\sp-load-class-spcadmincoreloader.php:173
filterplugins_apisp-startup\sp-load-class-spcadmincoreloader.php:176
actionadmin_print_stylessp-startup\sp-load-class-spcadminloader.php:112
actionadmin_enqueue_scriptssp-startup\sp-load-class-spcadminloader.php:115
actionadmin_enqueue_scriptssp-startup\sp-load-class-spcadminloader.php:116
actionadmin_headsp-startup\sp-load-class-spcadminloader.php:117
actionin_admin_footersp-startup\sp-load-class-spcadminloader.php:118
filtersp_default_storage_paths_datasp-startup\sp-load-class-spccoreloader.php:107
actioninitsp-startup\sp-load-class-spccoreloader.php:407
actioninitsp-startup\sp-load-class-spccoreloader.php:410
filterpage_rewrite_rulessp-startup\sp-load-class-spccoreloader.php:411
filterquery_varssp-startup\sp-load-class-spccoreloader.php:412
actionlogin_redirectsp-startup\sp-load-class-spccoreloader.php:416
actionregistration_redirectsp-startup\sp-load-class-spccoreloader.php:417
actionwp_logoutsp-startup\sp-load-class-spccoreloader.php:418
actionwp_loginsp-startup\sp-load-class-spccoreloader.php:419
actionregister_formsp-startup\sp-load-class-spccoreloader.php:423
filterregistration_errorssp-startup\sp-load-class-spccoreloader.php:424
actionwp_loginsp-startup\sp-load-class-spccoreloader.php:427
actionwp_logoutsp-startup\sp-load-class-spccoreloader.php:428
actionparse_requestsp-startup\sp-load-class-spccoreloader.php:434
actionsph_login_headsp-startup\sp-load-class-spccoreloader.php:435
actionshow_user_profilesp-startup\sp-load-class-spccoreloader.php:436
actionsph_cron_usersp-startup\sp-load-class-spccoreloader.php:442
actionsph_transient_cleanup_cronsp-startup\sp-load-class-spccoreloader.php:443
actionsph_stats_cronsp-startup\sp-load-class-spccoreloader.php:444
actionsph_news_cronsp-startup\sp-load-class-spccoreloader.php:445
actioncron_schedulessp-startup\sp-load-class-spccoreloader.php:446
actionwpsp-startup\sp-load-class-spccoreloader.php:447
actionsph_check_addons_status_intervalsp-startup\sp-load-class-spccoreloader.php:448
actionwp_update_pluginssp-startup\sp-load-class-spccoreloader.php:449
actionwp_update_pluginssp-startup\sp-load-class-spccoreloader.php:450
filterget_avatarsp-startup\sp-load-class-spccoreloader.php:456
filterdefault_avatar_selectsp-startup\sp-load-class-spccoreloader.php:457
actionwpmu_new_usersp-startup\sp-load-class-spccoreloader.php:461
actionwpmu_activate_usersp-startup\sp-load-class-spccoreloader.php:462
actionadded_existing_usersp-startup\sp-load-class-spccoreloader.php:463
actionwpmu_delete_usersp-startup\sp-load-class-spccoreloader.php:464
actionuser_registersp-startup\sp-load-class-spccoreloader.php:478
actiondelete_usersp-startup\sp-load-class-spccoreloader.php:479
actionprofile_updatesp-startup\sp-load-class-spccoreloader.php:480
actionset_user_rolesp-startup\sp-load-class-spccoreloader.php:481
actionadd_user_rolesp-startup\sp-load-class-spccoreloader.php:482
actionremove_user_rolesp-startup\sp-load-class-spccoreloader.php:483
actiondelete_user_formsp-startup\sp-load-class-spccoreloader.php:484
filterwp_privacy_personal_data_exporterssp-startup\sp-load-class-spccoreloader.php:487
filterwp_privacy_personal_data_exporterssp-startup\sp-load-class-spccoreloader.php:488
filterwp_privacy_personal_data_eraserssp-startup\sp-load-class-spccoreloader.php:489
filterregistration_errorssp-startup\sp-load-class-spccoreloader.php:491
actionuser_profile_update_errorssp-startup\sp-load-class-spccoreloader.php:492
actionadmin_headsp-startup\sp-load-class-spccoreloader.php:495
actionwp_headsp-startup\sp-load-class-spccoreloader.php:496
actionwp_footersp-startup\sp-load-class-spccoreloader.php:497
actionadmin_bar_menusp-startup\sp-load-class-spccoreloader.php:500
filtersafe_style_csssp-startup\sp-load-class-spcforumloader.php:178
actiontemplate_redirectsp-startup\sp-load-class-spcforumloader.php:184
actionwp_headsp-startup\sp-load-class-spcforumloader.php:186
actionwp_print_stylessp-startup\sp-load-class-spcforumloader.php:187
actionwp_enqueue_scriptssp-startup\sp-load-class-spcforumloader.php:188
actionwp_enqueue_scriptssp-startup\sp-load-class-spcforumloader.php:189
actionwp_enqueue_scriptssp-startup\sp-load-class-spcforumloader.php:190
actionwp_footersp-startup\sp-load-class-spcforumloader.php:191
actionsph_scripts_endsp-startup\sp-load-class-spcforumloader.php:194
filterthe_contentsp-startup\sp-load-class-spcforumloader.php:197
filterrun_wptexturizesp-startup\sp-load-class-spcforumloader.php:201
filterredirect_canonicalsp-startup\sp-load-class-spcforumloader.php:204
filtersph_ProfileShowHeadersp-startup\sp-load-class-spcforumloader.php:208
actionsph_profile_edit_after_tabssp-startup\sp-load-class-spcforumloader.php:209
actionloop_startsp-startup\sp-load-class-spcforumloader.php:217
filterthe_titlesp-startup\sp-load-class-spcforumloader.php:218
filterpre_wp_nav_menusp-startup\sp-load-class-spcforumloader.php:221
filterwp_nav_menusp-startup\sp-load-class-spcforumloader.php:222
filterget_canonical_urlsp-startup\sp-load-class-spcforumloader.php:230
filterpre_get_document_titlesp-startup\sp-load-class-spcforumloader.php:234
filterwp_titlesp-startup\sp-load-class-spcforumloader.php:236
filterwp_list_pagessp-startup\sp-load-class-spcforumloader.php:242
filterwp_nav_menusp-startup\sp-load-class-spcforumloader.php:243
filteraioseop_canonical_urlsp-startup\sp-load-class-spcforumloader.php:248
filteraioseop_descriptionsp-startup\sp-load-class-spcforumloader.php:249
filteraioseop_keywordssp-startup\sp-load-class-spcforumloader.php:250
filteraioseop_home_page_titlesp-startup\sp-load-class-spcforumloader.php:251
filterlanguage_attributessp-startup\sp-load-class-spcforumloader.php:254
actionwp_headsp-startup\sp-load-class-spcforumloader.php:255
filtertemplate_redirectsp-startup\sp-load-class-spcforumloader.php:258
filterpage_linksp-startup\sp-load-class-spcsiteloader.php:100
actionwp_enqueue_scriptssp-startup\sp-load-class-spcsiteloader.php:103
actionwp_headsp-startup\sp-load-class-spcsiteloader.php:106
actiontemplate_redirectsp-startup\sp-load-class-spcsiteloader.php:109
filterpre_get_postssp-startup\sp-load-class-spcsiteloader.php:110

Scheduled Events 16

sph_stats_cron
sph_cron_user
sph_transient_cleanup_cron
sph_stats_cron
sph_news_cron
sph_cron_user
sph_check_addons_status_interval
sph_transient_cleanup_cron
sph_news_cron
sph_stats_cron
sph_check_addons_status_interval
sph_cron_user
sph_transient_cleanup_cron
sph_stats_cron
sph_news_cron
sph_check_addons_status_interval
Maintenance & Trust

Simple:Press Forum Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJan 29, 2026
PHP min version7.0
Downloads47K

Community Trust

Rating84/100
Number of ratings23
Active installs300
Alternatives

Simple:Press Forum Alternatives

CM Answers – Discussion Forum Plugin for WordPress Q&A

CM Answers – Discussion Forum Plugin for WordPress Q&A

cm-answers

A
97

Discussion Forum Plugin for WordPress Q&A. Build engaging community forums with voting, moderation, notifications, and AI integration.

300 3 CVEs
Neoforum

Neoforum

neoforum

D
41

Neoforum is full-fledged forum engine for Wordpress, including all standard forum functionality.

0 2 unpatched
bbPress

bbPress

bbpress

A
91

bbPress is forum software for WordPress.

100K 6 CVEs
wpForo Forum

wpForo Forum

wpforo

B
76

Number one WordPress forum plugin. Full-fledged forum solution with modern and responsive forum design. Community builder WordPress forum plugin.

20K 34 CVEs
Asgaros Forum

Asgaros Forum

asgaros-forum

B
76

Asgaros Forum is the best forum-plugin for WordPress! It comes with dozens of features in a beautiful design and stays simple and fast.

10K 12 CVEs
Developer Profile

Simple:Press Forum Developer Profile

simplepress

1 plugin · 300 total installs

72
trust score
Avg Security Score
90/100
Avg Patch Time
362 days
View full developer profile
Detection Fingerprints

How We Detect Simple:Press Forum

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/simplepress/sp-admin/css/sp-admin.css/wp-content/plugins/simplepress/sp-admin/css/sp-admin.min.css/wp-content/plugins/simplepress/sp-admin/js/sp-admin.js/wp-content/plugins/simplepress/sp-admin/js/sp-admin.min.js/wp-content/plugins/simplepress/sp-forum/css/sp-forum.css/wp-content/plugins/simplepress/sp-forum/css/sp-forum.min.css/wp-content/plugins/simplepress/sp-forum/js/sp-forum.js/wp-content/plugins/simplepress/sp-forum/js/sp-forum.min.js+20 more
Script Paths
/wp-content/plugins/simplepress/sp-admin/js/sp-admin.js/wp-content/plugins/simplepress/sp-admin/js/sp-admin.min.js/wp-content/plugins/simplepress/sp-forum/js/sp-forum.js/wp-content/plugins/simplepress/sp-forum/js/sp-forum.min.js/wp-content/plugins/simplepress/sp-functions/js/sp-functions.js/wp-content/plugins/simplepress/sp-functions/js/sp-functions.min.js+8 more
Version Parameters
simplepress/sp-admin/css/sp-admin.css?ver=simplepress/sp-admin/css/sp-admin.min.css?ver=simplepress/sp-admin/js/sp-admin.js?ver=simplepress/sp-admin/js/sp-admin.min.js?ver=simplepress/sp-forum/css/sp-forum.css?ver=simplepress/sp-forum/css/sp-forum.min.css?ver=simplepress/sp-forum/js/sp-forum.js?ver=simplepress/sp-forum/js/sp-forum.min.js?ver=simplepress/sp-functions/css/sp-functions.css?ver=simplepress/sp-functions/css/sp-functions.min.css?ver=simplepress/sp-functions/js/sp-functions.js?ver=simplepress/sp-functions/js/sp-functions.min.js?ver=simplepress/sp-load/css/sp-load.css?ver=simplepress/sp-load/css/sp-load.min.css?ver=simplepress/sp-load/js/sp-load.js?ver=simplepress/sp-load/js/sp-load.min.js?ver=simplepress/sp-profile/css/sp-profile.css?ver=simplepress/sp-profile/css/sp-profile.min.css?ver=simplepress/sp-profile/js/sp-profile.js?ver=simplepress/sp-profile/js/sp-profile.min.js?ver=simplepress/sp-user/css/sp-user.css?ver=simplepress/sp-user/css/sp-user.min.css?ver=simplepress/sp-user/js/sp-user.js?ver=simplepress/sp-user/js/sp-user.min.js?ver=simplepress/js/simplepress.js?ver=simplepress/js/simplepress.min.js?ver=simplepress/css/simplepress.css?ver=simplepress/css/simplepress.min.css?ver=

HTML / DOM Fingerprints

CSS Classes
sp-wrapsp-layoutsp-topicsp-postsp-user-profilesp-forum-titlesp-member-profile
HTML Comments
<!-- Simple:Press Version --><!-- SIMPLEPRESS --><!-- END SIMPLEPRESS -->
Data Attributes
data-sp-iddata-sp-post-iddata-sp-topic-iddata-sp-forum-id
JS Globals
SPsimplepress_ajax
REST Endpoints
/wp-json/simplepress/v1/
Shortcode Output
[simple-press][sp-forum][sp-topic][sp-user-profile]
FAQ

Frequently Asked Questions about Simple:Press Forum