WP-Safety

Specific Content For Mobile – Customize the mobile version without redirections Security & Risk Analysis

wordpress.org/plugins/specific-content-for-mobile

Specific Content For Mobile allows you to create pages and posts content designed for mobile devices.

4K active installs v0.5.6 PHP 5.6+ WP 4.6+ Updated Dec 4, 2025
ampcleanupdevicemobileoptimization
96
A · Safe
CVEs total3
Unpatched0
Last CVENov 11, 2025
Plugin page Download
Safety Verdict

Is Specific Content For Mobile – Customize the mobile version without redirections Safe to Use in 2026?

Generally Safe

Score 96/100

Specific Content For Mobile – Customize the mobile version without redirections has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: Nov 11, 2025Updated 4mo ago
Risk Assessment

The 'specific-content-for-mobile' plugin, version 0.5.6, presents a mixed security posture. On the positive side, it demonstrates strong adherence to secure coding practices by exclusively using prepared statements for SQL queries, a very high percentage of properly escaped output, and a significant number of capability and nonce checks. There are no identified dangerous functions, file operations, or unpatched critical/high vulnerabilities.

However, several concerns warrant attention. The plugin has a notable attack surface with four AJAX handlers, one of which lacks any authentication checks. This directly exposes a potential entry point for unauthorized actions. While the taint analysis shows no critical or high severity unsanitized flows, the presence of one unsanitized path is a flag that requires investigation. Furthermore, the plugin's history of three medium-severity CVEs, including SQL Injection, Missing Authorization, and Cross-site Scripting, indicates a pattern of past security weaknesses that, despite being patched, suggest areas where the codebase may be prone to vulnerabilities.

In conclusion, while the plugin has improved in many secure coding areas, the unprotected AJAX handler and past vulnerability history are significant weaknesses. The single unsanitized path in the taint analysis is also a concern. Continuous vigilance and thorough code reviews are recommended to mitigate the risks associated with these identified issues and the plugin's historical vulnerability profile.

Key Concerns

  • Unprotected AJAX handler
  • Flow with unsanitized path in taint analysis
  • History of 3 medium CVEs
Vulnerabilities
3

Specific Content For Mobile – Customize the mobile version without redirections Security Vulnerabilities

CVEs by Year

1 CVE in 2024
2024
2 CVEs in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
3

3 total CVEs

CVE-2025-11454medium · 6.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Specific Content For Mobile – Customize the mobile version without redirections <= 0.5.5 - Authenticated (Contributor+) SQL Injection

Nov 11, 2025 Patched in 0.5.6 (1d)
CVE-2025-30874medium · 4.3Missing Authorization

Specific Content For Mobile <= 0.5.3 - Missing Authorization

Mar 27, 2025 Patched in 0.5.4 (7d)
CVE-2024-29126medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Specific Content For Mobile – Customize the mobile version without redirections <= 0.1.9.5 - Reflected Cross-Site Scripting

Mar 16, 2024 Patched in 0.1.9.6 (5d)
Code Analysis
Analyzed Mar 16, 2026

Specific Content For Mobile – Customize the mobile version without redirections Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
2
138 escaped
Nonce Checks
6
Capability Checks
4
File Operations
0
External Requests
4
Bundled Libraries
0

Output Escaping

99% escaped140 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

4 flows1 with unsanitized paths
<scfm-admin> (admin\scfm-admin.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Specific Content For Mobile – Customize the mobile version without redirections Attack Surface

Entry Points4
Unprotected1

AJAX Handlers 4

authwp_ajax_eos_scfm_dismiss_warningsadmin\scfm-admin.php:895
authwp_ajax_eos_scfm_dismiss_offeradmin\scfm-admin.php:905
authwp_ajax_eos_scfm_suggest_pageinc\scfm-ajax.php:4
authwp_ajax_eos_scfm_save_settingsinc\scfm-ajax.php:39
WordPress Hooks 50
filterload_textdomain_mofileadmin\scfm-admin.php:18
actionin_admin_headeradmin\scfm-admin.php:29
filterget_sample_permalink_htmladmin\scfm-admin.php:36
actionadmin_enqueue_scriptsadmin\scfm-admin.php:41
actionadmin_action_eos_scfm_duplicate_post_as_draftadmin\scfm-admin.php:46
filterpost_row_actionsadmin\scfm-admin.php:150
filterpage_row_actionsadmin\scfm-admin.php:151
filterdisplay_post_statesadmin\scfm-admin.php:184
actionwp_trash_postadmin\scfm-admin.php:240
actionuntrash_postadmin\scfm-admin.php:266
actionadd_meta_boxesadmin\scfm-admin.php:289
actionsave_postadmin\scfm-admin.php:342
actionadmin_noticesadmin\scfm-admin.php:516
actionadmin_menuadmin\scfm-admin.php:615
filterbulk_actions-edit-postadmin\scfm-admin.php:750
filterbulk_actions-edit-pageadmin\scfm-admin.php:751
filterhandle_bulk_actions-edit-postadmin\scfm-admin.php:758
filterhandle_bulk_actions-edit-pageadmin\scfm-admin.php:759
actionadmin_noticesadmin\scfm-admin.php:790
filteradmin_body_classadmin\scfm-admin.php:809
filterpreview_post_linkadmin\scfm-admin.php:835
filtereos_dp_integration_action_pluginsadmin\scfm-admin.php:862
actiontemplate_redirectspecific-content-for-mobile.php:55
actiontemplate_redirectspecific-content-for-mobile.php:56
filtersingle_templatespecific-content-for-mobile.php:114
filterpage_templatespecific-content-for-mobile.php:115
actioninitspecific-content-for-mobile.php:130
filtershow_admin_barspecific-content-for-mobile.php:134
actionwp_headspecific-content-for-mobile.php:135
filterbody_classspecific-content-for-mobile.php:153
actionwp_footerspecific-content-for-mobile.php:185
actionwp_headspecific-content-for-mobile.php:192
filteroption_page_on_frontspecific-content-for-mobile.php:207
filteroption_page_for_postsspecific-content-for-mobile.php:208
filterget_post_statusspecific-content-for-mobile.php:217
actionpre_get_postsspecific-content-for-mobile.php:229
filterpost_linkspecific-content-for-mobile.php:252
filterget_post_statusspecific-content-for-mobile.php:268
filterprivate_title_formatspecific-content-for-mobile.php:273
actiontemplate_redirectspecific-content-for-mobile.php:322
filterwoocommerce_get_shop_page_idspecific-content-for-mobile.php:326
filtereos_scfm_post_typesspecific-content-for-mobile.php:344
filtercomments_template_query_argsspecific-content-for-mobile.php:358
actioncomment_form_afterspecific-content-for-mobile.php:368
filterwp_is_mobilespecific-content-for-mobile.php:382
filterpreprocess_commentspecific-content-for-mobile.php:403
filtertemplate_includespecific-content-for-mobile.php:446
actionget_headerspecific-content-for-mobile.php:463
actionget_footerspecific-content-for-mobile.php:473
filtermod_rewrite_rulesspecific-content-for-mobile.php:528
Maintenance & Trust

Specific Content For Mobile – Customize the mobile version without redirections Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 4, 2025
PHP min version5.6
Downloads153K

Community Trust

Rating98/100
Number of ratings30
Active installs4K
Alternatives

Specific Content For Mobile – Customize the mobile version without redirections Alternatives

AMP

AMP

amp

A
100

An easier path to great Page Experience for everyone. Powered by AMP.

400K No CVEs
AMP on WordPress – weeblrAMP CE

AMP on WordPress – weeblrAMP CE

weeblramp

A
85

weeblrAMP provides advanced support for Accelerated Mobile Pages for WordPress: posts, pages, categories, tags and archives.

70 No CVEs
WP AMP Website

WP AMP Website

wp-amp-website

A
85

Most popular plugin to build a light waighted wordpress AMP website.

20 No CVEs
AMP for WP – Accelerated Mobile Pages

AMP for WP – Accelerated Mobile Pages

accelerated-mobile-pages

A
92

AMP for WP is the most recommended AMP plugin by the community. Automatically add Accelerated Mobile Pages (Google AMP Project) functionality on your &hellip;

90K 14 CVEs
Any Mobile Theme Switcher

Any Mobile Theme Switcher

any-mobile-theme-switcher

A
92

This Plugin detects mobile browser and display the theme as the setting done from admin. Usefull for switch to Mobile Theme.

20K No CVEs
Developer Profile

Specific Content For Mobile – Customize the mobile version without redirections Developer Profile

Jose Mortellaro

56 plugins · 26K total installs

87
trust score
Avg Security Score
99/100
Avg Patch Time
62 days
View full developer profile
Detection Fingerprints

How We Detect Specific Content For Mobile – Customize the mobile version without redirections

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/specific-content-for-mobile/templates/scfm-preview.php/wp-content/plugins/specific-content-for-mobile/admin/scfm-admin.php/wp-content/plugins/specific-content-for-mobile/inc/scfm-ajax.php
Script Paths
/wp-content/plugins/specific-content-for-mobile/scfm-preview.php
Version Parameters
specific-content-for-mobile/style.css?ver=specific-content-for-mobile/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
scfmscfm-desktop-scfm-mobile-eos-scfm-d-eos-scfm-d-mobile-deviceeos-scfm-d-desktop-deviceeos-scfm-t-
Data Attributes
scfm-preview-css
JS Globals
scfm
FAQ

Frequently Asked Questions about Specific Content For Mobile – Customize the mobile version without redirections