Does SPIRALセキュアセッションマネージャー have any unpatched vulnerabilities?

No. All known vulnerabilities in SPIRALセキュアセッションマネージャー have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is SPIRALセキュアセッションマネージャー compatible with WordPress 6.8.5?

According to WordPress.org data, SPIRALセキュアセッションマネージャー 1.2.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is SPIRALセキュアセッションマネージャー updated?

SPIRALセキュアセッションマネージャー was last updated on Jan 15, 2026. Frequent updates are generally a positive security signal.

What is SPIRALセキュアセッションマネージャー's security score?

SPIRALセキュアセッションマネージャー has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SPIRALセキュアセッションマネージャー Security & Risk Analysis

wordpress.org/plugins/spiral-secure-session-manager

Easily add secure membership management and authentication features to your WordPress site using SPIRAL®.

40 active installs v1.2.0 PHP + WP 5.7+ Updated Jan 15, 2026

authenticationloginmembershipsecurityspiral

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is SPIRALセキュアセッションマネージャー Safe to Use in 2026?

Generally Safe

Score 100/100

SPIRALセキュアセッションマネージャー has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The plugin 'spiral-secure-session-manager' v1.2.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices regarding SQL queries and output escaping, with a high percentage of both utilizing prepared statements and proper escaping, respectively. The absence of known CVEs and bundled libraries is also a positive indicator. However, the static analysis reveals several areas of concern that detract from its overall security. The presence of one unprotected REST API route is a significant risk, as it provides an entry point into the plugin without any authentication or permission checks. While the total number of entry points is relatively low, this single unprotected route is a critical vulnerability. Additionally, the 19 external HTTP requests, while not explicitly flagged as problematic in the provided data, warrant careful review as they can sometimes be a vector for attacks if not handled securely. The taint analysis showed one flow with unsanitized paths, which is concerning even without a critical or high severity flag, as it indicates a potential weakness in data handling.

Key Concerns

Unprotected REST API route
Flow with unsanitized paths

Vulnerabilities

None known

SPIRALセキュアセッションマネージャー Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

SPIRALセキュアセッションマネージャー Code Analysis

Dangerous Functions

Raw SQL Queries

12 prepared

Unescaped Output

519 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

86% prepared14 total queries

Output Escaping

86% escaped605 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

6 flows1 with unsanitized paths

<class-spiral-secure-session-manager> (version_one\class-spiral-secure-session-manager.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

SPIRALセキュアセッションマネージャー Attack Surface

Entry Points19

Unprotected1

REST API Routes 1

POST/wp-json/custom-api/v1/custom-endpoint/version_two\class-spiral-v2-secure-session-manager.php:387

Shortcodes 18

[spiral-s-show-template] version_one\class-spiral-secure-session-manager.php:166

[spiral-s-is-logged-in] version_one\class-spiral-secure-session-manager.php:167

[spiral-s-is-logged-mypage] version_one\class-spiral-secure-session-manager.php:168

[spiral-s-is-logged-in-hide] version_one\class-spiral-secure-session-manager.php:169

[spiral-s-user-prop] version_one\class-spiral-secure-session-manager.php:170

[spiral-s-user-prop-all] version_one\class-spiral-secure-session-manager.php:171

[spiral-s-is-logged-in-type] version_one\class-spiral-secure-session-manager.php:172

[spiral-s-is-logged-in-rule] version_one\class-spiral-secure-session-manager.php:173

[spiral-s-link] version_one\class-spiral-secure-session-manager.php:174

[sml-show-template] version_one\class-spiral-secure-session-manager.php:176

[spiral-s-show-template] version_two\class-spiral-v2-secure-session-manager.php:165

[spiral-s-is-logged-in] version_two\class-spiral-v2-secure-session-manager.php:166

[spiral-s-is-logged-mypage] version_two\class-spiral-v2-secure-session-manager.php:167

[spiral-s-is-logged-in-hide] version_two\class-spiral-v2-secure-session-manager.php:168

[spiral-s-user-prop] version_two\class-spiral-v2-secure-session-manager.php:169

[spiral-s-user-prop-all] version_two\class-spiral-v2-secure-session-manager.php:170

[spiral-s-is-logged-in-type] version_two\class-spiral-v2-secure-session-manager.php:171

[spiral-s-link] version_two\class-spiral-v2-secure-session-manager.php:172

WordPress Hooks 66

actionadmin_post_sssm_step1_actioninclude\class-spiral-secure-session-manager-activator.php:6

actionadmin_post_sssm_step2_actioninclude\class-spiral-secure-session-manager-activator.php:7

actionadmin_post_sssm_step2_skip_actioninclude\class-spiral-secure-session-manager-activator.php:8

actionadmin_post_sssm_step3_actioninclude\class-spiral-secure-session-manager-activator.php:9

actionadmin_post_sssm_step4_actioninclude\class-spiral-secure-session-manager-activator.php:10

actionadmin_post_sssm_step4_skip_actioninclude\class-spiral-secure-session-manager-activator.php:11

actionadmin_post_sssm_step5_actioninclude\class-spiral-secure-session-manager-activator.php:12

filtersssm_session_expiration_variantinclude\class-spiral-secure-session-manager-session.php:71

filtersssm_session_expirationinclude\class-spiral-secure-session-manager-session.php:74

filterblock_categories_allinclude\class-spiral-secure-session-manager-session.php:77

actioninitinclude\class-spiral-secure-session-manager-session.php:86

actionenqueue_block_editor_assetsspiral-secure-session-manager.php:74

actionenqueue_block_assetsspiral-secure-session-manager.php:75

actionenqueue_block_editor_assetsspiral-secure-session-manager.php:80

actionenqueue_block_assetsspiral-secure-session-manager.php:81

actionadmin_enqueue_scriptsspiral-secure-session-manager.php:91

actioninitversion_one\class-spiral-secure-session-manager.php:139

actionadmin_initversion_one\class-spiral-secure-session-manager.php:140

actionadmin_menuversion_one\class-spiral-secure-session-manager.php:141

actionadmin_enqueue_scriptsversion_one\class-spiral-secure-session-manager.php:142

actionadmin_enqueue_scriptsversion_one\class-spiral-secure-session-manager.php:143

actionadmin_post_sssm_switch_version_form_actionversion_one\class-spiral-secure-session-manager.php:144

actionadmin_post_sssm_back_to_step1_actionversion_one\class-spiral-secure-session-manager.php:145

actionadmin_post_sssm_clear_setting_actionversion_one\class-spiral-secure-session-manager.php:146

actionadmin_post_sssm_clear_cache_actionversion_one\class-spiral-secure-session-manager.php:147

actionadmin_post_sssm_regenerate_default_pages_actionversion_one\class-spiral-secure-session-manager.php:148

actionadmin_post_sssm_login_actionversion_one\class-spiral-secure-session-manager.php:149

actionadmin_post_nopriv_sssm_login_actionversion_one\class-spiral-secure-session-manager.php:150

actionwp_enqueue_scriptsversion_one\class-spiral-secure-session-manager.php:152

actionwp_enqueue_scriptsversion_one\class-spiral-secure-session-manager.php:153

actionwidgets_initversion_one\class-spiral-secure-session-manager.php:154

actionwpversion_one\class-spiral-secure-session-manager.php:155

actiontemplate_redirectversion_one\class-spiral-secure-session-manager.php:156

actiontemplate_redirectversion_one\class-spiral-secure-session-manager.php:157

actionwp_headversion_one\class-spiral-secure-session-manager.php:158

actionwp_footerversion_one\class-spiral-secure-session-manager.php:159

actionwp_print_footer_scriptsversion_one\class-spiral-secure-session-manager.php:160

filterwp_setup_nav_menu_itemversion_one\class-spiral-secure-session-manager.php:162

filterwp_list_pages_excludesversion_one\class-spiral-secure-session-manager.php:163

filterpage_linkversion_one\class-spiral-secure-session-manager.php:164

actionlogin_headversion_one\class-spiral-secure-session-manager.php:902

actioninitversion_two\class-spiral-v2-secure-session-manager.php:138

actionadmin_initversion_two\class-spiral-v2-secure-session-manager.php:139

actionadmin_menuversion_two\class-spiral-v2-secure-session-manager.php:140

actionadmin_post_sssm_back_to_step1_actionversion_two\class-spiral-v2-secure-session-manager.php:141

actionadmin_post_sssm_clear_setting_actionversion_two\class-spiral-v2-secure-session-manager.php:142

actionadmin_post_sssm_clear_cache_actionversion_two\class-spiral-v2-secure-session-manager.php:143

actionadmin_post_sssm_regenerate_default_pages_actionversion_two\class-spiral-v2-secure-session-manager.php:144

actionadmin_post_sssm_login_actionversion_two\class-spiral-v2-secure-session-manager.php:145

actionadmin_post_nopriv_sssm_login_actionversion_two\class-spiral-v2-secure-session-manager.php:146

actionadmin_enqueue_scriptsversion_two\class-spiral-v2-secure-session-manager.php:147

actionadmin_enqueue_scriptsversion_two\class-spiral-v2-secure-session-manager.php:148

actionwp_enqueue_scriptsversion_two\class-spiral-v2-secure-session-manager.php:149

actionwp_enqueue_scriptsversion_two\class-spiral-v2-secure-session-manager.php:150

actionwidgets_initversion_two\class-spiral-v2-secure-session-manager.php:151

actionwpversion_two\class-spiral-v2-secure-session-manager.php:152

actiontemplate_redirectversion_two\class-spiral-v2-secure-session-manager.php:153

actiontemplate_redirectversion_two\class-spiral-v2-secure-session-manager.php:154

actionwp_headversion_two\class-spiral-v2-secure-session-manager.php:155

actionwp_footerversion_two\class-spiral-v2-secure-session-manager.php:156

actionwp_print_footer_scriptsversion_two\class-spiral-v2-secure-session-manager.php:157

actionrest_api_initversion_two\class-spiral-v2-secure-session-manager.php:158

filterwp_setup_nav_menu_itemversion_two\class-spiral-v2-secure-session-manager.php:160

filterwp_list_pages_excludesversion_two\class-spiral-v2-secure-session-manager.php:161

filterpage_linkversion_two\class-spiral-v2-secure-session-manager.php:162

actionlogin_headversion_two\class-spiral-v2-secure-session-manager.php:853

Maintenance & Trust

SPIRALセキュアセッションマネージャー Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJan 15, 2026

PHP min version

Downloads1K

Community Trust

Rating100/100

Number of ratings1

Active installs40

Alternatives

SPIRALセキュアセッションマネージャー Alternatives

All-In-One Security (AIOS) – Security and Firewall

all-in-one-wp-security-and-firewall

Protect your website investment with All-In-One Security (AIOS) – a comprehensive and easy to use security plugin designed especially for WordPress.

1.0M 26 CVEs

Limit Login Attempts

limit-login-attempts

Limit rate of login attempts, including by way of cookies, for each IP. Fully customizable.

300K 3 CVEs

WPS Limit Login

wps-limit-login

WPS Limit login limit connection attempts by IP address

100K 3 CVEs

Wordfence Login Security

wordfence-login-security

Secure your website with Wordfence Login Security, providing two-factor authentication, login and registration CAPTCHA, and XML-RPC protection.

70K No CVEs

Titan Anti-spam & Security

anti-spam

Block spam comments, defend against login attempts, and strengthen site security with anti-spam, brute-force protection, and two-factor authentication …

60K 3 CVEs

Developer Profile

SPIRALセキュアセッションマネージャー Developer Profile

SPIRAL Inc.

2 plugins · 40 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect SPIRALセキュアセッションマネージャー

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/spiral-secure-session-manager/custom_blocks/version_one/dist/bundle.js/wp-content/plugins/spiral-secure-session-manager/custom_blocks/version_one/dist/blocks-main.css/wp-content/plugins/spiral-secure-session-manager/custom_blocks/version_two/dist/bundle.js/wp-content/plugins/spiral-secure-session-manager/custom_blocks/version_two/dist/blocks-main.css

Script Paths

/wp-content/plugins/spiral-secure-session-manager/custom_blocks/version_one/dist/bundle.js/wp-content/plugins/spiral-secure-session-manager/custom_blocks/version_two/dist/bundle.js

Version Parameters

spiral-secure-session-manager/custom_blocks/version_one/dist/bundle.js?ver=spiral-secure-session-manager/custom_blocks/version_one/dist/blocks-main.css?ver=spiral-secure-session-manager/custom_blocks/version_two/dist/bundle.js?ver=spiral-secure-session-manager/custom_blocks/version_two/dist/blocks-main.css?ver=

HTML / DOM Fingerprints

JS Globals

sssm_blocks_bundle

FAQ