WP-Safety

Sports Club Management Security & Risk Analysis

wordpress.org/plugins/sports-club-management

Create members, competitions (leagues, ladder, knockout) (and, optional, invoices) for your (sports) club. Easy to manage and to publish on your site.

70 active installs v1.12.9 PHP + WP 4.0+ Updated Jan 3, 2023
clubclub-managementmembersportssportsclub
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Sports Club Management Safe to Use in 2026?

Generally Safe

Score 85/100

Sports Club Management has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The "sports-club-management" plugin v1.12.9 exhibits a generally positive security posture based on the provided static analysis. The absence of known CVEs and a clean vulnerability history are strong indicators of good development practices and prior security diligence. The code signals are also encouraging, with a complete reliance on prepared statements for SQL queries and a notable number of nonce and capability checks, suggesting an effort to secure sensitive operations. However, a significant concern arises from the taint analysis, which reveals 6 flows with unsanitized paths. Although none are classified as critical or high severity, these represent potential avenues for attack if user-supplied data is not handled with appropriate sanitization before being used in file operations or other sensitive contexts. Furthermore, while the output escaping rate is 56% proper, this still leaves a substantial portion of outputs potentially vulnerable to cross-site scripting (XSS) attacks, especially given the presence of 10 shortcodes which are common vectors for such vulnerabilities. The lack of file operations and external HTTP requests, along with no unprotected AJAX or REST API endpoints, are positive points, but the identified taint flows and output escaping issues warrant attention.

Key Concerns

  • Unsanitized paths in taint flows
  • Low output escaping percentage
Vulnerabilities
None known

Sports Club Management Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Sports Club Management Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
166
214 escaped
Nonce Checks
7
Capability Checks
13
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

56% escaped380 total outputs
Data Flows
6 unsanitized

Data Flow Analysis

6 flows6 with unsanitized paths
<competitions_export> (code\competitions_export.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Sports Club Management Attack Surface

Entry Points10
Unprotected0

Shortcodes 10

[scm_competition_data] code\competitions_shortcodes.php:4
[scm_competition_ranking] code\competitions_shortcodes.php:5
[scm_team_data] code\competitors_shortcodes.php:4
[scm_competition_group_ranking] code\compgroups_shortcodes.php:4
[scm_invoice_data] code\invoices_shortcodes.php:4
[scm_match_data] code\matches_shortcodes.php:4
[scm_match_current] code\matches_shortcodes.php:5
[scm_member_data] code\members_shortcodes.php:4
[scm_members] code\members_shortcodes.php:5
[scm_member_username_link] code\members_shortcodes.php:6
WordPress Hooks 106
filterscm_competition_get_format_namecode\competitionformat_individual.php:7
filterscm_competition_get_formatscode\competitionformat_individual.php:8
filterscm_competition_display_formatcode\competitionformat_individual.php:9
filterscm_competition_display_format_fieldscode\competitionformat_individual.php:10
actionscm_competition_save_format_fieldscode\competitionformat_individual.php:11
filterscm_competition_display_rankingcode\competitionformat_individual.php:13
filterscm_comp_display_match_competitor_2code\competitionformat_individual.php:17
filterscm_match_display_single_competitor_fieldcode\competitionformat_individual.php:18
filterscm_match_display_format_result_fieldcode\competitionformat_individual.php:20
filterscm_match_display_resultcode\competitionformat_individual.php:21
filterscm_competition_get_format_namecode\competitionformat_knockout.php:7
filterscm_competition_get_formatscode\competitionformat_knockout.php:8
filterscm_competition_display_formatcode\competitionformat_knockout.php:9
filterscm_competition_display_format_fieldscode\competitionformat_knockout.php:10
actionscm_competition_save_format_fieldscode\competitionformat_knockout.php:11
actionscm_competition_create_matchescode\competitionformat_knockout.php:12
filterscm_competition_display_rankingcode\competitionformat_knockout.php:13
filterscm_comp_display_match_meta_headercode\competitionformat_knockout.php:14
filterscm_comp_display_match_metacode\competitionformat_knockout.php:15
filterscm_comp_display_match_competitor_1code\competitionformat_knockout.php:16
filterscm_comp_display_match_competitor_2code\competitionformat_knockout.php:17
filterscm_match_display_competitors_fieldcode\competitionformat_knockout.php:19
filterscm_match_display_format_fieldscode\competitionformat_knockout.php:20
actionscm_match_save_format_fieldscode\competitionformat_knockout.php:21
filterscm_comp_match_list_headercode\competitionformat_knockout.php:22
filterscm_comp_match_list_entrycode\competitionformat_knockout.php:23
filterscm_competition_get_format_namecode\competitionformat_ladder.php:7
filterscm_competition_get_formatscode\competitionformat_ladder.php:8
filterscm_competition_display_formatcode\competitionformat_ladder.php:9
filterscm_competition_display_rankingcode\competitionformat_ladder.php:10
filterscm_competition_get_format_namecode\competitionformat_league.php:7
filterscm_competition_get_formatscode\competitionformat_league.php:8
filterscm_competition_display_formatcode\competitionformat_league.php:9
filterscm_competition_display_format_fieldscode\competitionformat_league.php:10
actionscm_competition_save_format_fieldscode\competitionformat_league.php:11
filterscm_competition_display_rankingcode\competitionformat_league.php:13
filterscm_competitor_display_format_fieldscode\competitionformat_league.php:14
actionscm_competitor_save_format_fieldscode\competitionformat_league.php:15
filterscm_competition_get_formatscode\competitionformat_none.php:5
filterscm_competition_display_formatcode\competitionformat_none.php:6
filterscm_competition_display_rankingcode\competitionformat_none.php:7
actionadd_meta_boxescode\competitions.php:78
actionsave_postcode\competitions.php:79
filtermanage_scm_comp_posts_columnscode\competitions.php:80
filtermanage_edit-scm_comp_sortable_columnscode\competitions.php:81
actionmanage_scm_comp_posts_custom_columncode\competitions.php:82
actionrestrict_manage_postscode\competitions.php:83
filterparse_querycode\competitions.php:84
actionsave_postcode\competitions.php:215
actionadd_meta_boxescode\competitors.php:46
actionsave_postcode\competitors.php:47
filtermanage_scm_competitor_posts_columnscode\competitors.php:48
filtermanage_edit-scm_competitor_sortable_columnscode\competitors.php:49
actionmanage_scm_competitor_posts_custom_columncode\competitors.php:50
actionrest_api_initcode\competitors.php:51
filterscm_compgroup_get_formatscode\compgroupformat_individual.php:5
filterscm_compgroup_display_formatcode\compgroupformat_individual.php:6
filterscm_compgroup_display_rankingcode\compgroupformat_individual.php:10
filterscm_compgroup_get_formatscode\compgroupformat_list.php:5
filterscm_compgroup_display_formatcode\compgroupformat_list.php:6
filterscm_compgroup_display_rankingcode\compgroupformat_list.php:10
actionadd_meta_boxescode\compgroups.php:75
actionsave_postcode\compgroups.php:76
filtermanage_scm_comp_group_posts_columnscode\compgroups.php:77
filtermanage_edit-scm_comp_group_sortable_columnscode\compgroups.php:78
actionmanage_scm_comp_group_posts_custom_columncode\compgroups.php:79
actionrestrict_manage_postscode\compgroups.php:80
filterparse_querycode\compgroups.php:81
actionadd_meta_boxescode\invoices.php:71
actionsave_postcode\invoices.php:72
filtermanage_scm_invoice_posts_columnscode\invoices.php:73
filtermanage_edit-scm_invoice_sortable_columnscode\invoices.php:74
actionmanage_scm_invoice_posts_custom_columncode\invoices.php:75
actionrestrict_manage_postscode\invoices.php:76
filterparse_querycode\invoices.php:77
actionrest_api_initcode\invoices.php:78
actionscm_invoice_list_member_invoicescode\invoices.php:373
actionadd_meta_boxescode\matches.php:46
actionsave_postcode\matches.php:47
filtermanage_scm_match_posts_columnscode\matches.php:48
filtermanage_edit-scm_match_sortable_columnscode\matches.php:49
actionmanage_scm_match_posts_custom_columncode\matches.php:50
actionrest_api_initcode\matches.php:51
actionwidgets_initcode\matches_widgets.php:4
actionadd_meta_boxescode\members.php:70
actionsave_postcode\members.php:71
filtermanage_scm_member_posts_columnscode\members.php:72
filtermanage_edit-scm_member_sortable_columnscode\members.php:73
filterrequestcode\members.php:74
actionmanage_scm_member_posts_custom_columncode\members.php:75
actionrestrict_manage_postscode\members.php:76
filterparse_querycode\members.php:77
actionrest_api_initcode\members.php:78
actionsave_postcode\members.php:316
actionwidgets_initcode\members_widgets.php:4
actionadd_meta_boxescode\teamplayers.php:46
actionsave_postcode\teamplayers.php:47
filtermanage_scm_teamplayer_posts_columnscode\teamplayers.php:48
filtermanage_edit-scm_teamplayer_sortable_columnscode\teamplayers.php:49
actionmanage_scm_teamplayer_posts_custom_columncode\teamplayers.php:50
actionrest_api_initcode\teamplayers.php:51
filterplugins_loadedspclmgt.php:68
actionwp_enqueue_scriptsspclmgt.php:73
actionadmin_enqueue_scriptsspclmgt.php:78
actioninitspclmgt.php:149
actionadmin_menuspclmgt.php:166
Maintenance & Trust

Sports Club Management Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedJan 3, 2023
PHP min version
Downloads14K

Community Trust

Rating82/100
Number of ratings8
Active installs70
Alternatives

Sports Club Management Alternatives

WP Club Manager – WordPress Sports Club Plugin

WP Club Manager – WordPress Sports Club Plugin

wp-club-manager

A
90

WP Club Manager is easy to set-up and has everything you need to build and manage an amazing sports club website.

700 3 CVEs
SportsPress – Sports Club & League Manager

SportsPress – Sports Club & League Manager

sportspress

A
92

SportsPress is an extendable all-in-one sports data plugin that helps sports clubs set up and manage a league or club site quickly and easily.

10K 6 CVEs
Dynamic Team Manager – Team Member Showcase with grid, slider, table Elementor widget & shortcode

Dynamic Team Manager – Team Member Showcase with grid, slider, table Elementor widget & shortcode

wp-team-manager

C
69

Team plugin to showcase team members, sports rosters, or creative portfolios with grid, list, Slider, table layout. Supports Corporate and Sports Leag &hellip;

1K 1 unpatched
Diller Loyalty

Diller Loyalty

diller-loyalty

A
100

Diller Loyalty platform integration plugin for seamless membership engagement. Manages points, coupons and benefits and integrates with WC orders.

70 No CVEs
Lemonberry Page Protect

Lemonberry Page Protect

lemonberry-page-protect

A
85

Lemonberry Page Protect is a simple way to restict page/post content to a list of (non-Wordpress) users.

10 No CVEs
Developer Profile

Sports Club Management Developer Profile

pstruik

1 plugin · 70 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Sports Club Management

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/sports-club-management/css/spclmgt.css/wp-content/plugins/sports-club-management/css/jquery-ui.css/wp-content/plugins/sports-club-management/js/spclmgt.js/wp-content/plugins/sports-club-management/js/scm_bulk.js/wp-content/plugins/sports-club-management/js/scm_invoice_bulk.js/wp-content/plugins/sports-club-management/js/scm_member_bulk.js/wp-content/plugins/sports-club-management/js/scm_match_bulk.js/wp-content/plugins/sports-club-management/js/scm_competitor_bulk.js+1 more
Script Paths
/wp-content/plugins/sports-club-management/js/spclmgt.js/wp-content/plugins/sports-club-management/js/scm_bulk.js/wp-content/plugins/sports-club-management/js/scm_invoice_bulk.js/wp-content/plugins/sports-club-management/js/scm_member_bulk.js/wp-content/plugins/sports-club-management/js/scm_match_bulk.js/wp-content/plugins/sports-club-management/js/scm_competitor_bulk.js+1 more
Version Parameters
sports-club-management/css/spclmgt.css?ver=sports-club-management/css/jquery-ui.css?ver=sports-club-management/js/spclmgt.js?ver=sports-club-management/js/scm_bulk.js?ver=sports-club-management/js/scm_invoice_bulk.js?ver=sports-club-management/js/scm_member_bulk.js?ver=sports-club-management/js/scm_match_bulk.js?ver=sports-club-management/js/scm_competitor_bulk.js?ver=sports-club-management/js/scm_teamplayer_bulk.js?ver=

HTML / DOM Fingerprints

CSS Classes
scm_spclmgt
JS Globals
scm_bulk_globalsscm_invoice_bulk_globalsscm_member_bulk_globalsscm_match_bulk_globalsscm_competitor_bulk_globalsscm_teamplayer_bulk_globals
REST Endpoints
/wp-json/scm_bulk_strings/wp-json/scm_member_import
FAQ

Frequently Asked Questions about Sports Club Management