Does SSL Certificate Manager have any unpatched vulnerabilities?

No. All known vulnerabilities in SSL Certificate Manager have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is SSL Certificate Manager compatible with WordPress 5.8.13?

According to WordPress.org data, SSL Certificate Manager 1.0.0 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

Is SSL Certificate Manager compatible with PHP 5.2.17+?

SSL Certificate Manager requires PHP 5.2.17 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is SSL Certificate Manager updated?

SSL Certificate Manager was last updated on Oct 9, 2021. Frequent updates are generally a positive security signal.

What is SSL Certificate Manager's security score?

SSL Certificate Manager has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SSL Certificate Manager Security & Risk Analysis

wordpress.org/plugins/ssl-certificate-manager

A SSL certificate installer and manager. Install newest cURL SSL certificate for WordPress and fix the cURL Error 60 SSL certificate problem that cert …

600 active installs v1.0.0 PHP 5.2.17+ WP 4.0+ Updated Oct 9, 2021

certificatessl

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is SSL Certificate Manager Safe to Use in 2026?

Generally Safe

Score 85/100

SSL Certificate Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The ssl-certificate-manager plugin v1.0.0 exhibits a generally good security posture based on the provided static analysis and vulnerability history. The plugin has a minimal attack surface, with only one AJAX handler, and importantly, this handler appears to have an adequate capability check, preventing direct unauthenticated access. The absence of raw SQL queries, reliance on prepared statements, and the presence of nonce and capability checks further bolster its security.

However, there are minor areas for improvement. The fact that only 50% of output is properly escaped suggests a potential for cross-site scripting (XSS) vulnerabilities, particularly if the unescaped outputs handle user-supplied data. While the static analysis did not reveal any taint flows, this is often dependent on the complexity and thoroughness of the analysis tool, and the limited scope (0 flows analyzed) means the absence of findings might not be definitive. The plugin also performs a file operation, which could be a risk if not handled securely. The perfect vulnerability history of zero known CVEs is a strong positive, indicating a lack of discovered exploitable flaws, but it doesn't guarantee future safety.

Overall, ssl-certificate-manager v1.0.0 appears to be a relatively secure plugin with a sound approach to common WordPress security practices. The primary concern lies in the potential for unescaped output to lead to XSS. Addressing this, along with ensuring the file operation is robustly secured, would further enhance its security.

Key Concerns

Partial output escaping
Presence of file operations

Vulnerabilities

None known

SSL Certificate Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

SSL Certificate Manager Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

50% escaped4 total outputs

Attack Surface

SSL Certificate Manager Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_ssl_certificate_manager_optionclasses\admin.php:69

WordPress Hooks 9

actioninitclasses\admin.php:14

filterhttp_request_argsclasses\admin.php:17

filterhttps_ssl_verifyclasses\admin.php:24

filterhttps_local_ssl_verifyclasses\admin.php:25

actionadmin_menuclasses\admin.php:45

actionadmin_enqueue_scriptsclasses\admin.php:55

actionadmin_initclasses\admin.php:66

actionin_admin_headerclasses\admin.php:111

actionadmin_noticesclasses\admin.php:112

Maintenance & Trust

SSL Certificate Manager Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedOct 9, 2021

PHP min version5.2.17

Downloads7K

Community Trust

Rating100/100

Number of ratings1

Active installs600

Alternatives

SSL Certificate Manager Alternatives

WP Force SSL & HTTPS SSL Redirect

wp-force-ssl

Enable SSL & HTTPS redirect with 1 click! Add SSL certificate & WP Force SSL to redirect site from HTTP to HTTPS & fix SSL errors.

90K 1 CVE

SSL Zen — SSL Certificate Installer & HTTPS Redirects

ssl-zen

Helps install a free Let's Encrypt SSL certificate, redirects HTTP to HTTPS and forces SSL on all pages.

10K 1 CVE

Auto-Install Free SSL – Generate & Install Free SSL Certificates

auto-install-free-ssl

100

Generate & install Free SSL Certificates for WordPress, HTTPS redirect, get PADLOCK in the browser, get automatic Renewal Reminders from plugin.

9K No CVEs

WP Free SSL

wp-free-ssl

One click free SSL certificate and Force HTTPS

1K 1 CVE

NertWorks Site Wide SSL

nertworks-site-wide-ssl

Enforce SSL throughout the entire site. Supporting multiple methods. Can be used on the Front End of the site of the Admin Dashboard

20 No CVEs

Developer Profile

SSL Certificate Manager Developer Profile

shenliqing

1 plugin · 600 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect SSL Certificate Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ssl-certificate-manager/assets/js/admin.js

Script Paths