
Tagged Sitemap Security & Risk Analysis
wordpress.org/plugins/tagged-sitemapCreates a shortcode [tagged-sitemap] that renders a nested list with all the pages and tags for page. When a tag is clicked, related pages are then h …
Is Tagged Sitemap Safe to Use in 2026?
Generally Safe
Score 85/100Tagged Sitemap has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The tagged-sitemap plugin v1.0 exhibits a generally good security posture in several areas. The absence of any known vulnerabilities in its history is a significant positive indicator. Static analysis reveals no dangerous functions, no raw SQL queries, and no external HTTP requests, all of which are excellent security practices. The plugin also avoids using bundled libraries, reducing the risk of introducing outdated and vulnerable third-party code. Furthermore, the reported attack surface is minimal, with no unprotected entry points identified in the static analysis. However, a notable concern arises from the output escaping. With only 25% of the identified outputs being properly escaped, there is a significant risk of Cross-Site Scripting (XSS) vulnerabilities. Any user-provided data that is displayed without proper sanitization or encoding could be exploited by attackers to inject malicious scripts, potentially leading to session hijacking or other damaging actions. The lack of nonce checks and capability checks, while not directly linked to an immediate exploit in this analysis, represents a missed opportunity to further harden the plugin against unauthorized actions, particularly if the shortcode has any administrative or sensitive functionality.
Key Concerns
- Low output escaping rate
- Missing nonce checks
- Missing capability checks
Tagged Sitemap Security Vulnerabilities
Tagged Sitemap Release Timeline
Tagged Sitemap Code Analysis
Output Escaping
Tagged Sitemap Attack Surface
Shortcodes 1
Maintenance & Trust
Tagged Sitemap Maintenance & Trust
Maintenance Signals
Community Trust
Tagged Sitemap Alternatives
VK All in One Expansion Unit
vk-all-in-one-expansion-unit
This plug-in is an integrated plug-in with a variety of features that make it powerful your web site.
Clarity SEO
clarity-seo
Lightweight, fast SEO plugin for WordPress — meta tags, Schema.org markup, XML sitemap, 301 redirects, 404 monitor, image SEO, breadcrumbs, and more.
SEO Fury
seo-fury
50+ SEO features: meta tags, schema markup, sitemaps, redirects, Google Search Console, IndexNow, readability analysis — zero page speed impact.
Rocketship SEO
rocketship-seo
AI-powered WordPress SEO plugin with Google Analytics integration, smart meta titles, descriptions, schema markup, sitemaps, and OpenAI & Google G …
Advanced SEO Toolkit
advanced-seo-toolkit
Advanced SEO Toolkit is a comprehensive solution for optimizing your WordPress site for search engines.
Tagged Sitemap Developer Profile
2 plugins · 60 total installs
How We Detect Tagged Sitemap
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/tagged-sitemap/tagged-sitemap.css/wp-content/plugins/tagged-sitemap/tagged-sitemap.js/wp-content/plugins/tagged-sitemap/tagged-sitemap.jstagged-sitemap/tagged-sitemap.js?ver=1.0HTML / DOM Fingerprints
tag-item-<ul id="sitemap-pages"><div id="sitemap-tags">Tags: