Does Taro CPT Front have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Taro CPT Front compatible with WordPress 6.8.5?

According to WordPress.org data, Taro CPT Front 1.1.3 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Taro CPT Front compatible with PHP 7.4+?

Taro CPT Front requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Taro CPT Front updated?

Taro CPT Front was last updated on Jun 9, 2025. Frequent updates are generally a positive security signal.

What is Taro CPT Front's security score?

Taro CPT Front has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Taro CPT Front Security & Risk Analysis

wordpress.org/plugins/taro-cpt-front

A WordPress plugin to let custom post type to have a front page.

0 active installs v1.1.3 PHP 7.4+ WP 5.9+ Updated Jun 9, 2025

cpt

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Taro CPT Front Safe to Use in 2026?

Generally Safe

Score 100/100

Taro CPT Front has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

The "taro-cpt-front" plugin version 1.1.3 exhibits a strong security posture based on the provided static analysis. The complete absence of identified vulnerabilities in its history, coupled with the code analysis revealing no dangerous functions, unsanitized taint flows, or raw SQL queries, is highly encouraging. Furthermore, all identified output operations are properly escaped, and the presence of a nonce check indicates an awareness of common WordPress security practices. The lack of external HTTP requests and file operations also reduces the potential attack surface.

While the current analysis shows a robust security profile, it's important to note that the 'attack surface' being reported as zero is based on the provided metrics. If there are hidden or undocumented entry points, this could represent a blind spot. The absence of capability checks for the single nonce check also means that while an attempt at protection is present, it's not tied to specific user roles, which could be a minor concern depending on the plugin's functionality. Overall, the plugin appears to be developed with security in mind, and its clean vulnerability history is a significant positive indicator. However, vigilance regarding any future updates and continued monitoring for potential new entry points or vulnerabilities is always recommended.

Key Concerns

No capability checks for nonce

Vulnerabilities

None known

Taro CPT Front Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Taro CPT Front Release Timeline

v1.1.3Current

v1.1.2

v1.1.1

v1.1.0

v1.0.4

Code Analysis

Analyzed Apr 16, 2026

Taro CPT Front Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

11 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped11 total outputs

Attack Surface

Taro CPT Front Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 9

filterdisplay_post_statesincludes/editor.php:14

actionsave_postincludes/editor.php:25

actionadd_meta_boxesincludes/editor.php:41

filterpost_type_linkincludes/rewrite.php:12

filterquery_varsincludes/rewrite.php:27

filterrewrite_rules_arrayincludes/rewrite.php:38

actionpre_get_postsincludes/rewrite.php:59

actionadmin_initincludes/settings.php:9

actionplugin_loadedtaro-cpt-front.php:31

Maintenance & Trust

Taro CPT Front Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJun 9, 2025

PHP min version7.4

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Taro CPT Front Alternatives

MAS Static Content

mas-static-content

MAS Static Content is a free plugin that allows you to to create a custom post type static content and use it with shortcode.

10K 1 CVE

Post Types Unlimited

post-types-unlimited

100

Create unlimited custom post types and custom taxonomies.

10K No CVEs

Sticky Posts – Switch

sticky-posts-switch

This plugin adds a sticky post switch functionality to the admin list post/custom post type pages.

6K No CVEs

Simple CPT

simple-cpt

100

Simple CPT provides an easy to use interface for registering and managing custom post types and custom taxonomies.

4K No CVEs

Custom post types, Custom Fields & more

custom-post-types

Custom Post Types, Custom Fields, Custom Taxonomies, Custom Templates, Custom Admin Pages, Custom Admin Notices. Directly from the WP dashboard.

3K 3 CVEs

Developer Profile

Taro CPT Front Developer Profile

TAROSKY INC.

14 plugins · 710 total installs

trust score

Avg Security Score

94/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Taro CPT Front

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

description

Data Attributes

name="tscptf-is-front"name="_tscptfnonce"

FAQ