Taxonomy Submenu Security & Risk Analysis
wordpress.org/plugins/taxonomy-submenuA Gutenberg block that creates dynamic submenu items from any taxonomy and offers complete styling control beyond the default WordPress submenu block.
Is Taxonomy Submenu Safe to Use in 2026?
Generally Safe
Score 100/100Taxonomy Submenu has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "taxonomy-submenu" plugin v1.0.1 demonstrates a strong security posture based on the provided static analysis. The complete absence of any identified attack surface points, dangerous functions, or raw SQL queries is highly commendable. Furthermore, the 100% proper output escaping and the use of prepared statements for all SQL queries indicate diligent secure coding practices. The plugin also has no recorded vulnerability history, which is a positive sign.
However, the complete lack of nonce checks and capability checks across all potential entry points, while currently yielding no identified vulnerabilities, represents a significant potential weakness. If the plugin were to introduce any functionality that processes user input or modifies data in the future, this absence of checks could easily lead to security issues. The zero taint analysis flows are also good, but could be attributed to the limited attack surface and lack of user-facing features, rather than inherently secure handling of all possible data flows.
In conclusion, the plugin is currently secure due to its limited functionality and robust basic secure coding practices. The main concern lies in the lack of implemented authorization and nonce checks, which creates a potential for future vulnerabilities should the plugin evolve or if its current (minimal) functionality were to be exploited in ways not immediately apparent from this analysis. The absence of any historical vulnerabilities is a strength, but the lack of built-in protective mechanisms is a weakness.
Key Concerns
- No nonce checks implemented
- No capability checks implemented
Taxonomy Submenu Security Vulnerabilities
Taxonomy Submenu Release Timeline
Taxonomy Submenu Code Analysis
Output Escaping
Taxonomy Submenu Attack Surface
WordPress Hooks 2
Maintenance & Trust
Taxonomy Submenu Maintenance & Trust
Maintenance Signals
Community Trust
Taxonomy Submenu Alternatives
Breadcrumb Block
breadcrumb-block
A simple breadcrumb trail block that supports JSON-LD structured data and is compatible with Woocommerce
Classic Menu Sync for Block
classic-menu-sync-for-block
Automatically synchronizes Navigation blocks with classic WordPress menus using the native import system.
Enable Navigation Icons
enable-navigation-icons
Easily add icons to Navigation Block items in WordPress.
GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor
gutenkit-blocks-addon
GutenKit – Ultimate no-code Gutenberg blocks to design stunning web pages and visually stunning posts in WordPress block editor.
Classic Menu Block
classic-menu-block
A gutenberg block to use classic menus.
Taxonomy Submenu Developer Profile
1 plugin · 0 total installs
How We Detect Taxonomy Submenu
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/taxonomy-submenu/build/index.js/wp-content/plugins/taxonomy-submenu/build/style-index.css/wp-content/plugins/taxonomy-submenu/build/index.jstaxonomy-submenu/build/index.js?ver=taxonomy-submenu/build/style-index.css?ver=HTML / DOM Fingerprints
taxonomy-submenuwp-block-navigation-itemhas-childopen-on-hover-clickwp-block-navigation-submenudata-block="taxonomy-submenu/taxonomy-submenu"