WP-Safety

The Menu: Custom mobile navigation with icons Security & Risk Analysis

wordpress.org/plugins/the-menu

Create beautiful mobile navigation menus with custom icons, role-based visibility, and extensive style options for your WordPress site.

400 active installs v1.2.22 PHP 7.0+ WP 6.0+ Updated Oct 14, 2025
custom-menumenu-iconsmobile-menumobile-navigationnavigation-menu
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is The Menu: Custom mobile navigation with icons Safe to Use in 2026?

Generally Safe

Score 100/100

The Menu: Custom mobile navigation with icons has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The plugin "the-menu" v1.2.22 exhibits a generally strong security posture based on the provided static analysis. The plugin has a small attack surface with all identified AJAX handlers protected by authentication checks. Furthermore, the code demonstrates good development practices with a high percentage of SQL queries using prepared statements and an exceptionally high rate of proper output escaping. The absence of known vulnerabilities in its history also suggests a mature and well-maintained codebase.

While the overall security is promising, a minor concern arises from the taint analysis, which identified one flow with unsanitized paths. Although not flagged as critical or high severity, this warrants attention as it could potentially lead to unexpected behavior or a security weakness if exploited. The presence of file operations and external HTTP requests, while not inherently risky, are common vectors for vulnerabilities if not handled with extreme care, although no specific issues were highlighted in this analysis.

In conclusion, "the-menu" v1.2.22 appears to be a secure plugin with a good track record and solid coding standards. The single unsanitized path in the taint analysis is the primary area for potential improvement. Developers should continue to prioritize secure coding practices and thoroughly review any code paths involving user-controlled input to ensure all data is appropriately sanitized before use.

Key Concerns

  • Taint flow with unsanitized paths
Vulnerabilities
None known

The Menu: Custom mobile navigation with icons Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

The Menu: Custom mobile navigation with icons Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
2 prepared
Unescaped Output
5
295 escaped
Nonce Checks
9
Capability Checks
14
File Operations
4
External Requests
2
Bundled Libraries
0

SQL Query Safety

67% prepared3 total queries

Output Escaping

98% escaped300 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<admin-menus> (admin\admin-menus.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

The Menu: Custom mobile navigation with icons Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 3

authwp_ajax_distm_upload_iconadmin\admin-menus.php:1255
authwp_ajax_distm_update_menu_itemadmin\admin-menus.php:1306
authwp_ajax_distm_verify_licenseadmin\admin-menus.php:1346
WordPress Hooks 25
actionadmin_menuadmin\admin-help.php:17
actionadmin_enqueue_scriptsadmin\admin-init.php:130
filterwp_nav_menu_item_custom_fieldsadmin\admin-menus.php:243
actionwp_update_nav_menu_itemadmin\admin-menus.php:287
actionwp_nav_menu_item_custom_fieldsadmin\admin-menus.php:292
actionwp_nav_menu_item_custom_fieldsadmin\admin-menus.php:468
actionwp_update_nav_menu_itemadmin\admin-menus.php:506
actionadmin_menuadmin\admin-pages.php:17
actionadmin_initadmin\admin-pages.php:30
filterupload_mimesadmin\admin-pages.php:829
filterwp_check_filetype_and_extadmin\admin-pages.php:865
filterwp_handle_upload_prefilteradmin\admin-pages.php:992
actionwp_enqueue_scriptsfrontend\frontend-init.php:97
actionwp_headfrontend\frontend-init.php:125
actionwp_footerfrontend\frontend-init.php:331
actionplugins_loadedthe-menu.php:121
actionplugins_loadedthe-menu.php:132
actioninitthe-menu.php:149
actioninitthe-menu.php:161
actionadmin_noticesthe-menu.php:188
actionadmin_initthe-menu.php:189
filterplugin_row_metathe-menu.php:190
actionadmin_menuthe-menu.php:191
actionadmin_initthe-menu.php:192
actionadmin_post_the_menu_check_licensethe-menu.php:193
Maintenance & Trust

The Menu: Custom mobile navigation with icons Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 14, 2025
PHP min version7.0
Downloads4K

Community Trust

Rating100/100
Number of ratings1
Active installs400
Alternatives

The Menu: Custom mobile navigation with icons Alternatives

WP Mobile Bottom Menu

WP Mobile Bottom Menu

mobile-bottom-menu-for-wp

A
99

Smooth Navigation for Mobile. Create an Eye-Catching Sticky Bottom Menu with Limitless Customization Options.

10K 1 CVE
Mobile Menu Builder for WordPress

Mobile Menu Builder for WordPress

mobile-menu-builder

A
85

WordPress Mobile Menu Builder plugin is specially designed for mobiles. It is easy to use, customizable, and is highly flexible.

600 No CVEs
Multilevel Navigation Menu

Multilevel Navigation Menu

multilevel-navigation-menu

A
92

Multilevel Navigation Menu plugin ability to add a full-screen navigation menu to our website.

500 No CVEs
F12 Floating Menu, sticky menu for WordPress

F12 Floating Menu, sticky menu for WordPress

f12-floating-menu

A
92

Easily add unlimited floating/sticky menus to your Website. The F12 Floating Menu comes with an easy-to-use interface, allowing you to have the full c &hellip;

400 No CVEs
OOW Custom Menu Shortcode

OOW Custom Menu Shortcode

oowcode-custom-menu-shortcode

A
100

Effortlessly display and customize WordPress menus with a flexible shortcode, allowing custom CSS styling, 10 predefined themes, real-time preview.

60 No CVEs
Developer Profile

The Menu: Custom mobile navigation with icons Developer Profile

Ryan Wiggill

1 plugin · 400 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect The Menu: Custom mobile navigation with icons

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/the-menu/frontend/css/the-menu-mobile.css/wp-content/plugins/the-menu/frontend/css/the-menu-icon-picker.css/wp-content/plugins/the-menu/frontend/css/the-menu-menu-edit.css/wp-content/plugins/the-menu/frontend/css/the-menu-global.css/wp-content/plugins/the-menu/frontend/js/the-menu-mobile.js/wp-content/plugins/the-menu/frontend/js/the-menu-icon-picker.js/wp-content/plugins/the-menu/frontend/js/the-menu-menu-edit.js/wp-content/plugins/the-menu/frontend/js/the-menu-global.js
Script Paths
/wp-content/plugins/the-menu/frontend/js/the-menu-mobile.js/wp-content/plugins/the-menu/frontend/js/the-menu-icon-picker.js/wp-content/plugins/the-menu/frontend/js/the-menu-menu-edit.js/wp-content/plugins/the-menu/frontend/js/the-menu-global.js
Version Parameters
the-menu/frontend/css/the-menu-mobile.css?ver=the-menu/frontend/css/the-menu-icon-picker.css?ver=the-menu/frontend/css/the-menu-menu-edit.css?ver=the-menu/frontend/css/the-menu-global.css?ver=the-menu/frontend/js/the-menu-mobile.js?ver=the-menu/frontend/js/the-menu-icon-picker.js?ver=the-menu/frontend/js/the-menu-menu-edit.js?ver=the-menu/frontend/js/the-menu-global.js?ver=

HTML / DOM Fingerprints

CSS Classes
the-menu-wrapperthe-menu-mobile-triggerthe-menu-iconsthe-menu-icon-itemthe-menu-icon-pickerthe-menu-menu-item-icon
Data Attributes
data-the-menu-item-id
JS Globals
TheMenu
FAQ

Frequently Asked Questions about The Menu: Custom mobile navigation with icons