WP-Safety

ThemeRuby Multi Authors – Assign Multiple Writers to Posts Security & Risk Analysis

wordpress.org/plugins/themeruby-multi-authors

A lightweight plugin that allows you to assign multiple writers to posts, fast and easy to use.

1K active installs v1.2.0 PHP 7.4+ WP 6.0+ Updated Jan 30, 2026
bylineco-authorsguest-authorsmultiple-authorsteam
99
A · Safe
CVEs total1
Unpatched0
Last CVEJan 23, 2026
Plugin page Download
Safety Verdict

Is ThemeRuby Multi Authors – Assign Multiple Writers to Posts Safe to Use in 2026?

Generally Safe

Score 99/100

ThemeRuby Multi Authors – Assign Multiple Writers to Posts has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 23, 2026Updated 2mo ago
Risk Assessment

The 'themeruby-multi-authors' plugin version 1.2.0 exhibits a generally strong security posture based on the provided static analysis. The plugin demonstrates good practices by exclusively using prepared statements for SQL queries and properly escaping a high percentage of its outputs. Furthermore, the presence of nonce and capability checks on all identified AJAX handlers is commendable. The absence of direct file operations and external HTTP requests also reduces potential attack vectors. The taint analysis also indicates no critical or high severity issues.

However, the plugin has a history of a medium severity vulnerability, specifically Cross-Site Scripting (XSS). While this specific vulnerability is marked as patched and the last known vulnerability was in the future (which is likely a data anomaly), the presence of past XSS issues suggests that input sanitization and output escaping might require continued vigilance. The fact that the last reported vulnerability was relatively recent (even with the anomalous date) indicates that ongoing maintenance and testing are important for this plugin.

In conclusion, 'themeruby-multi-authors' v1.2.0 appears to be reasonably secure, with robust handling of sensitive operations like database queries and user inputs. The comprehensive checks in place for its entry points are a significant strength. The primary area for continued attention would be the historical trend of XSS vulnerabilities, even though the current version may have addressed this. The plugin's strengths outweigh its weaknesses in this assessment.

Key Concerns

  • Past medium severity XSS vulnerability
Vulnerabilities
1

ThemeRuby Multi Authors – Assign Multiple Writers to Posts Security Vulnerabilities

CVEs by Year

1 CVE in 2026
2026
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2026-1097medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ThemeRuby Multi Authors <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'before' and 'after' Shortcode Attributes

Jan 23, 2026 Patched in 1.1.0 (11d)
Code Analysis
Analyzed Mar 16, 2026

ThemeRuby Multi Authors – Assign Multiple Writers to Posts Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
3 prepared
Unescaped Output
5
70 escaped
Nonce Checks
5
Capability Checks
5
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared3 total queries

Output Escaping

93% escaped75 total outputs
Data Flows
All sanitized

Data Flow Analysis

3 flows
ajax_save_setting (includes\class-tma-admin.php:734)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

ThemeRuby Multi Authors – Assign Multiple Writers to Posts Attack Surface

Entry Points9
Unprotected0

AJAX Handlers 4

authwp_ajax_tmauthors_save_settingincludes\class-tma-admin.php:46
authwp_ajax_tmauthors_save_post_typesincludes\class-tma-admin.php:47
authwp_ajax_tmauthors_clear_cacheincludes\class-tma-admin.php:48
authwp_ajax_tmauthors_search_authorsincludes\class-tma-meta-box.php:34

Shortcodes 5

[tmauthors] includes\class-tma-shortcodes.php:29
[tmauthors_box] includes\class-tma-shortcodes.php:30
[tmauthors_count] includes\class-tma-shortcodes.php:31
[tmauthors_list] includes\class-tma-shortcodes.php:32
[tmauthors_avatars] includes\class-tma-shortcodes.php:33
WordPress Hooks 32
actionadmin_menuincludes\class-tma-admin.php:43
actionadmin_enqueue_scriptsincludes\class-tma-admin.php:700
actionpre_get_postsincludes\class-tma-author-query.php:38
filterposts_whereincludes\class-tma-author-query.php:39
filterposts_joinincludes\class-tma-author-query.php:40
filterposts_distinctincludes\class-tma-author-query.php:41
actiontmauthors_assignedincludes\class-tma-cache-admin.php:31
actionprofile_updateincludes\class-tma-cache-admin.php:32
actiondelete_postincludes\class-tma-cache-admin.php:33
actiontransition_post_statusincludes\class-tma-cache-admin.php:34
filterthe_contentincludes\class-tma-display.php:53
filterget_usernumpostsincludes\class-tma-display.php:57
actionadd_meta_boxesincludes\class-tma-meta-box.php:31
actionsave_postincludes\class-tma-meta-box.php:32
actionadmin_enqueue_scriptsincludes\class-tma-meta-box.php:33
actionpre_get_postsincludes\class-tma-query.php:54
filterposts_whereincludes\class-tma-query.php:57
filterposts_joinincludes\class-tma-query.php:58
filterposts_distinctincludes\class-tma-query.php:59
actionthe_postsincludes\class-tma-query.php:62
filterwpseo_schtmauthors_personincludes\class-tma-seo.php:37
filterwpseo_schtmauthors_articleincludes\class-tma-seo.php:38
filterrank_math/json_ldincludes\class-tma-seo.php:42
filteraioseo_schtmauthors_graphincludes\class-tma-seo.php:46
filterseopress_schemas_manual_authorincludes\class-tma-seo.php:50
filterthe_seo_framework_ld_json_breadcrumbincludes\class-tma-seo.php:54
actioninitincludes\class-tma-taxonomy.php:38
actiondelete_userincludes\class-tma-taxonomy.php:41
actioninitincludes\class-tma-taxonomy.php:44
actionadmin_noticesincludes\class-tma-taxonomy.php:297
actionplugins_loadedthemeruby-multi-authors.php:92
actionwp_enqueue_scriptsthemeruby-multi-authors.php:95
Maintenance & Trust

ThemeRuby Multi Authors – Assign Multiple Writers to Posts Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 30, 2026
PHP min version7.4
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs1K
Alternatives

ThemeRuby Multi Authors – Assign Multiple Writers to Posts Alternatives

Co-Authors Plus

Co-Authors Plus

co-authors-plus

A
99

Assign multiple bylines to posts, pages, and custom post types with a search-as-you-type input box.

20K 1 CVE
Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors

Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors

publishpress-authors

A
94

PublishPress Authors is the best plugin for adding authors, co-authors, multiple authors and guest authors to WordPress posts.

20K 3 CVEs
Molongui Authorship – Author Boxes, Guest Authors & Co-Authors for WordPress

Molongui Authorship – Author Boxes, Guest Authors & Co-Authors for WordPress

molongui-authorship

A
99

All-in-One Authorship Solution: Seamless Author Box, Guest Authors, and Co-Authors to enhance your site's authority, credibility, engagement, and SEO.

10K 6 CVEs
Authorsy – Author Box, Multiple Authors, Guest Authors & Post Rating

Authorsy – Author Box, Multiple Authors, Guest Authors & Post Rating

authorsy

A
98

Authorsy is a powerful WordPress author box plugin. Add customizable author profiles, multiple authors, guest authors, bios, social links, and post ra &hellip;

1K 2 CVEs
Byline

Byline

byline

A
85

Solves the co/multi-author problem without modifying the theme. Uses a custom taxonomy, "Byline," that replaces the Display Author.

200 No CVEs
Developer Profile

ThemeRuby Multi Authors – Assign Multiple Writers to Posts Developer Profile

ThemeRuby

5 plugins · 7K total installs

91
trust score
Avg Security Score
95/100
Avg Patch Time
10 days
View full developer profile
Detection Fingerprints

How We Detect ThemeRuby Multi Authors – Assign Multiple Writers to Posts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/themeruby-multi-authors/assets/tma-frontend.css/wp-content/plugins/themeruby-multi-authors/assets/tma-frontend-rtl.css
Version Parameters
themeruby-multi-authors/assets/tma-frontend.css?ver=themeruby-multi-authors/assets/tma-frontend-rtl.css?ver=

HTML / DOM Fingerprints

CSS Classes
tmauthors-authors
Data Attributes
data-tmauthors-toggle
JS Globals
tmauthors_admin_ajax_object
Shortcode Output
[themeruby_authors][themeruby_authors_list]
FAQ

Frequently Asked Questions about ThemeRuby Multi Authors – Assign Multiple Writers to Posts