WP-Safety

Toast Mobile Menu Security & Risk Analysis

wordpress.org/plugins/toast-mobile-menu

A fast, responsive mobile menu plugin designed for maximum flexibility. Easily customize it to match any layout, design, or device.

10 active installs v2.0.4 PHP 7.0+ WP 5.0+ Updated Unknown
menumobileresponsive
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Toast Mobile Menu Safe to Use in 2026?

Generally Safe

Score 100/100

Toast Mobile Menu has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The toast-mobile-menu plugin v2.0.4 exhibits a strong security posture based on the provided static analysis. The absence of dangerous functions, raw SQL queries, and any identified taint flows with unsanitized paths is highly positive. The plugin demonstrates good practices with a high percentage of properly escaped output, a robust number of nonce and capability checks, and a clean attack surface with all identified entry points appearing to be protected.

While the static analysis reveals no immediate critical vulnerabilities, the presence of two AJAX handlers, even if currently protected, warrants attention. The number of file operations (2) could potentially be a vector if not handled with extreme care, though no specific vulnerabilities are indicated in this analysis. The lack of any recorded vulnerabilities in its history is encouraging and suggests a commitment to security by the developers, or simply a lack of discovery to date.

Overall, the plugin appears to be well-developed from a security perspective. The strengths lie in its lack of known vulnerabilities and solid implementation of security measures like prepared statements and output escaping. The main area of caution would be the existence of unprotected AJAX handlers, which, while reported as protected here, always represent a potential point of interest for attackers if any future changes weaken their defenses.

Vulnerabilities
None known

Toast Mobile Menu Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Toast Mobile Menu Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
7
191 escaped
Nonce Checks
3
Capability Checks
4
File Operations
2
External Requests
0
Bundled Libraries
0

Output Escaping

96% escaped198 total outputs
Attack Surface

Toast Mobile Menu Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

noprivwp_ajax_toastmm_get_ajax_search_resultsfunctions\toastmm_get_ajax_search_results.php:62
authwp_ajax_toastmm_get_ajax_search_resultsfunctions\toastmm_get_ajax_search_results.php:63
WordPress Hooks 30
actionwp_footerfunctions\toastmm_render_menu.php:82
actiontoastmm_menu_bar_gridhooks\toastmm_add_icons.php:47
actiontoastmm_before_menuhooks\toastmm_add_icons.php:51
actiontoastmm_after_menuhooks\toastmm_add_icons.php:55
actionafter_setup_themehooks\toastmm_add_icons.php:59
actiontoastmm_menu_bar_gridhooks\toastmm_add_logo.php:13
actiontoastmm_menu_bar_gridhooks\toastmm_add_logo.php:15
actiontoastmm_menu_bar_gridhooks\toastmm_add_logo.php:17
actiontoastmm_before_menuhooks\toastmm_add_logo.php:19
actiontoastmm_after_menuhooks\toastmm_add_logo.php:21
actionafter_setup_themehooks\toastmm_add_logo.php:24
actiontoastmm_menu_bar_grid_afterhooks\toastmm_add_search_bar.php:32
actiontoastmm_before_menuhooks\toastmm_add_search_bar.php:34
actiontoastmm_after_menuhooks\toastmm_add_search_bar.php:36
actionafter_setup_themehooks\toastmm_add_search_bar.php:41
actiontoastmm_menu_bar_gridhooks\toastmm_add_trigger.php:20
actiontoastmm_menu_bar_gridhooks\toastmm_add_trigger.php:22
actionafter_setup_themehooks\toastmm_add_trigger.php:25
actiontoastmm_after_menuhooks\toastmm_after_menu_content.php:14
actionafter_setup_themehooks\toastmm_after_menu_content.php:17
actiontoastmm_before_menuhooks\toastmm_before_menu_content.php:14
actionafter_setup_themehooks\toastmm_before_menu_content.php:17
actionadmin_enqueue_scriptsincludes\enqueue.php:49
actionwp_enqueue_scriptsincludes\enqueue.php:207
filterwoocommerce_add_to_cart_fragmentsincludes\fragments.php:21
filterwoocommerce_add_to_cart_fragmentsincludes\fragments.php:30
filternav_menu_item_titleincludes\misc.php:3
actionwp_nav_menu_item_custom_fieldsincludes\misc.php:53
actionwp_update_nav_menu_itemincludes\misc.php:82
actionadmin_menuincludes\setup.php:6
Maintenance & Trust

Toast Mobile Menu Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedUnknown
PHP min version7.0
Downloads257

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

Toast Mobile Menu Alternatives

Max Mega Menu

Max Mega Menu

megamenu

A
99

An easy to use mega menu plugin. Written the WordPress way.

300K 2 CVEs
WP Mobile Menu – The Mobile-Friendly Responsive Menu

WP Mobile Menu – The Mobile-Friendly Responsive Menu

mobile-menu

A
96

Need some help with the mobile website experience? Need an Mobile Menu plugin that keep your mobile visitors engaged?

80K 4 CVEs
Responsive Menu – Create Mobile-Friendly Menu

Responsive Menu – Create Mobile-Friendly Menu

responsive-menu

A
97

Highly customisable Responsive Menu plugin with 150+ options. No coding knowledge needed to design it exactly as you want.

80K 5 CVEs
WP Responsive Menu

WP Responsive Menu

wp-responsive-menu

A
100

WP Responsive Menu turns your WordPress menu to a highly customizable sliding responsive menu.

30K 1 CVE
QuadMenu – Mega Menu

QuadMenu – Mega Menu

quadmenu

A
94

Responsive mega menu plugin for WordPress with customizable layouts and an intuitive drag-and-drop builder.

10K 2 CVEs
Developer Profile

Toast Mobile Menu Developer Profile

Toast Plugins

5 plugins · 5K total installs

87
trust score
Avg Security Score
99/100
Avg Patch Time
41 days
View full developer profile
Detection Fingerprints

How We Detect Toast Mobile Menu

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/toast-mobile-menu/assets/css/backend.css/wp-content/plugins/toast-mobile-menu/assets/js/backend.js/wp-content/plugins/toast-mobile-menu/assets/js/backend-conditional-logic.js/wp-content/plugins/toast-mobile-menu/assets/js/backend-pro-alert.js/wp-content/plugins/toast-mobile-menu/assets/css/frontend.css/wp-content/plugins/toast-mobile-menu/assets/css/frontend-enforced.css/wp-content/plugins/toast-mobile-menu/assets/js/frontend.js/wp-content/plugins/toast-mobile-menu/assets/js/frontend-admin.js
Script Paths
/wp-content/plugins/toast-mobile-menu/assets/js/backend.js/wp-content/plugins/toast-mobile-menu/assets/js/backend-conditional-logic.js/wp-content/plugins/toast-mobile-menu/assets/js/backend-pro-alert.js/wp-content/plugins/toast-mobile-menu/assets/js/frontend.js/wp-content/plugins/toast-mobile-menu/assets/js/frontend-admin.js
Version Parameters
toast-mobile-menu/assets/css/backend.css?ver=toast-mobile-menu/assets/js/backend.js?ver=toast-mobile-menu/assets/js/backend-conditional-logic.js?ver=toast-mobile-menu/assets/js/backend-pro-alert.js?ver=toast-mobile-menu/assets/css/frontend.css?ver=toast-mobile-menu/assets/css/frontend-enforced.css?ver=toast-mobile-menu/assets/js/frontend.js?ver=toast-mobile-menu/assets/js/frontend-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
toastmm-upload-menu-item-imagetoastmm-menu-item-image-idtoastmm-menu-item-image-previewtoastmm-remove-menu-item-image
Data Attributes
toastmm-menu-item-image-idtoastmm-menu-item-image-preview
JS Globals
toastmm
FAQ

Frequently Asked Questions about Toast Mobile Menu