WP-Safety

TwentyTen Options Security & Risk Analysis

wordpress.org/plugins/twentyten-options

A set of options to customize the TwentyTen theme.

10 active installs v0.2 PHP + WP 3.4+ Updated Unknown
customizeroptionsthemetwentyten
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is TwentyTen Options Safe to Use in 2026?

Generally Safe

Score 100/100

TwentyTen Options has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The 'twentyten-options' plugin, in version 0.2, exhibits a generally good security posture based on the static analysis. There are no identified entry points such as AJAX handlers, REST API routes, shortcodes, or cron events, which significantly reduces the plugin's attack surface. Furthermore, the absence of dangerous function calls, file operations, and external HTTP requests, along with the use of prepared statements for all SQL queries, are positive security indicators. The vulnerability history is also clean, with no known CVEs recorded, suggesting a history of secure development or low visibility. However, a notable concern arises from the output escaping, where 100% of the identified outputs are not properly escaped. This could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is rendered directly without sanitization.

Key Concerns

  • Unescaped output detected
Vulnerabilities
None known

TwentyTen Options Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

TwentyTen Options Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
2
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

0% escaped2 total outputs
Attack Surface

TwentyTen Options Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 2
actioncustomize_registerinit.php:34
actionwp_headinit.php:35
Maintenance & Trust

TwentyTen Options Maintenance & Trust

Maintenance Signals

WordPress version tested3.4.2
Last updatedUnknown
PHP min version
Downloads2K

Community Trust

Rating40/100
Number of ratings1
Active installs10
Alternatives

TwentyTen Options Alternatives

Kirki Customizer Framework

Kirki Customizer Framework

kirki

A
100

The Ultimate Customizer Framework for WordPress Theme Developers

500K No CVEs
Customize Plus

Customize Plus

customize-plus

A
100

Enhance and extend the WordPress Customize in your themes.

0 No CVEs
Customizer Toolkits

Customizer Toolkits

customizer-toolkits

A
85

Customizer Toolkits is a nice wordpress plugin. You can use this plugin any wordpress site for create Customizer Options. Customizer Toolkits is one o …

0 No CVEs
One Click Demo Import

One Click Demo Import

one-click-demo-import

A
97

Import your demo content, widgets and theme settings with one click. Theme authors! Enable simple theme demo import for your users.

1.0M 2 CVEs
Redux Framework

Redux Framework

redux-framework

A
89

Redux is a simple, truly extensible, and fully responsive options framework for WordPress themes and plugins. It ships with an integrated demo.

1.0M 6 CVEs
Developer Profile

TwentyTen Options Developer Profile

shazdeh

24 plugins · 4K total installs

84
trust score
Avg Security Score
86/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect TwentyTen Options

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/twentyten-options/twentyten-options.php

HTML / DOM Fingerprints

CSS Classes
entry-title
FAQ

Frequently Asked Questions about TwentyTen Options