User Meta Display Security & Risk Analysis
wordpress.org/plugins/user-meta-displayAjax powered admin page to show, edit, add, and remove user meta. Choose dropdown list by User Login, ID, or Display Name.
Is User Meta Display Safe to Use in 2026?
Generally Safe
Score 85/100User Meta Display has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "user-meta-display" plugin v1.2.2 exhibits a generally good security posture, with no known critical or high severity vulnerabilities in its history. The static analysis reveals a robust implementation of security best practices, including the use of prepared statements for all SQL queries and a sufficient number of nonce checks (5) and capability checks (1) to secure its entry points. The absence of file operations and external HTTP requests further strengthens its security profile. However, a significant concern is the low percentage (33%) of properly escaped outputs, indicating a potential risk of Cross-Site Scripting (XSS) vulnerabilities, particularly given that the taint analysis identified one flow with unsanitized paths. While this flow was not flagged as critical or high, it warrants attention as it represents a vector for potential data injection or manipulation if the unsanitized path is leveraged by an attacker.
Key Concerns
- Low percentage of properly escaped outputs
- Taint flow with unsanitized paths
User Meta Display Security Vulnerabilities
User Meta Display Release Timeline
User Meta Display Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
User Meta Display Attack Surface
AJAX Handlers 4
WordPress Hooks 11
Maintenance & Trust
User Meta Display Maintenance & Trust
Maintenance Signals
Community Trust
User Meta Display Alternatives
User Import with meta – WP Ultimate CSV Importer Add-on
import-users
Import and export WordPress and WooCommerce users with full user meta, custom fields, billing & shipping details, and membership data.
JSON API User
json-api-user
Extends the JSON API Plugin to allow RESTful user registration, authentication & many other User Meta, BP functions. A Pro version is also available.
View User Metadata
view-user-metadata
A lightweight plugin that allows you to view user metadata, export them CSV or JSON, or delete key/value pairs.
Custom Metadata Manager
custom-metadata
An easy way to add custom fields to your object types (post, pages, custom post types, users)
Extended CRM for Users Insights
extended-crm-for-users-insights
Extends the CRM functionality of Users Insights - adds new management options to the user groups, user notes and custom user fields features
User Meta Display Developer Profile
9 plugins · 890 total installs
How We Detect User Meta Display
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/user-meta-display/assets/js/user-meta-display.js/wp-content/plugins/user-meta-display/assets/css/user-meta-display.css/wp-content/plugins/user-meta-display/assets/js/bootstrap.min.js/wp-content/plugins/user-meta-display/assets/js/bootstrap-select.min.js/wp-content/plugins/user-meta-display/assets/css/bootstrap-select.min.css/wp-content/plugins/user-meta-display/assets/js/user-meta-display.js/wp-content/plugins/user-meta-display/assets/js/bootstrap.min.js/wp-content/plugins/user-meta-display/assets/js/bootstrap-select.min.jsuser-meta-display/assets/css/user-meta-display.css?ver=user-meta-display/assets/js/user-meta-display.js?ver=user-meta-display/assets/js/bootstrap.min.js?ver=user-meta-display/assets/js/bootstrap-select.min.js?ver=user-meta-display/assets/css/bootstrap-select.min.css?ver=HTML / DOM Fingerprints
user-meta-displaydata-user-meta-display-target-userdata-user-meta-display-user-iddata-user-meta-display-meta-keydata-user-meta-display-display-typeUserMetaDisplay[user-meta-display]