Does WebMan Amplifier have any unpatched vulnerabilities?

No. All known vulnerabilities in WebMan Amplifier have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WebMan Amplifier compatible with WordPress 7.0?

According to WordPress.org data, WebMan Amplifier 1.6.3 has been tested up to WordPress 7.0. Check the plugin's changelog for the latest compatibility information.

Is WebMan Amplifier compatible with PHP 8.0+?

WebMan Amplifier requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WebMan Amplifier updated?

WebMan Amplifier was last updated on Mar 13, 2026. Frequent updates are generally a positive security signal.

What is WebMan Amplifier's security score?

WebMan Amplifier has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WebMan Amplifier Security & Risk Analysis

wordpress.org/plugins/webman-amplifier

Amplifies functionality of WP themes. Provides custom post types, shortcodes, metaboxes, icons. Theme developer's best friend!

2K active installs v1.6.3 PHP 8.0+ WP 6.7+ Updated Mar 13, 2026

beaver-buildercustom-post-typesiconsmetaboxshortcodes

A · Safe

CVEs total1

Unpatched0

Last CVEDec 31, 2025

Plugin page Download

Safety Verdict

Is WebMan Amplifier Safe to Use in 2026?

Generally Safe

Score 99/100

WebMan Amplifier has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Dec 31, 2025Updated 21d ago

Risk Assessment

The webman-amplifier plugin version 1.6.3 exhibits a generally strong security posture based on static analysis. The plugin demonstrates excellent adherence to secure coding practices, with no dangerous functions, no raw SQL queries, a very high percentage of properly escaped output, and no file operations or external HTTP requests. The presence of multiple nonce and capability checks, along with a contained attack surface of only one AJAX handler, suggests a thoughtful approach to securing its entry points. Taint analysis also reveals no concerning flows of unsanitized data, reinforcing the impression of a secure codebase.

However, the plugin's vulnerability history presents a significant concern. Despite the current version being unpatched, the historical presence of one medium-severity vulnerability, specifically Cross-site Scripting (XSS), indicates a past weakness. The 'last vulnerability' date of 2025-12-31 00:00:00 is highly unusual and likely a placeholder or erroneous data, but it still points to a history of past exploitable issues.

In conclusion, while the current code appears robust and well-secured against common attack vectors, the past XSS vulnerability is a red flag. This history suggests that while developers may have improved their practices, a latent risk could still exist if the underlying cause of the previous vulnerability was not fully addressed or if new, unforeseen vulnerabilities arise. The plugin's strengths lie in its careful handling of data and secure entry points, but the historical context necessitates vigilance.

Key Concerns

Historical medium severity vulnerability

Vulnerabilities

WebMan Amplifier Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-62757medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WebMan Amplifier <= 1.5.12 - Authenticated (Contributor+) Stored Cross-Site Scripting

Dec 31, 2025 Patched in 1.6.0 (48d)

Code Analysis

Analyzed Mar 16, 2026

WebMan Amplifier Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

802 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

97% escaped828 total outputs

Data Flows

All sanitized

Data Flow Analysis

6 flows

save_permalinks (class-wm-amplifier.php:203)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WebMan Amplifier Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_wm-gallery-preview-refreshincludes\metabox\class-metabox.php:970

WordPress Hooks 110

filterrequestclass-wm-amplifier.php:103

actionadmin_enqueue_scriptsclass-wm-amplifier.php:124

filterwp_kses_allowed_htmlincludes\class-kses.php:367

actionplugins_loadedincludes\compatibility\compatibility.php:33

filterwoo_conditionsincludes\compatibility\woosidebars\class-woosidebars.php:83

filterwoo_conditions_referenceincludes\compatibility\woosidebars\class-woosidebars.php:85

actioninitincludes\compatibility\woosidebars\class-woosidebars.php:234

filterwpml_beaver_builder_modules_to_translateincludes\compatibility\wpml\class-wpml.php:35

actioninitincludes\compatibility\wpml\class-wpml.php:175

actionwmhook_wmamp_register_post_typesincludes\custom-posts\logos.php:22

actionmanage_wm_logos_posts_custom_columnincludes\custom-posts\logos.php:25

actionwmhook_wmamp_register_post_typesincludes\custom-posts\logos.php:28

filtermanage_edit-wm_logos_columnsincludes\custom-posts\logos.php:41

actionwmhook_wmamp_register_post_typesincludes\custom-posts\modules.php:22

actionmanage_wm_modules_posts_custom_columnincludes\custom-posts\modules.php:25

actionadmin_enqueue_scriptsincludes\custom-posts\modules.php:26

actionwmhook_wmamp_register_post_typesincludes\custom-posts\modules.php:29

filtermanage_edit-wm_modules_columnsincludes\custom-posts\modules.php:42

actionwmhook_wmamp_register_post_typesincludes\custom-posts\projects.php:22

actionmanage_wm_projects_posts_custom_columnincludes\custom-posts\projects.php:25

actionwmhook_wmamp_register_post_typesincludes\custom-posts\projects.php:28

actionadmin_initincludes\custom-posts\projects.php:31

filtermanage_edit-wm_projects_columnsincludes\custom-posts\projects.php:44

filterjetpack_sitemap_post_typesincludes\custom-posts\projects.php:542

actionwmhook_wmamp_register_post_typesincludes\custom-posts\staff.php:22

actionmanage_wm_staff_posts_custom_columnincludes\custom-posts\staff.php:25

actionwmhook_wmamp_register_post_typesincludes\custom-posts\staff.php:28

actionadmin_initincludes\custom-posts\staff.php:31

filtermanage_edit-wm_staff_columnsincludes\custom-posts\staff.php:44

filterenter_title_hereincludes\custom-posts\staff.php:47

filterjetpack_sitemap_post_typesincludes\custom-posts\staff.php:667

actionwmhook_wmamp_register_post_typesincludes\custom-posts\testimonials.php:22

actionmanage_wm_testimonials_posts_custom_columnincludes\custom-posts\testimonials.php:25

actionwmhook_wmamp_register_post_typesincludes\custom-posts\testimonials.php:28

actionadmin_initincludes\custom-posts\testimonials.php:31

filtermanage_edit-wm_testimonials_columnsincludes\custom-posts\testimonials.php:44

filterjetpack_sitemap_post_typesincludes\custom-posts\testimonials.php:490

actioninitincludes\icons\class-icon-font.php:165

actionadmin_enqueue_scriptsincludes\icons\class-icon-font.php:168

actionadmin_menuincludes\icons\class-icon-font.php:171

actionedit_form_after_titleincludes\metabox\class-metabox.php:193

actionedit_form_after_editorincludes\metabox\class-metabox.php:194

actionadd_meta_boxesincludes\metabox\class-metabox.php:196

actionsave_postincludes\metabox\class-metabox.php:198

actionadmin_enqueue_scriptsincludes\metabox\class-metabox.php:202

actiontgmpa_registerincludes\metabox\class-metabox.php:914

actionwmhook_metabox_render_checkboxincludes\metabox\fields\checkbox.php:113

actionwmhook_metabox_saving_checkboxincludes\metabox\fields\checkbox.php:133

actionwmhook_metabox_conditionalincludes\metabox\fields\conditional.php:94

actionwmhook_metabox_render_hiddenincludes\metabox\fields\hidden.php:67

actionwmhook_metabox_saving_hiddenincludes\metabox\fields\hidden.php:87

actionwmhook_metabox_render_htmlincludes\metabox\fields\html.php:95

actionwmhook_metabox_render_imageincludes\metabox\fields\images.php:202

actionwmhook_metabox_saving_imageincludes\metabox\fields\images.php:237

actionwmhook_metabox_render_galleryincludes\metabox\fields\images.php:376

actionwmhook_metabox_saving_galleryincludes\metabox\fields\images.php:396

actionwmhook_metabox_render_radioincludes\metabox\fields\radio.php:214

actionwmhook_metabox_saving_radioincludes\metabox\fields\radio.php:233

actionwmhook_metabox_render_repeaterincludes\metabox\fields\repeater.php:174

actionwmhook_metabox_render_section-openincludes\metabox\fields\sections.php:123

actionwmhook_metabox_render_section-closeincludes\metabox\fields\sections.php:159

actionwmhook_metabox_render_sub-section-openincludes\metabox\fields\sections.php:203

actionwmhook_metabox_render_sub-section-closeincludes\metabox\fields\sections.php:243

actionwmhook_metabox_render_selectincludes\metabox\fields\select.php:178

actionwmhook_metabox_saving_selectincludes\metabox\fields\select.php:198

actionwmhook_metabox_render_sliderincludes\metabox\fields\slider.php:134

actionwmhook_metabox_saving_sliderincludes\metabox\fields\slider.php:153

actionwmhook_metabox_render_colorincludes\metabox\fields\texts.php:174

actionwmhook_metabox_render_passwordincludes\metabox\fields\texts.php:175

actionwmhook_metabox_render_textincludes\metabox\fields\texts.php:176

actionwmhook_metabox_saving_colorincludes\metabox\fields\texts.php:228

actionwmhook_metabox_saving_passwordincludes\metabox\fields\texts.php:229

actionwmhook_metabox_saving_textincludes\metabox\fields\texts.php:230

actionwmhook_metabox_render_textareaincludes\metabox\fields\texts.php:361

actionwmhook_metabox_saving_textareaincludes\metabox\fields\texts.php:381

actioninitincludes\shortcodes\class-shortcodes.php:55

actionwp_enqueue_scriptsincludes\shortcodes\class-shortcodes.php:57

filterthe_contentincludes\shortcodes\class-shortcodes.php:61

filterwmhook_content_filtersincludes\shortcodes\class-shortcodes.php:62

filterwidget_textincludes\shortcodes\class-shortcodes.php:63

filterwmhook_shortcode_preprocess_shortcodes_outputincludes\shortcodes\class-shortcodes.php:65

filterthe_contentincludes\shortcodes\class-shortcodes.php:67

filterwmhook_shortcode_outputincludes\shortcodes\class-shortcodes.php:69

filterwmhook_shortcode__contentincludes\shortcodes\class-shortcodes.php:73

filterwmhook_shortcode_list_contentincludes\shortcodes\class-shortcodes.php:76

filterwmhook_shortcode_widget_area_outputincludes\shortcodes\class-shortcodes.php:79

actioninitincludes\shortcodes\class-shortcodes.php:1160

actioninitincludes\shortcodes\page-builder\beaver-builder\beaver-builder.php:21

actioninitincludes\shortcodes\page-builder\beaver-builder\beaver-builder.php:22

actionwp_enqueue_scriptsincludes\shortcodes\page-builder\beaver-builder\beaver-builder.php:24

actionfl_builder_control_wm_radioincludes\shortcodes\page-builder\beaver-builder\beaver-builder.php:26

actionwmhook_shortcode_bb_module_frontendincludes\shortcodes\page-builder\beaver-builder\beaver-builder.php:28

filterfl_builder_upgrade_urlincludes\shortcodes\page-builder\beaver-builder\beaver-builder.php:34

filterfl_builder_module_custom_classincludes\shortcodes\page-builder\beaver-builder\beaver-builder.php:36

actionwmhook_shortcode_bb_module_frontend_jsincludes\shortcodes\page-builder\beaver-builder\beaver-builder.php:479

actionwp_enqueue_scriptsincludes\visual-editor\visual-editor.php:128

actionadmin_enqueue_scriptsincludes\visual-editor\visual-editor.php:129

filtermce_external_pluginsincludes\visual-editor\visual-editor.php:190

filtermce_buttonsincludes\visual-editor\visual-editor.php:250

actionwidgets_initincludes\widgets\w-contact.php:34

actionwidgets_initincludes\widgets\w-module.php:23

actionwidgets_initincludes\widgets\w-posts.php:23

actionwidgets_initincludes\widgets\w-subnav.php:359

actioninitincludes\widgets\w-tabbed-widgets.php:23

actionwidgets_initincludes\widgets\w-tabbed-widgets.php:24

actionwp_enqueue_scriptsincludes\widgets\w-tabbed-widgets.php:118

filterdynamic_sidebar_paramsincludes\widgets\w-tabbed-widgets.php:248

actionafter_setup_themewebman-amplifier-setup.php:127

filterwmhook_shortcode_supported_versionwebman-amplifier-setup.php:304

actionplugins_loadedwebman-amplifier.php:145

Maintenance & Trust

WebMan Amplifier Maintenance & Trust

Maintenance Signals

WordPress version tested7.0

Last updatedMar 13, 2026

PHP min version8.0

Downloads116K

Community Trust

Rating78/100

Number of ratings7

Active installs2K

Alternatives

WebMan Amplifier Alternatives

Apollo13 Framework Extensions

apollo13-framework-extensions

Adds custom post types, shortcodes and some features that are used in themes built on Apollo13 Framework.

20K 6 CVEs

Material Design Icons for Page Builders

material-design-icons-for-elementor

Material Design Icons for Page Builders - adds Google Material Design Icons into Icons control of Page Builders

20K 2 CVEs

CubeWP Framework

cubewp-framework

CubeWP is an end-to-end dynamic content framework for WordPress to help you shrink time and cut cost of development up to 90%.

4K 1 unpatched

Popular Brand Icons – Simple Icons

simple-icons

An easy to use lightweight SVG icons plugin with over 1500+ brand icons. Use these icons in your menus, widgets, posts, or pages.

3K 1 unpatched

SFN Easy FAQ Manager

wordpress-faq-manager

100

Uses custom post types and taxonomies to manage an FAQ section for your site.

2K No CVEs

Developer Profile

WebMan Amplifier Developer Profile

WebMan Design | Oliver Juhas

21 plugins · 14K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

2137 days

View full developer profile

Detection Fingerprints

How We Detect WebMan Amplifier

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/webman-amplifier/assets/css//wp-content/plugins/webman-amplifier/assets/js//wp-content/plugins/webman-amplifier/includes/compatibility/assets/

Script Paths

/wp-content/plugins/webman-amplifier/assets/js/wm-amplifier.js

Version Parameters

webman-amplifier/assets/js/wm-amplifier.js?ver=webman-amplifier/assets/css/wm-amplifier.css?ver=

HTML / DOM Fingerprints

CSS Classes

wm-amplifier-fieldwm-metabox-wrapper

HTML Comments

Data Attributes

data-wm-field-prefixdata-wm-serialized-name

JS Globals

window.WM_Amplifier_Config

Shortcode Output

[wm_amplifier]

FAQ