Does Winecoza have any unpatched vulnerabilities?

No. All known vulnerabilities in Winecoza have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Winecoza compatible with WordPress 6.7.5?

According to WordPress.org data, Winecoza 1.1 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Winecoza compatible with PHP 7.4+?

Winecoza requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Winecoza updated?

Winecoza was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Winecoza's security score?

Winecoza has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Winecoza Security & Risk Analysis

wordpress.org/plugins/winecoza

A plugin that creates a custom post type for Winecoza and a taxonomy, and uses a different template for posts with a specific taxonomy type.

0 active installs v1.1 PHP 7.4+ WP 4.8+ Updated Unknown

custom-post-typescustom-taxonomytemplateswine

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Winecoza Safe to Use in 2026?

Generally Safe

Score 100/100

Winecoza has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The winecoza plugin v1.1 demonstrates a generally good security posture, with no known vulnerabilities in its history and a commendable use of prepared statements for SQL queries. The static analysis shows a low number of dangerous functions and no critical or high severity taint flows, indicating developers have been mindful of common code injection risks. The extensive output escaping (80%) and the presence of numerous nonce and capability checks are also positive indicators of security awareness.

However, a notable concern is the presence of one AJAX handler that lacks authentication checks. This creates a direct entry point that could be exploited by unauthenticated users, potentially leading to unintended actions or information disclosure depending on the handler's functionality. While the overall attack surface is relatively small, this single unprotected entry point is a significant weakness. The plugin also performs external HTTP requests, which could be a vector for SSRF if not handled with extreme care and validation, though no specific issues were flagged in the taint analysis for this.

Given the absence of past vulnerabilities and the otherwise robust coding practices, the plugin appears to be maintained with security in mind. The key area for improvement is addressing the unprotected AJAX endpoint to harden its attack surface. The strengths lie in the core code security, while the weakness is a specific, identifiable access control issue.

Key Concerns

Unprotected AJAX handler

Vulnerabilities

None known

Winecoza Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Winecoza Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

261 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared1 total queries

Output Escaping

80% escaped326 total outputs

Data Flows

All sanitized

Data Flow Analysis

4 flows

winecoza_add_taxonomy_filters (inc\custom_post_type.php:160)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Winecoza Attack Surface

Entry Points23

Unprotected1

AJAX Handlers 3

authwp_ajax_winecoza_get_progressimports\import_data.php:139

authwp_ajax_winecoza_dismiss_winecoza_noticeimports\import_data.php:207

authwp_ajax_create_winecoza_pageinc\settings.php:463

Shortcodes 20

[winecoza] inc\functions.php:250

[attractions-content] template\blocks\attractions-content.php:11

[attractions-generalinfo] template\blocks\attractions-more-info.php:11

[diary-event-details] template\blocks\diary-event-details.php:11

[diary-gallery] template\blocks\diary-gallery.php:11

[diary-moreinfo] template\blocks\diary-more-info.php:11

[global-book-now] template\blocks\global-book-now.php:11

[global-content] template\blocks\global-content.php:11

[global-event-dates] template\blocks\global-event-dates.php:10

[global-excerpt] template\blocks\global-excerpt.php:11

[global-gallery] template\blocks\global-gallery.php:11

[global-publish-date] template\blocks\global-publish-date.php:10

[global-social] template\blocks\global-social.php:11

[global-title] template\blocks\global-title.php:11

[media-content] template\blocks\media-content.php:11

[people-details] template\blocks\people-details.php:11

[video-gallery] template\blocks\video-gallery.php:11

[wine-content] template\blocks\wine-content.php:11

[wine-moreinfo] template\blocks\wine-moreinfo.php:11

[wine-analysis] template\blocks\wine-technicalanalysis.php:11

WordPress Hooks 31

actionwinecoza_manual_import_eventimports\import_data.php:34

actionadmin_initimports\import_data.php:47

actionwinecoza_import_eventimports\import_data.php:91

actionwinecoza_import_startimports\import_data.php:111

actionwinecoza_post_processedimports\import_data.php:134

actionadmin_noticesimports\import_data.php:158

actionadmin_enqueue_scriptsimports\import_data.php:181

filterjpeg_qualityimports\set_featured_image_from_url.php:16

actioninitinc\custom_post_type.php:39

filterpost_type_linkinc\custom_post_type.php:73

actionadmin_menuinc\custom_post_type.php:94

filtermanage_winecoza_posts_columnsinc\custom_post_type.php:109

actionmanage_winecoza_posts_custom_columninc\custom_post_type.php:144

filtermanage_edit-winecoza_sortable_columnsinc\custom_post_type.php:153

actionrestrict_manage_postsinc\custom_post_type.php:219

actiontype_edit_form_fieldsinc\custom_terms.php:10

actionedited_typeinc\custom_terms.php:58

filterpost_linkinc\functions.php:213

actionadmin_enqueue_scriptsinc\gallery.php:46

actionsave_postinc\gallery.php:120

actionadmin_menuinc\settings.php:32

actionadmin_initinc\settings.php:97

actionadmin_enqueue_scriptsinc\settings.php:266

actionupdate_option_winecoza_settingsinc\settings.php:284

filterposts_whereinc\settings.php:372

filtertemplate_includeinc\template_redirect.php:36

actionadmin_menuwinecoza.php:41

actionadmin_initwinecoza.php:42

actioninitwinecoza.php:43

actionadmin_initwinecoza.php:44

actionwp_enqueue_scriptswinecoza.php:45

Scheduled Events 3

winecoza_manual_import_event

winecoza_import_event

winecoza_manual_import_event

Maintenance & Trust

Winecoza Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedUnknown

PHP min version7.4

Downloads301

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Winecoza Alternatives

Custom post types, Custom Fields & more

custom-post-types

Custom Post Types, Custom Fields, Custom Taxonomies, Custom Templates, Custom Admin Pages, Custom Admin Notices. Directly from the WP dashboard.

3K 3 CVEs

Templatify

templatify

This plugin adds Page Templates feature to Posts and Custom Post Types. No settings needed.

200 No CVEs

PTAPS – Post Type Archive Pages and Permalink Settings

post-type-archive-pages-and-permalink-settings

100

Use archive pages for custom post types and improve WordPress SEO by managing permalinks for custom post types and taxonomies.

50 No CVEs

Custom Post Archives

custom-post-archives

Custom Post Archives creates a fully featured set of archives for each post type using a robust back-end and native templating functionality.

20 No CVEs

Elite Stay Helper – Create Cpts and taxonomy for rooms

elite-stay-helper

The plugin by Kamaldhari Infotech streamlines hotel management, offering custom post types, taxonomy, and meta fields. Easily handle rooms,testimonial …

0 No CVEs

Developer Profile

Winecoza Developer Profile

wine.co.za

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Winecoza

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/winecoza/assets/css/style.css/wp-content/plugins/winecoza/assets/css/archive_style.css/wp-content/plugins/winecoza/assets/css/single_style.css/wp-content/plugins/winecoza/assets/css/admin.css/wp-content/plugins/winecoza/assets/js/admin.js

Version Parameters

winecoza/assets/css/style.css?t=winecoza/assets/css/archive_style.css?t=winecoza/assets/css/single_style.css?t=winecoza/assets/css/admin.css?t=winecoza/assets/js/admin.js

HTML / DOM Fingerprints

HTML Comments

+5 more

Data Attributes

name="winecoza_settings"name="winecoza"id="winecoza-settings"

JS Globals

ajax_object

FAQ