Does WordThree – Easily Login & Register Using Your MetaMask Wallet have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is WordThree – Easily Login & Register Using Your MetaMask Wallet compatible with WordPress 6.0.11?

According to WordPress.org data, WordThree – Easily Login & Register Using Your MetaMask Wallet 1.1.0 has been tested up to WordPress 6.0.11. Check the plugin's changelog for the latest compatibility information.

Is WordThree – Easily Login & Register Using Your MetaMask Wallet compatible with PHP 7.3+?

WordThree – Easily Login & Register Using Your MetaMask Wallet requires PHP 7.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

WordThree – Easily Login & Register Using Your MetaMask Wallet Security & Risk Analysis

wordpress.org/plugins/wordthree

Allow users to login and register using their MetaMask wallet.

10 active installs v1.1.0 PHP 7.3+ WP 5.0+ Updated Feb 9, 2023

blockchainethereummetamasknftpolygon

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WordThree – Easily Login & Register Using Your MetaMask Wallet Safe to Use in 2026?

Generally Safe

Score 85/100

WordThree – Easily Login & Register Using Your MetaMask Wallet has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The plugin "wordthree" v1.1.0 exhibits a generally strong security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events, particularly unprotected ones, significantly limits its attack surface. Furthermore, the plugin demonstrates good practices by exclusively using prepared statements for all its SQL queries and has a reasonable rate of output escaping (68%). The presence of nonce checks also adds a layer of defense. However, the complete lack of capability checks is a notable concern, as it implies that any user, regardless of their role or permissions, could potentially trigger the plugin's functionalities if they were to be exposed through some unforeseen mechanism. The zero taint flows and zero known vulnerabilities are positive indicators, suggesting that the plugin has not historically been a source of exploits or does not contain obvious exploitable flaws. The file operation, while singular, needs to be scrutinized in its context, as file operations can be sensitive. Overall, the plugin is well-defended against common web vulnerabilities due to its minimal attack surface and good coding practices, but the lack of capability checks is a potential weakness that should be investigated.

Key Concerns

No capability checks
Output escaping only 68%
One file operation found

Vulnerabilities

None known

WordThree – Easily Login & Register Using Your MetaMask Wallet Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

WordThree – Easily Login & Register Using Your MetaMask Wallet Release Timeline

v1.1.0Current

v1.0.0

Code Analysis

Analyzed Mar 16, 2026

WordThree – Easily Login & Register Using Your MetaMask Wallet Code Analysis

Dangerous Functions

Raw SQL Queries

8 prepared

Unescaped Output

15 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared8 total queries

Output Escaping

68% escaped22 total outputs

Attack Surface

WordThree – Easily Login & Register Using Your MetaMask Wallet Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 23

actionadmin_menusrc\AdminSettings.php:29

actionadmin_initsrc\AdminSettings.php:34

filterpre_update_option_wordthree_optionsrc\AdminSettings.php:39

actionadmin_head-nav-menus.phpsrc\MenuCustomizer.php:23

filterwp_nav_menu_objectssrc\MenuCustomizer.php:28

actionwp_nav_menu_item_custom_fieldssrc\MenuCustomizer.php:33

actionwp_update_nav_menu_itemsrc\MenuCustomizer.php:38

actionnav_menu_css_classsrc\MenuCustomizer.php:43

actionwalker_nav_menu_start_elsrc\MenuCustomizer.php:48

actionlogin_enqueue_scriptssrc\Metamask.php:22

actionwp_enqueue_scriptssrc\Metamask.php:23

actionadmin_enqueue_scriptssrc\Metamask.php:24

actionlogin_footersrc\Metamask.php:29

actionwp_footersrc\Metamask.php:30

actionrest_api_initsrc\RestRoutes.php:28

actionwoocommerce_after_edit_account_formsrc\Shortcodes\Link.php:33

actionwoocommerce_after_my_accountsrc\Shortcodes\Link.php:37

actionlogin_formsrc\Shortcodes\Login.php:32

actionwoocommerce_login_form_endsrc\Shortcodes\Login.php:41

actionregister_formsrc\Shortcodes\Register.php:32

actionwoocommerce_register_form_endsrc\Shortcodes\Register.php:41

actionwoocommerce_after_checkout_registration_formsrc\Shortcodes\Register.php:50

actionplugins_loadedwordthree.php:19

Maintenance & Trust

WordThree – Easily Login & Register Using Your MetaMask Wallet Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11

Last updatedFeb 9, 2023

PHP min version7.3

Downloads2K

Community Trust

Rating100/100

Number of ratings4

Active installs10

Alternatives

WordThree – Easily Login & Register Using Your MetaMask Wallet Alternatives

Kredeum NFTs, the easiest way to sell your NFTs directly on your WordPress site

kredeum-nfts

Sell your NFTs directly on your WordPress site in an easy and fast way.

40 1 CVE

KoalaMint Plugin

koalamint

The No-Code Solution to Launch a Generative NFT Collection On your Website.

10 No CVEs

EthPress – Web3 Login

ethpress

EthPress Web3 Login Wordpress Plugin adds the capability to connect with cryptocurrency wallets such as MetaMask or WalletConnect QR code.

100 No CVEs

Web3 – Crypto wallet Login & NFT token gating

web3-authentication

Users can sign up for your WordPress using their crypto wallets. Gate content based on NFTs owned. Web3 authentication plugin supports crypto wallets …

100 2 CVEs

Token / NFT / Blockchain Page Gating

litprotocol-wp-lit-gated

Gate your content based on blockchain conditions like NFT ownership.

20 No CVEs

Developer Profile

WordThree – Easily Login & Register Using Your MetaMask Wallet Developer Profile

Wesley Cude

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WordThree – Easily Login & Register Using Your MetaMask Wallet

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wordthree/assets/css/main.css/wp-content/plugins/wordthree/assets/js/web3.min.js/wp-content/plugins/wordthree/assets/js/popup-modal.js/wp-content/plugins/wordthree/assets/js/metamask.js/wp-content/plugins/wordthree/assets/js/metamask-login.js/wp-content/plugins/wordthree/assets/css/admin.css/wp-content/plugins/wordthree/assets/js/admin.js

Script Paths

/wp-content/plugins/wordthree/assets/js/web3.min.js/wp-content/plugins/wordthree/assets/js/popup-modal.js/wp-content/plugins/wordthree/assets/js/metamask.js/wp-content/plugins/wordthree/assets/js/metamask-login.js/wp-content/plugins/wordthree/assets/js/admin.js

Version Parameters

wordthree/assets/css/main.css?ver=wordthree/assets/js/web3.min.js?ver=wordthree/assets/js/popup-modal.js?ver=wordthree/assets/js/metamask.js?ver=wordthree/assets/js/metamask-login.js?ver=wordthree/assets/css/admin.css?ver=wordthree/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

wordthree-metamask-popup-modal

HTML Comments

<!-- Popup modal view
     Loaded in footer -->

Data Attributes

data-noncedata-api-urldata-token-urldata-login-urldata-register-urldata-unlink-url+1 more

JS Globals

wordthree

REST Endpoints

/wp-json/wordthree/generate-nonce/wp-json/wordthree/login/wp-json/wordthree/register/wp-json/wordthree/link/wp-json/wordthree/unlink

FAQ