Does Export Themes have any unpatched vulnerabilities?

No. All known vulnerabilities in Export Themes have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Export Themes compatible with WordPress 5.4.19?

According to WordPress.org data, Export Themes 2.12 has been tested up to WordPress 5.4.19. Check the plugin's changelog for the latest compatibility information.

How often is Export Themes updated?

Export Themes was last updated on Apr 10, 2020. Frequent updates are generally a positive security signal.

What is Export Themes's security score?

Export Themes has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Export Themes Security & Risk Analysis

wordpress.org/plugins/wp-clone-template

With this plugin you'll be able to export your themes in a .zip file and then install with that .zip file the same theme in other servers using t …

3K active installs v2.12 PHP + WP 4.0+ Updated Apr 10, 2020

clone-templatescopy-themestemplatetemplatesthemes

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Export Themes Safe to Use in 2026?

Generally Safe

Score 85/100

Export Themes has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The "wp-clone-template" v2.12 plugin exhibits a generally good security posture with a remarkably small attack surface, reporting zero AJAX handlers, REST API routes, shortcodes, or cron events that could serve as entry points. The absence of known CVEs and a clean vulnerability history further bolster this impression, suggesting a history of responsible development and maintenance.

However, several concerning signals emerge from the static analysis. The complete lack of output escaping on all identified outputs (3 total) presents a significant risk of Cross-Site Scripting (XSS) vulnerabilities. Additionally, the presence of file operations (4) combined with a taint analysis revealing one flow with unsanitized paths is highly concerning, especially without any accompanying capability checks or nonce checks to validate user intent and authority. While the SQL queries are safely prepared, the other potential vectors for attack are not adequately protected.

In conclusion, while the plugin's minimal attack surface and lack of historical vulnerabilities are strengths, the critical deficiencies in output escaping and the identified unsanitized path flow, coupled with the absence of nonces and capability checks on potentially sensitive file operations, create substantial security risks that require immediate attention. The plugin has strong potential but needs significant hardening in key areas.

Key Concerns

Unescaped output (3 outputs)
Taint flow with unsanitized paths (1 flow)
File operations without capability checks
File operations without nonce checks

Vulnerabilities

None known

Export Themes Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Export Themes Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped3 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths

<export> (views\export.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Export Themes Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionactivate_wp-clone-template/main.phpmain.php:11

actiondeactivate_wp-clone-template/main.phpmain.php:12

actionadmin_menumain.php:39

actioninitmain.php:100

actioninitmain.php:105

actioninitmain.php:117

Maintenance & Trust

Export Themes Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19

Last updatedApr 10, 2020

PHP min version

Downloads120K

Community Trust

Rating98/100

Number of ratings13

Active installs3K

Alternatives

Export Themes Alternatives

Utimate Kit ( Styler ) for WPForms

styler-for-wpforms

100

Ultimate Kit for WPForms makes the task of designing WPForms an easy one.

30K No CVEs

Demo Importer Plus

demo-importer-plus

Import the demo content, widgets, customizer settings and theme settings with a single click without any hassle.

10K 5 CVEs

Templateberg – Gutenberg Templates, WordPress Themes Template Kits & WordPress Templates

templateberg

100

Templateberg offers Gutenberg templates & WordPress theme kits. Import pre-designed layouts & build beautiful sites fast.

7K No CVEs

Search My Theme

search-my-theme

Search Your Theme

300 No CVEs

Aarambha Demo Sites

aarambha-demo-sites

Import Aarambha Themes inbuilt themes demo content, widgets and its all settings with one click.

200 No CVEs

Developer Profile

Export Themes Developer Profile

Sergio Milardovich

4 plugins · 10K total installs

trust score

Avg Security Score

89/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Export Themes

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-clone-template/views/export.php

HTML / DOM Fingerprints

JS Globals

wpct_buffer

FAQ