WP-Safety

WP Manage Plugins Security & Risk Analysis

wordpress.org/plugins/wp-manage-plugins

An easy way to give you more control over the plugins section of WordPress

30 active installs v1.0 PHP + WP 2.7+ Updated Nov 25, 2009
adminconsultantdevhidemanage
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WP Manage Plugins Safe to Use in 2026?

Generally Safe

Score 85/100

WP Manage Plugins has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 16yr ago
Risk Assessment

The "wp-manage-plugins" v1.0 plugin exhibits a generally good security posture based on the provided static analysis. It has no known vulnerabilities in its history, no dangerous functions, and all SQL queries utilize prepared statements. Furthermore, it has a limited attack surface with no REST API routes, shortcodes, or cron events, and its AJAX handlers, while present, appear to be protected by authentication checks. The absence of critical or high severity taint flows is also a positive indicator.

However, a notable concern lies in the output escaping. With 43% of outputs properly escaped, this leaves a significant portion (57%) potentially vulnerable to cross-site scripting (XSS) attacks if user-supplied data is not adequately sanitized before being displayed. While the plugin demonstrates good practices in other areas, this weakness in output handling warrants attention.

In conclusion, the plugin's strengths lie in its minimal attack surface and secure handling of database operations and authentication. The lack of historical vulnerabilities further bolsters confidence. The primary weakness is the insufficient output escaping, which introduces a potential risk that should be addressed to achieve a more robust security profile.

Key Concerns

  • Insufficient output escaping (57% unescaped)
Vulnerabilities
None known

WP Manage Plugins Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

WP Manage Plugins Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
12
9 escaped
Nonce Checks
3
Capability Checks
3
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

43% escaped21 total outputs
Data Flows
All sanitized

Data Flow Analysis

4 flows
ignore_unignore (inc\ajax.php:70)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

WP Manage Plugins Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

authwp_ajax_pluginupdateignoreswitchinc\ajax.php:39
authwp_ajax_pluginupdateignoreupdaterowinc\ajax.php:40
WordPress Hooks 9
actionadmin_menuinc\admin.php:41
filterplugin_action_linksinc\admin.php:101
actionafter_plugin_rowinc\admin.php:170
actionadmin_footerinc\admin.php:187
actionadmin_head-plugins.phpinc\jscss.php:39
actionadmin_head-plugins.phpinc\jscss.php:40
actionadmin_footer-plugins.phpinc\jscss.php:41
actioninitwp-manage-plugins.php:103
actionadmin_menuwp-manage-plugins.php:122
Maintenance & Trust

WP Manage Plugins Maintenance & Trust

Maintenance Signals

WordPress version tested2.8.6
Last updatedNov 25, 2009
PHP min version
Downloads7K

Community Trust

Rating100/100
Number of ratings1
Active installs30
Alternatives

WP Manage Plugins Alternatives

Admin Notices Manager

Admin Notices Manager

admin-notices-manager

A
99

Better manage admin notices & never miss important developer messages!

10K 1 CVE
Developer Mode

Developer Mode

developer-mode

A
85

Limit access to the WordPress admin panel for your clients. Block functionality like updating plugins and viewing menu items for administrators, while …

300 No CVEs
WP Plugin Filter

WP Plugin Filter

wp-plugin-filter

A
100

WP Plugin Filter lets you easily hide unnecessary plugins from the WordPress admin dashboard, streamlining plugin management.

30 No CVEs
Modules Insight

Modules Insight

modules-insight

A
100

Provides a quick overview of installed WordPress plugins with their status, exportable as JSON.

20 No CVEs
Disable Admin Notices – Hide Dashboard Notifications

Disable Admin Notices – Hide Dashboard Notifications

disable-admin-notices

A
98

Disable admin notices and hide dashboard notifications from plugins, themes and core. Hide all notices, selected ones, or show them in a single line.

100K 2 CVEs
Developer Profile

WP Manage Plugins Developer Profile

Brad Williams

2 plugins · 40 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect WP Manage Plugins

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-manage-plugins/css/plugin-update-ignore.css/wp-content/plugins/wp-manage-plugins/js/plugin-update-ignore.js
Script Paths
/wp-content/plugins/wp-manage-plugins/inc/ajax.php/wp-content/plugins/wp-manage-plugins/inc/admin.php/wp-content/plugins/wp-manage-plugins/inc/jscss.php
Version Parameters
wp-manage-plugins/css/plugin-update-ignore.css?ver=wp-manage-plugins/js/plugin-update-ignore.js?ver=

HTML / DOM Fingerprints

CSS Classes
pui_notice
HTML Comments
BRM ?><!-- Matt Martz, Brad Williams, Brian Messenlehner, Scott Basgaard -->
Data Attributes
name="pui_display_msg"name="pui_lock"name="pui_hide"name="pui_email_alert"name="update_pui_options"name="pui_save"
JS Globals
PluginUpdateIgnorePluginUpdateIgnoreAjaxPluginUpdateIgnoreAdminPluginUpdateIgnoreJsCss
FAQ

Frequently Asked Questions about WP Manage Plugins