WP Mantis Security & Risk Analysis
wordpress.org/plugins/wp-mantisExtended Version of "WP Mantis Table". Allows to view Changelogs, Roadmaps and Buglists from MantisBT in Wordpress Pages and Post.
Is WP Mantis Safe to Use in 2026?
Generally Safe
Score 85/100WP Mantis has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The wp-mantis v1.2.2 plugin exhibits a generally good security posture with no known vulnerabilities or critical taint analysis findings. The static analysis shows a small attack surface, with only one shortcode as an entry point, and importantly, no unprotected entry points. The use of prepared statements for all SQL queries is a significant strength. However, a major concern is the complete lack of output escaping for all identified outputs. This presents a substantial risk, as unsanitized output can lead to cross-site scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the website. Furthermore, the absence of nonce checks is another weakness, particularly concerning given the potential for Cross-Site Request Forgery (CSRF) if the shortcode were to perform any state-changing actions. While the plugin has no recorded vulnerability history, the identified coding practices (specifically output escaping and nonce checks) indicate areas for improvement to achieve a robust security profile.
Key Concerns
- All outputs are unescaped
- No nonce checks implemented
WP Mantis Security Vulnerabilities
WP Mantis Release Timeline
WP Mantis Code Analysis
Output Escaping
WP Mantis Attack Surface
Shortcodes 1
WordPress Hooks 5
Maintenance & Trust
WP Mantis Maintenance & Trust
Maintenance Signals
Community Trust
WP Mantis Alternatives
Changeloger – Release Notes & Changelog Manager
changeloger
The all-in-one changelog, release notes, public roadmap, and user feedback plugin for WordPress. Beautiful visual designs out of the box.
Unofficial – Frill.co SSO
unofficial-frill-sso
Unofficial Frill.co SSO plugin, enable SSO (Single-sign-on) login from WordPress to [Frill](https://frill.co/ "Frill.co")
WP Mantis Table
wp-mantis-table
This plugin for Wordpress 2.8 and above allows you to insert a simple table listing of issues from a Mantis Bug Tracker into a wordpress page or post.
Timeline Widget For Elementor (Elementor Timeline, Vertical & Horizontal Timeline)
timeline-widget-addon-for-elementor
Highlight your company’s history, milestones, and key events directly inside Elementor using stunning vertical and horizontal timelines.
Cool Timeline (Horizontal & Vertical Timeline)
cool-timeline
Showcase your story or company history, events, and roadmap in an interactive timeline using the powerful Cool Timeline plugin.
WP Mantis Developer Profile
2 plugins · 20 total installs
How We Detect WP Mantis
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/wp-mantis/wp-mantis.css/wp-content/plugins/wp-mantis/paging.js/wp-content/plugins/wp-mantis/jscolor/jscolor.js/wp-content/plugins/wp-mantis/paging.js/wp-content/plugins/wp-mantis/jscolor/jscolor.jsHTML / DOM Fingerprints
name="mantis_soap_url"name="mantis_base_url"name="mantis_user"name="mantis_password"name="mantis_max_desc_lenght"name="mantis_enable_pagination"+2 morewpmantis_only_numbers[Mantis]