Does WP Menu Icons have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Menu Icons compatible with WordPress 6.9.4?

According to WordPress.org data, WP Menu Icons 3.4.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is WP Menu Icons compatible with PHP 5.6+?

WP Menu Icons requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WP Menu Icons updated?

WP Menu Icons was last updated on Apr 10, 2026. Frequent updates are generally a positive security signal.

What is WP Menu Icons's security score?

WP Menu Icons has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Menu Icons Security & Risk Analysis

wordpress.org/plugins/wp-menu-icons

WP Menu Icons allows you to add icons to your WordPress menu items.

20K active installs v3.4.2 PHP 5.6+ WP 4.7+ Updated Apr 10, 2026

mega-menumegamenumenumenu-icons

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Menu Icons Safe to Use in 2026?

Generally Safe

Score 100/100

WP Menu Icons has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "wp-menu-icons" v3.4.1 plugin exhibits a generally strong security posture based on the provided static analysis. The plugin has no known CVEs, a clean vulnerability history, and a commendable percentage of properly escaped output. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the plugin's attack surface, and importantly, there are no identified entry points lacking authentication or permission checks. The code signals also indicate a lack of dangerous functions and file operations. However, two SQL queries are present, and neither utilizes prepared statements, representing a potential risk. Furthermore, the plugin makes one external HTTP request, which, while not inherently a vulnerability, is an area to monitor for potential issues if the external service is compromised or misconfigured.

Key Concerns

SQL queries not using prepared statements

Vulnerabilities

None known

WP Menu Icons Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

WP Menu Icons Release Timeline

v3.4.2Current

v3.4.1

v3.4.0

v3.3.9

v3.3.8

v3.3.7

v3.3.6

v3.3.5

v3.3.4

v3.3.3

v3.3.2

v3.3.1

v3.3.0

v3.2.9

v3.2.8

v3.2.7

v3.2.6

v3.2.5

v3.2.4

v3.2.3

Code Analysis

Analyzed Mar 16, 2026

WP Menu Icons Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

76 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared2 total queries

Output Escaping

96% escaped79 total outputs

Attack Surface

WP Menu Icons Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 22

actionwp_default_scriptsjetpack_vendor\automattic\jetpack-assets\actions.php:11

actionplugins_loadedjetpack_vendor\automattic\jetpack-assets\actions.php:12

filterwp_resource_hintsjetpack_vendor\automattic\jetpack-assets\src\class-assets.php:182

actionwp_loadedjetpack_vendor\automattic\jetpack-assets\src\class-script-data.php:38

actionenqueue_block_editor_assetsjetpack_vendor\automattic\jetpack-assets\src\class-script-data.php:52

actionshutdownjetpack_vendor\automattic\jetpack-status\src\class-errors.php:38

actionwp_network_dashboard_setupjetpack_vendor\quadlayers\wp-dashboard-widget-news\src\Load.php:36

actionwp_dashboard_setupjetpack_vendor\quadlayers\wp-dashboard-widget-news\src\Load.php:37

actionadmin_noticesjetpack_vendor\quadlayers\wp-notice-plugin-promote\src\Load.php:95

actionadmin_noticesjetpack_vendor\quadlayers\wp-notice-plugin-promote\src\Load.php:104

actionadmin_noticesjetpack_vendor\quadlayers\wp-notice-plugin-required\src\Load.php:40

filterinstall_plugins_tabsjetpack_vendor\quadlayers\wp-plugin-install-tab\src\Load.php:33

actioninstall_plugins_quadlayersjetpack_vendor\quadlayers\wp-plugin-install-tab\src\Load.php:34

actionplugins_loadedjetpack_vendor\quadlayers\wp-plugin-suggestions\src\Page.php:47

actionadmin_menujetpack_vendor\quadlayers\wp-plugin-suggestions\src\Page.php:50

actionadmin_initjetpack_vendor\quadlayers\wp-plugin-suggestions\src\Page.php:55

filternetwork_admin_urljetpack_vendor\quadlayers\wp-plugin-suggestions\src\Page.php:56

filterself_admin_urljetpack_vendor\quadlayers\wp-plugin-suggestions\src\Table.php:52

filternetwork_admin_urljetpack_vendor\quadlayers\wp-plugin-suggestions\src\Table.php:53

filterplugin_row_metajetpack_vendor\quadlayers\wp-plugin-table-links\src\Load.php:36

actioninitvendor_packages\wp-notice-plugin-promote.php:4

actioninitvendor_packages\wp-plugin-table-links.php:4

Maintenance & Trust

WP Menu Icons Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 10, 2026

PHP min version5.6

Downloads742K

Community Trust

Rating98/100

Number of ratings138

Active installs20K

Alternatives

WP Menu Icons Alternatives

AR Menu Icons

ar-menu-icons

100

Easily enhance your WordPress menu items with a variety of icons using AR Menu Icons.

0 No CVEs

QuadMenu – Mega Menu

quadmenu

Responsive mega menu plugin for WordPress with customizable layouts and an intuitive drag-and-drop builder.

10K 2 CVEs

WP Mega Menu

wp-megamenu

WordPress Mega Menu is a responsive, highly customizable drag and drop menu builder plugin. Download free WordPress megamenu plugin.

9K 1 unpatched

RT Mega Menu – Mega Menu Builder for Elementor & Gutenberg

rt-mega-menu

100

RT Mega Menu is a powerful WordPress mega menu plugin that lets you build advanced, responsive mega menus using Elementor or the Gutenberg block edito …

8K No CVEs

EasyMega

easymega

A Mega Menu plugin that helps you create mega menu easily, beautifully.

6K No CVEs

Developer Profile

WP Menu Icons Developer Profile

quadlayers

17 plugins · 634K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

501 days

View full developer profile

Detection Fingerprints

How We Detect WP Menu Icons

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-menu-icons/assets/css/admin.css/wp-content/plugins/wp-menu-icons/assets/css/menu-icons.css/wp-content/plugins/wp-menu-icons/assets/js/admin.js/wp-content/plugins/wp-menu-icons/assets/js/menu-icons.js

Script Paths

/wp-content/plugins/wp-menu-icons/assets/js/admin.js/wp-content/plugins/wp-menu-icons/assets/js/menu-icons.js

Version Parameters

/wp-content/plugins/wp-menu-icons/assets/css/admin.css?ver=/wp-content/plugins/wp-menu-icons/assets/css/menu-icons.css?ver=/wp-content/plugins/wp-menu-icons/assets/js/admin.js?ver=/wp-content/plugins/wp-menu-icons/assets/js/menu-icons.js?ver=

HTML / DOM Fingerprints

CSS Classes

wp-menu-iconswpmi_adminwpmi-icon-preview

Data Attributes

data-wpmi-menu-iddata-wpmi-menu-item-id

JS Globals

wpmi_vars

FAQ