Does WP Multisite Content Copier/Updater have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Multisite Content Copier/Updater have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Multisite Content Copier/Updater compatible with WordPress 6.9.4?

According to WordPress.org data, WP Multisite Content Copier/Updater 2.0.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is WP Multisite Content Copier/Updater updated?

WP Multisite Content Copier/Updater was last updated on Dec 12, 2025. Frequent updates are generally a positive security signal.

What is WP Multisite Content Copier/Updater's security score?

WP Multisite Content Copier/Updater has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Multisite Content Copier/Updater Security & Risk Analysis

wordpress.org/plugins/wp-multisite-content-copier

Copy/Update posts and pages from one site (blog) to the other sites (blogs) in your WordPress Multisite Network.

800 active installs v2.0.2 PHP + WP 4.1+ Updated Dec 12, 2025

content-copiercopiercopymultisiteposts-copy

A · Safe

CVEs total3

Unpatched0

Last CVEJul 10, 2024

Download

Safety Verdict

Is WP Multisite Content Copier/Updater Safe to Use in 2026?

Generally Safe

Score 98/100

WP Multisite Content Copier/Updater has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: Jul 10, 2024Updated 3mo ago

Risk Assessment

The "wp-multisite-content-copier" plugin v2.0.2 presents a mixed security posture. While static analysis indicates a strong adherence to output escaping best practices and no critical or high-severity taint flows, significant concerns remain due to the unprotected nature of its entry points. The presence of two AJAX handlers without authentication checks creates a direct pathway for attackers to potentially trigger plugin functionalities without proper authorization, which is a critical security weakness.

The vulnerability history reveals a pattern of medium-severity Cross-Site Scripting (XSS) vulnerabilities, with the last one being quite recent. Although there are no currently unpatched vulnerabilities, this history suggests a recurring issue with sanitizing user input before it's rendered, which could be exploited if new similar vulnerabilities are introduced or remain unfixed.

Despite the lack of dangerous functions and external HTTP requests, the unprotected AJAX handlers and the past prevalence of XSS vulnerabilities indicate areas requiring immediate attention. The plugin's strengths lie in its diligent output escaping and lack of critical code-level issues in this analysis. However, the unprotected entry points and historical vulnerability pattern elevate the overall risk profile.

Key Concerns

AJAX handlers without auth checks
No nonce checks on AJAX
SQL queries without prepared statements
Recent medium severity XSS vulnerabilities

Vulnerabilities

WP Multisite Content Copier/Updater Security Vulnerabilities

CVEs by Year

2 CVEs in 2022

2022

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

3 total CVEs

CVE-2024-38673medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Multisite Content Copier/Updater <= 2.0.0 - Reflected Cross-Site Scripting

Jul 10, 2024 Patched in 2.0.1 (21d)

WF-426021d3-e302-4c2a-8d5c-f2a2fc20e45b-wp-multisite-content-copiermedium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WordPress Multisite Content Copier/Updater <= 1.4.0 - Cross-Site Scripting

Jun 17, 2022 Patched in 1.5.0 (585d)

CVE-2021-25039medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Multisite Content Copier/Updater <= 1.4.0 - Reflected Cross-Site Scripting

Feb 7, 2022 Patched in 1.5.0 (715d)

Code Analysis

Analyzed Mar 16, 2026

WP Multisite Content Copier/Updater Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

74 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared11 total queries

Output Escaping

94% escaped79 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

wmcc_wordpress_multisite_content_copier (include\wmcc-network.php:13)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

WP Multisite Content Copier/Updater Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_display_content_copierinclude\wmcc-functions.php:7

authwp_ajax_send_content_copierinclude\wmcc-functions.php:109

WordPress Hooks 3

actionadd_meta_boxesinclude\content-copier.php:7

actionnetwork_admin_menuinclude\wmcc-network.php:3

actionadmin_enqueue_scriptswp-multisite-content-copier.php:51

Maintenance & Trust

WP Multisite Content Copier/Updater Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 12, 2025

PHP min version

Downloads56K

Community Trust

Rating82/100

Number of ratings17

Active installs800

Alternatives

WP Multisite Content Copier/Updater Alternatives

Sync Posts

sync-posts

Sync Posts is a WordPress plugin that allows you to sync posts from another website using a URL. With this plugin, you can easily import Post Title, C …

100 1 unpatched