WP-Safety

WP Sitemap Control Security & Risk Analysis

wordpress.org/plugins/wp-sitemap-control

WP Sitemap Control allow choosing which public post types or taxonomies should be able in the /wp-sitemap.xml

400 active installs v1.2.1 PHP 8.0+ WP 6.0+ Updated Oct 16, 2025
post-typepost-typessitemapsitemap-xml
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WP Sitemap Control Safe to Use in 2026?

Generally Safe

Score 100/100

WP Sitemap Control has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago
Risk Assessment

The 'wp-sitemap-control' v1.2.1 plugin demonstrates a strong security posture based on the provided static analysis. It exhibits excellent adherence to secure coding practices, notably the complete absence of raw SQL queries and a very high percentage of properly escaped outputs. The plugin also effectively utilizes nonce and capability checks for its identified entry points, further reinforcing its security. The lack of any recorded vulnerabilities, including CVEs, is a significant positive indicator of its development and maintenance history.

From a risk perspective, the analysis reveals no critical or high-severity taint flows, and no dangerous functions are employed. The limited attack surface, consisting of a single AJAX handler with no indication of being unprotected, is also a reassuring sign. The plugin appears to be well-secured against common attack vectors. While there's always room for improvement, such as minimizing bundled libraries if not strictly necessary for functionality, this plugin presents a low-risk profile. The data suggests a developer who prioritizes security and has a history of producing stable, vulnerability-free code.

Vulnerabilities
None known

WP Sitemap Control Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

WP Sitemap Control Release Timeline

v1.2.1Current
v1.2.0
v1.1.2
v1.1.1
v1.1.0
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0.0
v0.0.2
Code Analysis
Analyzed Mar 16, 2026

WP Sitemap Control Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
12
253 escaped
Nonce Checks
4
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Select2

Output Escaping

95% escaped265 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

2 flows
update_taxonomy_options (includes\iworks\options\options.php:1484)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

WP Sitemap Control Attack Surface

Entry Points1
Unprotected0

AJAX Handlers 1

authwp_ajax_iworks_rate_buttonincludes\iworks\rate\rate.php:113
WordPress Hooks 38
actionadd_meta_boxesincludes\iworks\class-wp-sitemap-control.php:70
actionadmin_initincludes\iworks\class-wp-sitemap-control.php:71
actionedit_attachmentincludes\iworks\class-wp-sitemap-control.php:72
actioninitincludes\iworks\class-wp-sitemap-control.php:73
actioninitincludes\iworks\class-wp-sitemap-control.php:74
actioninitincludes\iworks\class-wp-sitemap-control.php:75
actionload-settings_page_wpsmc_indexincludes\iworks\class-wp-sitemap-control.php:76
actionsave_postincludes\iworks\class-wp-sitemap-control.php:77
filterwp_sitemaps_posts_query_argsincludes\iworks\class-wp-sitemap-control.php:78
filterwp_sitemaps_post_typesincludes\iworks\class-wp-sitemap-control.php:82
filterwp_sitemaps_taxonomiesincludes\iworks\class-wp-sitemap-control.php:83
filterwp_sitemaps_posts_query_argsincludes\iworks\class-wp-sitemap-control.php:84
filterwp_sitemaps_posts_entryincludes\iworks\class-wp-sitemap-control.php:85
filterwp_sitemaps_add_providerincludes\iworks\class-wp-sitemap-control.php:86
filteriworks/wp-sitemap-control/optionsincludes\iworks\class-wp-sitemap-control.php:87
actionwp_headincludes\iworks\class-wp-sitemap-control.php:91
filteriworks_rate_notice_logo_styleincludes\iworks\class-wp-sitemap-control.php:96
actionadmin_enqueue_scriptsincludes\iworks\class-wp-sitemap-control.php:194
filterplugin_row_metaincludes\iworks\class-wp-sitemap-control.php:195
actionadmin_enqueue_scriptsincludes\iworks\options\options.php:87
actionadmin_headincludes\iworks\options\options.php:88
actionadmin_menuincludes\iworks\options\options.php:89
actionadmin_noticesincludes\iworks\options\options.php:90
filterscreen_layout_columnsincludes\iworks\options\options.php:91
actionload-index.phpincludes\iworks\rate\rate.php:111
actioniworks-register-pluginincludes\iworks\rate\rate.php:112
actionadmin_initincludes\iworks\rate\rate.php:114
filteriworks_rate_assistanceincludes\iworks\rate\rate.php:118
filteriworks_rate_loveincludes\iworks\rate\rate.php:119
filteriworks_rate_advertising_ogincludes\iworks\rate\rate.php:125
actionadmin_enqueue_scriptsincludes\iworks\rate\rate.php:190
actionadmin_noticesincludes\iworks\rate\rate.php:191
actionadmin_enqueue_scriptsincludes\iworks\rate\rate.php:200
actionadmin_noticesincludes\iworks\rate\rate.php:201
actioncreated_termincludes\iworks\wp-sitemap-control\class-iworks-wp-sitemap-control-taxonomies.php:49
actionedited_termincludes\iworks\wp-sitemap-control\class-iworks-wp-sitemap-control-taxonomies.php:50
actionadmin_initincludes\iworks\wp-sitemap-control\class-iworks-wp-sitemap-control-taxonomies.php:51
filterwp_sitemaps_taxonomies_query_argsincludes\iworks\wp-sitemap-control\class-iworks-wp-sitemap-control-taxonomies.php:52
Maintenance & Trust

WP Sitemap Control Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 16, 2025
PHP min version8.0
Downloads5K

Community Trust

Rating100/100
Number of ratings6
Active installs400
Alternatives

WP Sitemap Control Alternatives

Polylang Dynamic Sitemap Generator

Polylang Dynamic Sitemap Generator

polylang-dynamic-sitemap-generator

A
85

Polylang Dynamic Sitemap Generator is a powerful WordPress plugin that automatically generates SEO-friendly sitemaps for all active languages and post …

70 No CVEs
Custom Post Type UI

Custom Post Type UI

custom-post-type-ui

A
93

Admin UI for creating custom content types like post types and taxonomies

1.0M 4 CVEs
Post Types Order

Post Types Order

post-types-order

A
100

Sort posts and custom post type objects using a drag-and-drop, sortable JavaScript AJAX interface, or through the default WordPress dashboard

600K No CVEs
Meta Box

Meta Box

meta-box

A
89

Meta Box plugin is a powerful, professional developer toolkit to create custom meta boxes and custom fields for your custom post types in WordPress.

500K 7 CVEs
Pods – Custom Content Types and Fields

Pods – Custom Content Types and Fields

pods

A
87

Pods is a framework for creating, managing, and deploying customized content types and fields for any project.

100K 14 CVEs
Developer Profile

WP Sitemap Control Developer Profile

Marcin Pietrzak

23 plugins · 89K total installs

77
trust score
Avg Security Score
97/100
Avg Patch Time
274 days
View full developer profile
Detection Fingerprints

How We Detect WP Sitemap Control

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-sitemap-control/assets/css/style.css/wp-content/plugins/wp-sitemap-control/assets/js/script.js
Script Paths
/wp-content/plugins/wp-sitemap-control/assets/js/script.js
Version Parameters
wp-sitemap-control/assets/css/style.css?ver=wp-sitemap-control/assets/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
term-exclude-from-sitemap-wrap
HTML Comments
<!-- Excluded from sitemap --><!-- Included in sitemap -->
Data Attributes
exclude_from_sitemap
FAQ

Frequently Asked Questions about WP Sitemap Control