Does WP Term Manager have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Term Manager compatible with WordPress 5.8.13?

According to WordPress.org data, WP Term Manager 1.0.2 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

Is WP Term Manager compatible with PHP 5.6+?

WP Term Manager requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WP Term Manager updated?

WP Term Manager was last updated on Jul 23, 2021. Frequent updates are generally a positive security signal.

What is WP Term Manager's security score?

WP Term Manager has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Term Manager Security & Risk Analysis

wordpress.org/plugins/wp-term-manager

WP Term Manager helps users clean up or hide terms for easier administration.

0 active installs v1.0.2 PHP 5.6+ WP 3.9+ Updated Jul 23, 2021

categoriescategorytagtagsterms

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is WP Term Manager Safe to Use in 2026?

Generally Safe

Score 85/100

WP Term Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The "wp-term-manager" v1.0.2 plugin exhibits a seemingly strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events contributing to the attack surface is a positive indicator. Furthermore, the code analysis reveals no dangerous functions, file operations, or external HTTP requests. The fact that all SQL queries utilize prepared statements is excellent practice.

However, there are significant areas of concern. The plugin lacks any nonce checks or capability checks. This means that even if there were entry points, they would not be protected against unauthorized access or manipulation. The low percentage of properly escaped output (10%) suggests a high likelihood of cross-site scripting (XSS) vulnerabilities. The absence of any taint analysis results is unusual and could indicate that the analysis tools were not fully configured or that the plugin's code structure did not lend itself to this type of analysis, potentially masking underlying risks.

The vulnerability history is clean, with no known CVEs. This is a good sign, but it's important to remember that a lack of past vulnerabilities does not guarantee future security, especially given the identified weaknesses in output escaping and authorization checks. The plugin's strengths lie in its lack of complex entry points and secure SQL handling. Its primary weaknesses are the complete absence of authorization mechanisms and the poor output escaping, which presents a considerable risk.

Key Concerns

No nonce checks
No capability checks
Low output escaping (90% unescaped)
No taint flow analysis results (potential masking)

Vulnerabilities

None known

WP Term Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

WP Term Manager Release Timeline

v1.0.2Current

v1.0.1

Code Analysis

Analyzed Mar 17, 2026

WP Term Manager Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

10% escaped10 total outputs

Attack Surface

WP Term Manager Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actioncmb2_admin_initincludes\Settings.php:21

actioncmb2_admin_initincludes\Settings.php:22

filterlist_terms_exclusionsincludes\Settings.php:23

actionadmin_footerincludes\Settings.php:24

actionplugins_loadedwp-term-manager.php:44

actioninitwp-term-manager.php:65

Maintenance & Trust

WP Term Manager Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedJul 23, 2021

PHP min version5.6

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

WP Term Manager Alternatives

Re-trigger Scheduled Posts

re-trigger-scheduled-posts

Originally adapted from Scheduled Post Trigger to be more resource efficient.

0 No CVEs

Bulk Term Generator – Import multiple tags, categories, and taxonomies easily

bulk-term-generator

Streamline taxonomy management in WordPress with Bulk Term Generator, your free tool for easy, bulk term importing.

2K No CVEs

Custom Recent Posts Widget

custom-recent-posts-widget

A widget to show recent posts list based on categories or tags

1K No CVEs

JSM Show Term Metadata

jsm-show-term-meta

100

Show term metadata in a metabox when editing terms - a great tool for debugging issues with term metadata.

800 No CVEs

Bulk Add Terms

bulk-add-terms

A lightweight plugin to add thousands of taxonomy terms in one go.

600 No CVEs

Developer Profile

WP Term Manager Developer Profile

Landon

2 plugins · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Term Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-term-manager/vendor/autoload.php

HTML / DOM Fingerprints

FAQ