Does WP TXT Sitemap have any unpatched vulnerabilities?

No. All known vulnerabilities in WP TXT Sitemap have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP TXT Sitemap compatible with WordPress 5.4.19?

According to WordPress.org data, WP TXT Sitemap 1.3 has been tested up to WordPress 5.4.19. Check the plugin's changelog for the latest compatibility information.

Is WP TXT Sitemap compatible with PHP 5.2.4+?

WP TXT Sitemap requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WP TXT Sitemap updated?

WP TXT Sitemap was last updated on Apr 17, 2020. Frequent updates are generally a positive security signal.

What is WP TXT Sitemap's security score?

WP TXT Sitemap has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP TXT Sitemap Security & Risk Analysis

wordpress.org/plugins/wp-txt-sitemap

WP TXT Sitemap creates an Text Sitemap For your website with auto ping search engines (Google and Bing). This Plugin may help Google quickly discover …

200 active installs v1.3 PHP 5.2.4+ WP 3.5+ Updated Apr 17, 2020

sitemapsitemap-generatorsitemap-plugintext-sitemaptxt-sitemap

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP TXT Sitemap Safe to Use in 2026?

Generally Safe

Score 85/100

WP TXT Sitemap has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The wp-txt-sitemap v1.3 plugin exhibits a generally good security posture with no known CVEs and no critical or high-severity taint flows identified. The absence of dangerous functions and the exclusive use of prepared statements for SQL queries are positive indicators. However, the analysis reveals significant weaknesses concerning output escaping and the lack of authorization checks for core WordPress security mechanisms.

The plugin has 4 total output operations, but none are properly escaped, presenting a risk of cross-site scripting (XSS) vulnerabilities if the output contains user-controlled data or dynamically generated content. Additionally, the absence of nonce checks and capability checks on any entry points, coupled with 0 unprotected entry points, is concerning. While the current static analysis indicates no unprotected entry points and no critical taint flows, the lack of these fundamental security measures means that any future vulnerability or a change in the plugin's functionality could expose the site to attacks without proper authorization verification.

The plugin's vulnerability history is clean, which is a strong positive sign. This, combined with the secure handling of SQL queries and the absence of dangerous functions, suggests a developer who is conscious of some security best practices. However, the identified issues with output escaping and the complete absence of nonce and capability checks represent critical gaps that need to be addressed to achieve a robust security profile. The plugin's strengths lie in its lack of known vulnerabilities and secure database interactions, but its weaknesses in output sanitization and authorization checks pose a notable risk.

Key Concerns

All outputs are unescaped
No nonce checks
No capability checks

Vulnerabilities

None known

WP TXT Sitemap Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP TXT Sitemap Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped4 total outputs

Attack Surface

WP TXT Sitemap Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 10

actionadmin_initincludes\init.php:13

actionplugins_loadedwp-txt-sitemap.php:37

actionadmin_initwp-txt-sitemap.php:57

actionkuegy_txtsitemap_default_optionswp-txt-sitemap.php:60

actionadmin_noticeswp-txt-sitemap.php:106

actionadmin_noticeswp-txt-sitemap.php:112

actionadmin_noticeswp-txt-sitemap.php:116

actionkuegy_txtsitemap_eventwp-txt-sitemap.php:132

actionsave_postwp-txt-sitemap.php:133

actionupdated_optionwp-txt-sitemap.php:134

Scheduled Events 1

kuegy_txtsitemap_event

Maintenance & Trust

WP TXT Sitemap Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19

Last updatedApr 17, 2020

PHP min version5.2.4

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs200

Alternatives

WP TXT Sitemap Alternatives

Simple XML Sitemap Generator

simple-xml-sitemap-generator

100

add a sitemap to your wordpress website.

3K No CVEs

WP Simple HTML Sitemap

wp-simple-html-sitemap

Using Simple HTML Sitemap plugin, you can add HTML Sitemap anywhere on the website using Shortcode.

2K 6 CVEs

EAS Sitemap Generator

eas-sitemap-generator

Generate XML.

10 No CVEs

Yoast SEO – Advanced SEO with real-time guidance and built-in AI

wordpress-seo

Improve your SEO with real-time feedback, schema, and clear guidance. Upgrade for AI tools, Google Docs integration, and 24/7 support, no hidden fees.

10.0M 17 CVEs

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic

all-in-one-seo-pack

AIOSEO is the most powerful WordPress SEO plugin. Improve SEO rankings and traffic with comprehensive SEO tools and smart AI SEO optimizations!

3.0M 26 CVEs

Developer Profile

WP TXT Sitemap Developer Profile

kuegy

1 plugin · 200 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP TXT Sitemap

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

dashicons-networking

FAQ