Does WP Widget in Navigation have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Widget in Navigation have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Widget in Navigation compatible with WordPress 6.8.5?

According to WordPress.org data, WP Widget in Navigation 3.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is WP Widget in Navigation updated?

WP Widget in Navigation was last updated on Feb 23, 2026. Frequent updates are generally a positive security signal.

What is WP Widget in Navigation's security score?

WP Widget in Navigation has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Widget in Navigation Security & Risk Analysis

wordpress.org/plugins/wp-widget-in-navigation

Put your Widget in Navigation easily!

3K active installs v3.1 PHP + WP 5.4+ Updated Feb 23, 2026

menunavnavigationwidgetwidgets

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Widget in Navigation Safe to Use in 2026?

Generally Safe

Score 100/100

WP Widget in Navigation has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The wp-widget-in-navigation plugin v3.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and has no recorded historical vulnerabilities, suggesting a generally well-maintained codebase. The absence of dangerous functions, file operations, and external HTTP requests further bolsters its security. However, there are significant concerns arising from the static analysis. The plugin has a small but concerning attack surface, with one of its three AJAX handlers lacking proper authentication checks. Furthermore, a significant portion (100%) of its output is not properly escaped, presenting a risk of cross-site scripting (XSS) vulnerabilities, especially when combined with the unprotected AJAX endpoint. The lack of taint analysis data is noted, but the existing code signals of unescaped output and unprotected AJAX are sufficient to warrant caution.

Key Concerns

AJAX handler without auth check
Output not properly escaped

Vulnerabilities

None known

WP Widget in Navigation Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP Widget in Navigation Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped3 total outputs

Attack Surface

1 unprotected

WP Widget in Navigation Attack Surface

Entry Points3

Unprotected1

AJAX Handlers 3

authwp_ajax_add-menu-iteminit\main-yspl-win.php:222

authwp_ajax_yspl_win_add_menu_iteminit\main-yspl-win.php:223

authwp_ajax_yspl_get_lightbox_htmlinit\main-yspl-win.php:225

WordPress Hooks 8

filteradmin_body_classinit\main-yspl-win.php:22

actionwidgets_initinit\main-yspl-win.php:24

actionadmin_enqueue_scriptsinit\main-yspl-win.php:27

actionwp_enqueue_scriptsinit\main-yspl-win.php:30

filterwp_setup_nav_menu_iteminit\main-yspl-win.php:33

actionadmin_initinit\main-yspl-win.php:36

filterysplmenu_tabsinit\main-yspl-win.php:38

filterwalker_nav_menu_start_elinit\menu-yspl-win.php:8

Maintenance & Trust

WP Widget in Navigation Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedFeb 23, 2026

PHP min version

Downloads37K

Community Trust

Rating94/100

Number of ratings15

Active installs3K

Alternatives

WP Widget in Navigation Alternatives

Bellows Accordion Menu

bellows-accordion-menu

A flexible and robust accordion menu plugin

10K 2 CVEs

Menubar Widgets

menubar-widgets

A standard wordpress plugin that helps you add multiple widgets to navigation menu item.

100 No CVEs

Page Menus Widget

page-menus-widget

100

Menu with Page Assignment Widget

30 No CVEs

Custom Menu Wizard Widget

custom-menu-wizard

Show branches or levels of your menu in a widget, or in content using a shortcode, with full customisation.

3K No CVEs

Better Menu Widget

better-menu-widget

Better Menu Widget makes it easy to customize your menu widgets by adding css styles and a heading link.

600 No CVEs

Developer Profile

WP Widget in Navigation Developer Profile

Yudiz Solutions Pvt. Ltd.

1 plugin · 3K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Widget in Navigation

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-widget-in-navigation/css/yspl-win-admin.css/wp-content/plugins/wp-widget-in-navigation/css/yspl-win-frontend.css/wp-content/plugins/wp-widget-in-navigation/js/yspl-win-admin.js

Script Paths

/wp-content/plugins/wp-widget-in-navigation/js/yspl-win-admin.js

Version Parameters

wp-widget-in-navigation/css/yspl-win-admin.css?ver=wp-widget-in-navigation/css/yspl-win-frontend.css?ver=wp-widget-in-navigation/js/yspl-win-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

ysplwin_enabledyspl_win_widget_navyspl_win_title

Data Attributes

yspl_win_attribute_prefixyspl_win_no_widgets_message

FAQ