Does WPDevHub Recipe Catalog have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is WPDevHub Recipe Catalog compatible with WordPress 5.3.21?

According to WordPress.org data, WPDevHub Recipe Catalog 2.7 has been tested up to WordPress 5.3.21. Check the plugin's changelog for the latest compatibility information.

How often is WPDevHub Recipe Catalog updated?

WPDevHub Recipe Catalog was last updated on Mar 27, 2020. Frequent updates are generally a positive security signal.

What is WPDevHub Recipe Catalog's security score?

WPDevHub Recipe Catalog has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WPDevHub Recipe Catalog Security & Risk Analysis

wordpress.org/plugins/wpdevhub-recipes

Host Recipes on your WordPress Website

0 active installs v2.7 PHP + WP 4.0+ Updated Mar 27, 2020

recipes-cooking-baking-ingredients

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WPDevHub Recipe Catalog Safe to Use in 2026?

Generally Safe

Score 85/100

WPDevHub Recipe Catalog has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The 'wpdevhub-recipes' plugin v2.7 exhibits a generally good security posture with no known vulnerabilities and a strong emphasis on secure coding practices like prepared statements for all SQL queries and the presence of nonce and capability checks. The static analysis also reveals a very small attack surface with no exposed AJAX handlers, REST API routes, shortcodes, or cron events that are not properly authenticated or authorized.

However, there are a few concerning signals. The presence of the `unserialize` function, combined with a taint flow identified as having an unsanitized path, indicates a potential risk. If this `unserialize` function is used with user-supplied data, it could lead to remote code execution vulnerabilities. The low percentage of properly escaped output (18%) also suggests a risk of Cross-Site Scripting (XSS) vulnerabilities, although the attack surface is minimal.

Given the lack of historical vulnerabilities, it's possible these risks are mitigated by other factors not immediately apparent in the provided data, or that the identified taint flow has been handled internally. Nevertheless, the `unserialize` function and the poor output escaping are definite areas requiring attention to ensure a robust security profile.

Key Concerns

Presence of unserialize function
Taint flow with unsanitized path
Low percentage of properly escaped output

Vulnerabilities

None known

WPDevHub Recipe Catalog Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

WPDevHub Recipe Catalog Release Timeline

v2.7Current

Code Analysis

Analyzed Apr 16, 2026

WPDevHub Recipe Catalog Code Analysis

Dangerous Functions

Raw SQL Queries

21 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserializereturn unserialize(base64_decode($object));classes/core/class.WPDEVHUB_DRC_StandardObjectRecord.php:64

SQL Query Safety

100% prepared21 total queries

Output Escaping

18% escaped50 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths

<inc.settings-base> (pages/inc.settings-base.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WPDevHub Recipe Catalog Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 15

filterpost_thumbnail_htmlclasses/class.WPDEVHUB_DRC_Recipes_Main.php:74

filterpost_row_actionsclasses/class.WPDEVHUB_DRC_Recipes_Main.php:77

actionwidget_comments_argsclasses/core/class.WPDEVHUB_DRC_StandardCustomPostType.php:34

filtercomment_feed_whereclasses/core/class.WPDEVHUB_DRC_StandardCustomPostType.php:35

actionadmin_enqueue_scriptsclasses/core/class.WPDEVHUB_DRC_StandardMain.php:66

actionwp_enqueue_scriptsclasses/core/class.WPDEVHUB_DRC_StandardMain.php:67

actionadmin_menuclasses/core/class.WPDEVHUB_DRC_StandardMain.php:68

actionwp_enqueue_scriptsclasses/core/class.WPDEVHUB_DRC_StandardMain.php:188

filterthe_contentclasses/core/class.WPDEVHUB_DRC_StandardMain.php:391

filterthe_excerptclasses/core/class.WPDEVHUB_DRC_StandardMain.php:392

filterget_the_excerptclasses/core/class.WPDEVHUB_DRC_StandardMain.php:393

filterget_the_archive_titleclasses/core/class.WPDEVHUB_DRC_StandardMain.php:394

actionsave_postclasses/core/class.WPDEVHUB_DRC_StandardMetaBox.php:28

filterthe_contentclasses/core/class.WPDEVHUB_DRC_StandardMetaBox.php:32

actioninitindex.php:34

Maintenance & Trust

WPDevHub Recipe Catalog Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21

Last updatedMar 27, 2020

PHP min version

Downloads806

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

WPDevHub Recipe Catalog Alternatives

No alternatives data available yet.

Developer Profile

WPDevHub Recipe Catalog Developer Profile

benhallbenhall

9 plugins · 80 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WPDevHub Recipe Catalog

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wpdevhub-recipes/css/wpdevhub-drc.css

HTML / DOM Fingerprints

CSS Classes

wpdevhub-drc-recipe-single

HTML Comments

Data Attributes

data-recipe-id

JS Globals

WPDEVHUB_DRC_extra_vars

Shortcode Output

[wpdevhub_drc_display_recipe[wpdevhub_drc_display_category

FAQ