Does wpsmegamenu have any unpatched vulnerabilities?

No. All known vulnerabilities in wpsmegamenu have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is wpsmegamenu compatible with WordPress 6.5.8?

According to WordPress.org data, wpsmegamenu 1.0.0 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

Is wpsmegamenu compatible with PHP 5.6+?

wpsmegamenu requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is wpsmegamenu updated?

wpsmegamenu was last updated on Jul 14, 2024. Frequent updates are generally a positive security signal.

What is wpsmegamenu's security score?

wpsmegamenu has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

wpsmegamenu Security & Risk Analysis

wordpress.org/plugins/wpsmegamenu

wpsmegamenu is Elemntor Addon and Theme Making Mega Menu with Short-code as Custom Post

0 active installs v1.0.0 PHP 5.6+ WP 4.6+ Updated Jul 14, 2024

envato-themewpsmegamenu

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is wpsmegamenu Safe to Use in 2026?

Generally Safe

Score 92/100

wpsmegamenu has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The wpsmegamenu plugin v1.0.0 exhibits a strong security posture based on the provided static analysis. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests is commendable. Furthermore, the plugin demonstrates excellent output sanitization practices, with all identified outputs being properly escaped. The plugin also has a clean vulnerability history, with no recorded CVEs, suggesting a consistent commitment to security by its developers. The limited attack surface, with only one shortcode and no unprotected entry points identified, further bolsters its security. The complete lack of taint analysis findings is also a positive indicator. However, the plugin's zero nonce checks and zero capability checks on its entry points represent a significant concern. While the attack surface is small, any identified vulnerabilities within the shortcode could potentially be exploited without proper authorization checks. This lack of checks, despite the otherwise clean code, leaves a potential gap for privilege escalation or unauthorized action if the shortcode's functionality were to be compromised. Therefore, while the plugin is generally well-coded and free of known vulnerabilities, the missing authorization checks on its sole entry point should be a focus for improvement.

Key Concerns

Missing nonce checks on entry points
Missing capability checks on entry points

Vulnerabilities

None known

wpsmegamenu Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

wpsmegamenu Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

17 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped17 total outputs

Attack Surface

wpsmegamenu Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[WPSMEGAMENU_SHORTCODE] wpsmegamenu.php:171

WordPress Hooks 9

actionwp_enqueue_scriptswpsmegamenu.php:33

actionplugins_loadedwpsmegamenu.php:35

filterwp_nav_menuwpsmegamenu.php:73

actionadmin_menuwpsmegamenu.php:76

actioninitwpsmegamenu.php:154

filterwidget_textwpsmegamenu.php:172

actionadd_meta_boxeswpsmegamenu.php:205

filtermanage_wpsmega_templates_posts_columnswpsmegamenu.php:206

actionmanage_wpsmega_templates_posts_custom_columnwpsmegamenu.php:207

Maintenance & Trust

wpsmegamenu Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedJul 14, 2024

PHP min version5.6

Downloads475

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

wpsmegamenu Alternatives

GS Portfolio for Envato

gs-envato-portfolio

Best Responsive Envato Portfolio Plugin to display Themeforest & Codecanyon Items.

4K 1 unpatched

wpsection

wpsection is an Elementor Addon and Theme Making Plugin

3K 1 CVE

Developer Profile

wpsmegamenu Developer Profile

Rashid

6 plugins · 4K total installs

trust score

Avg Security Score

87/100

Avg Patch Time

8 days

View full developer profile

Detection Fingerprints

How We Detect wpsmegamenu

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wpsmegamenu/assets/css/style.css/wp-content/plugins/wpsmegamenu/assets/js/script.js

Script Paths

/wp-content/plugins/wpsmegamenu/assets/js/script.js

Version Parameters

wpsmegamenu/assets/css/style.css?ver=wpsmegamenu/assets/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

wpsmegamenu_template_pagewpsmegamenu_add_new_page

Data Attributes

id="shortcode-input-class="widefat" value="

JS Globals

console.log('wpsmegamenu script loaded.');

Shortcode Output

[WPSMEGAMENU_SHORTCODE id="

FAQ