Category Order and Taxonomy Terms Order is a lightweight yet powerful WordPress plugin that enables administrators to reorder categories and custom taxonomy terms with a drag-and-drop interface. Developed by Nsp-Code, this plugin enhances site structure and usability without requiring theme or plugin modifications.
While primarily a tool for content organization, it also interacts directly with queries and the WordPress admin environment—areas where poorly implemented code could create vulnerabilities. That’s why CleanTalk’s Plugin Security Certification (PSC-2025-64595) is an important milestone: it validates that this plugin has been extensively audited and is safe to use in production environments.
| Name of | Category Order and Taxonomy Terms Order |
| Version | 1.9 |
| Downloads | 500 000+ |
| Description | Adds a more advanced paging navigation interface. |
| Security | Successfully tested for: SQL Injection (SQLi) Cross-Site Scripting (XSS) – Stored & Reflected Cross-Site Request Forgery (CSRF) Authentication Vulnerabilities Authentication Bypass Exploits Privilege Escalation Buffer Overflow Denial-of-Service (DoS) vectors Data Leakage Vulnerabilities Insecure Dependency Usage Remote Code Execution (RCE) Risks Unauthorized File Access Insufficient Injection Protection Information Disclosure via Misconfigured Endpoints |
| CleanTalk Certification | Proudly earned the “Plugin Security Certification” (PSC) from CleanTalk, indicating adherence to stringent security standards. |
| Additional Information | Users can confidently manage age restrictions with the assurance of the “Plugin Security Certification” (PSC). Verify the latest details on the plugin developer’s website. |
| Plugin Security Certification by CleanTalk |  |
| Logo of the plugin |  |
PSC by CleantalkJoin the community of developers who prioritize security. Highlight your plugin in the WordPress catalog.
Key Features
Drag-and-Drop Sorting: Reorder categories and custom taxonomy terms quickly and intuitively.
Hierarchical Term Support: Works seamlessly with parent/child taxonomies, preserving relationships.
Global Compatibility: No updates to themes or plugins required—the plugin applies sorting logic directly to queries.
Admin Interface Integration: Sort order can be reflected in the WordPress admin for better consistency.
Custom Post Type Support: Manage multiple taxonomies associated with custom post types.
Localization Ready: Available in over 20 languages, including English, French, German, Spanish, Russian, Japanese, and Chinese.
Flexible Contribution: Fully translatable through WordPress Translate.
Security Assurance
During the PSC-2025-64595 audit, the plugin underwent static code analysis, dynamic runtime testing, and penetration test simulations. All results confirm that Category Order and Taxonomy Terms Order v1.9 adheres to secure coding standards.
It was successfully tested and cleared for:
- ✅ SQL Injection (SQLi) – all database queries use safe WordPress API functions and proper escaping.
- ✅ Cross-Site Scripting (XSS) – input and output are sanitized and escaped before rendering.
- ✅ Cross-Site Request Forgery (CSRF) – administrative actions are properly protected with WordPress nonces.
- ✅ Authentication Vulnerabilities – only users with the correct capabilities can access sorting functionality.
- ✅ Authentication Bypass – no direct file access or privilege downgrades possible.
- ✅ Privilege Escalation – strict checks ensure taxonomy order changes are restricted to administrators/editors.
- ✅ Buffer Overflow – no unsafe memory operations detected.
- ✅ Denial-of-Service (DoS) – plugin logic is optimized and does not allow malicious looping or resource abuse.
- ✅ Data Leakage – no sensitive information is exposed via error messages or endpoints.
- ✅ Insecure Dependencies – no outdated or unmaintained libraries used.
- ✅ Remote Code Execution (RCE) – no unsafe evals or code injections.
- ✅ File Unauthorized Access – no direct file inclusion or exposure of arbitrary paths.
- ✅ Insufficient Injection Protection – strict WordPress APIs are used to mitigate injections.
- ✅ Information Leakage – no debug data or internal structures are exposed to users.
This confirms the plugin is resilient to common and advanced attack vectors, ensuring administrators can integrate it into their sites without introducing security risks.
Conclusion
Category Order and Taxonomy Terms Order is more than just a taxonomy management tool—it’s now a certified secure plugin, recognized by CleanTalk’s Plugin Security Certification (PSC-2025-64595).
Its lightweight design, multilingual availability, and compatibility with WordPress standards make it an essential plugin for developers and administrators who want to improve content navigation. With its security-first approach, the plugin can be deployed confidently across corporate, e-commerce, and content-heavy WordPress sites.
Note: The date and certification information may change over time. It is advisable to verify the latest details on the plugin developer’s website.