24TT Document Verifier Security & Risk Analysis
wordpress.org/plugins/24tt-document-verifierThe 24TT Document Verifier is a powerful, enterprise-grade solution designed for institutions, universities, businesses, and government bodies globall …
Is 24TT Document Verifier Safe to Use in 2026?
Generally Safe
Score 100/10024TT Document Verifier has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "24tt-document-verifier" v2.0.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices with a high percentage of properly escaped output and no file operations or external HTTP requests, contributing to a generally clean code base. The absence of recorded vulnerabilities in its history is also a strong indicator of past security diligence. However, the analysis reveals a significant concern regarding unprotected entry points. The presence of an unprotected AJAX handler, along with a lack of explicit permission checks on all entry points, presents a potential avenue for unauthorized actions if malicious data can be injected or if the handler performs sensitive operations.
While taint analysis did not reveal any critical or high severity unsanitized flows, the unprotected AJAX handler remains a notable risk. The SQL queries, though few, are not using prepared statements, which, while not flagged as critical here due to the low number and lack of identified vulnerabilities, is a practice that can lead to SQL injection vulnerabilities in more complex scenarios. The plugin's limited attack surface and strong output escaping mitigate some of the inherent risks, but the unprotected AJAX handler is the most prominent weakness that warrants attention for a more robust security profile.
Key Concerns
- Unprotected AJAX handler
- SQL queries without prepared statements
24TT Document Verifier Security Vulnerabilities
24TT Document Verifier Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
24TT Document Verifier Attack Surface
AJAX Handlers 1
Shortcodes 1
WordPress Hooks 14
Maintenance & Trust
24TT Document Verifier Maintenance & Trust
Maintenance Signals
Community Trust
24TT Document Verifier Alternatives
Jetpack CRM – Clients, Leads, Invoices, Billing, Email Marketing, & Automation
zero-bs-crm
The CRM for small businesses. Manage leads, invoicing, billing, email marketing, clients, contacts, quotes, automation. Works with WooCommerce too.
WP Customer Area
customer-area
WP Customer Area is a modular all-in-one solution to manage private content with WordPress.
easy.jobs – AI powered Job Listing, Job Board, Career Page, Recruitment & Hiring Solution
easyjobs
Easy solution for job recruitment to attract, manage & hire the right talent faster. Create and manage job listings, career pages, and recruitment …
Wompi Portal de Pagos
wompi-portal-de-pagos
Pasarela de Pago de WooCommerce para Wompi
Client Portal – Private user pages and login
client-portal
WordPress Client Portal Plugin that creates private pages for all users that only an administrator can edit.
24TT Document Verifier Developer Profile
1 plugin · 100 total installs
How We Detect 24TT Document Verifier
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/24tt-document-verifier/assets/css/ttdvr-admin.css/wp-content/plugins/24tt-document-verifier/assets/js/ttdvr-admin.js/wp-content/plugins/24tt-document-verifier/assets/js/ttdvr-admin.jsttdvr-admin.css?ver=ttdvr-admin.js?ver=HTML / DOM Fingerprints
ttdvr-noticeSECURITY: If this file is called directly, abort.The admin-specific functionality of the plugin.SECURITY: Exit if accessed directly.GROWTH ENGINEERING: Inject links into the WordPress Plugins page!data-ttdvr-noncettdvrAdminVars