WP-Safety

Aazeen extension Security & Risk Analysis

wordpress.org/plugins/aazeen-extension

support for special content types in your website, such as a service Block, client, and team member.

10 active installs v1.0.7 PHP + WP 4.7+ Updated Jun 12, 2018
clientssiteoriginteam-memberswidgetwidgets
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Aazeen extension Safe to Use in 2026?

Generally Safe

Score 85/100

Aazeen extension has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago
Risk Assessment

The aazeen-extension v1.0.7 plugin exhibits a mixed security posture. On the positive side, all SQL queries are properly prepared, and there's a significant number of capability checks and nonce checks present, indicating some level of security awareness in development. The plugin also has no recorded vulnerabilities, which is a strong indicator of a generally secure codebase.

However, there are significant concerns regarding the attack surface. Three AJAX handlers are present, and alarmingly, all three lack authentication checks. This creates a substantial entry point for potential attackers to interact with the plugin's backend functionality without proper authorization. Additionally, the presence of the `unserialize()` function, while not directly exploitable without further context, is often a vector for deserialization vulnerabilities if the input is not strictly controlled and sanitized. The relatively low percentage of properly escaped output (38%) also presents a risk of Cross-Site Scripting (XSS) vulnerabilities, although the taint analysis did not reveal any specific unsanitized flows at this time.

In conclusion, while the absence of historical vulnerabilities and the use of prepared statements are strengths, the unprotected AJAX endpoints and the potential for XSS due to insufficient output escaping are significant weaknesses. The `unserialize()` function also warrants careful scrutiny. Further investigation into the specific actions performed by the unprotected AJAX handlers is crucial to fully assess the risk.

Key Concerns

  • Unprotected AJAX handlers
  • Insufficient output escaping
  • Use of unserialize function
Vulnerabilities
None known

Aazeen extension Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Aazeen extension Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
1190
714 escaped
Nonce Checks
6
Capability Checks
17
File Operations
9
External Requests
1
Bundled Libraries
1

Dangerous Functions Found

unserialize$data = unserialize( $raw );one-click-demo-import\inc\CustomizerImporter.php:87

Bundled Libraries

Select2

Output Escaping

38% escaped1904 total outputs
Attack Surface
3 unprotected

Aazeen extension Attack Surface

Entry Points3
Unprotected3

AJAX Handlers 3

authwp_ajax_ocdi_import_demo_dataone-click-demo-import\inc\OneClickDemoImport.php:107
authwp_ajax_ocdi_import_customizer_dataone-click-demo-import\inc\OneClickDemoImport.php:108
authwp_ajax_ocdi_after_import_dataone-click-demo-import\inc\OneClickDemoImport.php:109
WordPress Hooks 98
filterwpcf7_load_cssaazeen-extensions.php:25
actionadmin_enqueue_scriptsaazeen-extensions.php:46
actioncustomize_controls_enqueue_scriptsaazeen-extensions.php:74
actioninitclass-tgm-plugin-activation.php:268
filterload_textdomain_mofileclass-tgm-plugin-activation.php:269
actioninitclass-tgm-plugin-activation.php:272
actionadmin_menuclass-tgm-plugin-activation.php:421
actionadmin_headclass-tgm-plugin-activation.php:422
filterinstall_plugin_complete_actionsclass-tgm-plugin-activation.php:425
filterupdate_plugin_complete_actionsclass-tgm-plugin-activation.php:426
actionadmin_noticesclass-tgm-plugin-activation.php:429
actionadmin_initclass-tgm-plugin-activation.php:430
actionadmin_enqueue_scriptsclass-tgm-plugin-activation.php:431
actionload-plugins.phpclass-tgm-plugin-activation.php:436
actionswitch_themeclass-tgm-plugin-activation.php:439
actionswitch_themeclass-tgm-plugin-activation.php:442
actionadmin_initclass-tgm-plugin-activation.php:447
actionswitch_themeclass-tgm-plugin-activation.php:452
actionload_textdomain_mofileclass-tgm-plugin-activation.php:475
filterupgrader_source_selectionclass-tgm-plugin-activation.php:889
actionplugins_loadedclass-tgm-plugin-activation.php:2112
filtertgmpa_table_data_itemsclass-tgm-plugin-activation.php:2236
filterupgrader_source_selectionclass-tgm-plugin-activation.php:2977
actionadmin_initclass-tgm-plugin-activation.php:3147
actionupgrader_process_completeclass-tgm-plugin-activation.php:3242
filterupgrader_post_installclass-tgm-plugin-activation.php:3301
filterupgrader_post_installclass-tgm-plugin-activation.php:3446
filterpt-ocdi/plugin_page_setupextensions-functions.php:157
actionadmin_menuextensions-functions.php:174
actionadmin_enqueue_scriptsextensions-functions.php:177
actionadmin_print_footer_scriptsextensions-functions.php:181
filterpt-ocdi/import_filesfunction-demo-pro.php:112
filterpt-ocdi/disable_pt_brandingfunction-demo-pro.php:116
filterpt-ocdi/regenerate_thumbnails_in_content_importfunction-demo-pro.php:118
actionpt-ocdi/after_importfunction-demo-pro.php:137
actionpt-ocdi/time_for_one_ajax_callfunction-demo-pro.php:143
filterpt-ocdi/import_filesfunction-demo.php:122
filterpt-ocdi/disable_pt_brandingfunction-demo.php:126
filterpt-ocdi/regenerate_thumbnails_in_content_importfunction-demo.php:128
actionpt-ocdi/after_importfunction-demo.php:147
actionpt-ocdi/time_for_one_ajax_callfunction-demo.php:153
actionwp_enqueue_scriptsinc\latest-posts-carousel.php:25
actionwidgets_initinc\latest-posts-carousel.php:267
actionwidgets_initinc\latest-posts-masonry.php:281
actionwidgets_initinc\product-carousel.php:246
actionwp_enqueue_scriptsinc\widget-callout.php:28
actionwidgets_initinc\widget-callout.php:430
actionwidgets_initinc\widget-clients.php:275
actionwidgets_initinc\widget-contact.php:428
actionadmin_enqueue_scriptsinc\widget-feature.php:25
actionwidgets_initinc\widget-feature.php:603
actionwp_enqueue_scriptsinc\widget-service-syone.php:24
actionwidgets_initinc\widget-service-syone.php:619
actionwp_enqueue_scriptsinc\widget-service.php:24
actionwidgets_initinc\widget-service.php:607
actionwidgets_initinc\widget-slider-pro.php:857
actionwidgets_initinc\widget-slider.php:461
actionwidgets_initinc\widget-team.php:503
filterrwmb_meta_boxesmeta-box\meta-box.php:125
actionpt-ocdi/before_content_import_executionone-click-demo-import\inc\ImportActions.php:17
actionpt-ocdi/after_content_import_executionone-click-demo-import\inc\ImportActions.php:20
actionpt-ocdi/after_content_import_executionone-click-demo-import\inc\ImportActions.php:21
actionpt-ocdi/after_content_import_executionone-click-demo-import\inc\ImportActions.php:22
actionpt-ocdi/customizer_import_executionone-click-demo-import\inc\ImportActions.php:25
actionpt-ocdi/after_all_import_executionone-click-demo-import\inc\ImportActions.php:28
actionpt-ocdi/widget_settings_arrayone-click-demo-import\inc\ImportActions.php:32
filterwxr_importer.pre_process.userone-click-demo-import\inc\Importer.php:124
filterwxr_importer.pre_process.postone-click-demo-import\inc\Importer.php:127
filterintermediate_image_sizes_advancedone-click-demo-import\inc\Importer.php:131
actionadmin_menuone-click-demo-import\inc\OneClickDemoImport.php:105
actionadmin_enqueue_scriptsone-click-demo-import\inc\OneClickDemoImport.php:106
actionafter_setup_themeone-click-demo-import\inc\OneClickDemoImport.php:110
actionplugins_loadedone-click-demo-import\inc\OneClickDemoImport.php:111
filterpt-ocdi/time_for_one_ajax_callone-click-demo-import\inc\WPCLICommands.php:190
filterwxr_importer.pre_process.termone-click-demo-import\inc\WXRImporter.php:28
actionadmin_noticesone-click-demo-import\one-click-demo-import.php:31
actionadmin_initone-click-demo-import\one-click-demo-import.php:78
filtersiteorigin_panels_widget_dialog_tabssiteorigin-pro.php:22
filtersiteorigin_widgets_widget_folderssiteorigin-pro.php:29
filtersiteorigin_panels_widgetssiteorigin-pro.php:41
actionwp_enqueue_scriptssiteorigin-pro.php:47
filtersiteorigin_panels_prebuilt_layoutssiteorigin-pro.php:97
filtersiteorigin_panels_widget_style_groupssiteorigin-pro.php:108
filtersiteorigin_panels_widget_style_fieldssiteorigin-pro.php:109
filtersiteorigin_panels_widget_style_attributessiteorigin-pro.php:110
filtersiteorigin_panels_widget_style_groupssiteorigin-pro.php:112
filtersiteorigin_panels_widget_style_fieldssiteorigin-pro.php:113
filtersiteorigin_panels_widget_style_attributessiteorigin-pro.php:114
filtersiteorigin_panels_widget_style_groupssiteorigin-pro.php:314
filtersiteorigin_panels_widget_style_fieldssiteorigin-pro.php:315
filtersiteorigin_panels_widget_style_attributessiteorigin-pro.php:316
filtersiteorigin_panels_row_attributessiteorigin-pro.php:383
filtersiteorigin_panels_widget_dialog_tabssiteorigin.php:23
filtersiteorigin_panels_widgetssiteorigin.php:35
actionwp_enqueue_scriptssiteorigin.php:41
filtersiteorigin_panels_prebuilt_layoutssiteorigin.php:92
filtersiteorigin_panels_row_attributessiteorigin.php:102
actiontgmpa_registertgm-activation.php:36
Maintenance & Trust

Aazeen extension Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29
Last updatedJun 12, 2018
PHP min version
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Aazeen extension Alternatives

Azeen Core

Azeen Core

azeen-core

A
85

support for special content types in your website, such as a service Block, client, and team member.

0 No CVEs
Unicon extensions

Unicon extensions

unicon-extensions

A
85

support for special content types in your website, such as a service Block, client, and team member.

70 No CVEs
Promote extensions

Promote extensions

promote-extensions

A
85

support for special content types in your website, such as a service Block, client, and team member,counter.

60 No CVEs
Livemesh SiteOrigin Widgets

Livemesh SiteOrigin Widgets

livemesh-siteorigin-widgets

A
96

A collection of premium quality widgets for use in any widgetized area or in SiteOrigin page builder. SiteOrigin Widgets Bundle is required.

20K 2 CVEs
Ultimate Addons for SiteOrigin

Ultimate Addons for SiteOrigin

addon-so-widgets-bundle

A
85

An ultimate collection of addons for SiteOrigin. SiteOrigin Widgets Bundle is required.

7K No CVEs
Developer Profile

Aazeen extension Developer Profile

themezwp

3 plugins · 140 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Aazeen extension

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/aazeen-extension/assets/fontawesome/css/font-awesome.min.css/wp-content/plugins/aazeen-extension/assets/js/aazeen_widgets_custom_css.min.css/wp-content/plugins/aazeen-extension/customizer/admin.css/wp-content/plugins/aazeen-extension/customizer/customizer-control.js/wp-content/plugins/aazeen-extension/assets/js/widget-media.js
Script Paths
/wp-content/plugins/aazeen-extension/customizer/customizer-control.js

HTML / DOM Fingerprints

CSS Classes
aazeen-widgets
Data Attributes
data-customize-setting-link
JS Globals
objectL10n
FAQ

Frequently Asked Questions about Aazeen extension