Advanced Export: Export WordPress Site Data Including Widget, Customizer & Media Files Security & Risk Analysis
wordpress.org/plugins/advanced-exportAdvanced Export is a developer friendly WordPress plugin which gives flexibility to export site data in a zip format.
Is Advanced Export: Export WordPress Site Data Including Widget, Customizer & Media Files Safe to Use in 2026?
Generally Safe
Score 92/100Advanced Export: Export WordPress Site Data Including Widget, Customizer & Media Files has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "advanced-export" plugin version 1.1.0 demonstrates a mixed security posture. On the positive side, the plugin excels in output escaping, ensuring all 30 outputs are properly sanitized, which is a critical security best practice. It also has no recorded history of vulnerabilities (CVEs), suggesting a history of relatively secure development. The absence of external HTTP requests and bundled libraries further reduces potential attack vectors. However, a significant concern arises from its attack surface. With one AJAX handler identified, and notably, this handler lacks any authentication checks, it presents a direct and unprotected entry point for attackers. While taint analysis shows no critical or high-severity flows, the unprotected AJAX handler is a prime candidate for potential abuse if it handles user-supplied data without proper validation or authorization. The limited number of SQL queries and the fact that 50% use prepared statements is acceptable, but the remaining non-prepared queries could be a minor risk depending on the data they process.
Key Concerns
- Unprotected AJAX handler
- SQL queries not fully prepared
Advanced Export: Export WordPress Site Data Including Widget, Customizer & Media Files Security Vulnerabilities
Advanced Export: Export WordPress Site Data Including Widget, Customizer & Media Files Code Analysis
SQL Query Safety
Output Escaping
Advanced Export: Export WordPress Site Data Including Widget, Customizer & Media Files Attack Surface
AJAX Handlers 1
WordPress Hooks 6
Maintenance & Trust
Advanced Export: Export WordPress Site Data Including Widget, Customizer & Media Files Maintenance & Trust
Maintenance Signals
Community Trust
Advanced Export: Export WordPress Site Data Including Widget, Customizer & Media Files Alternatives
Customizer Export/Import
customizer-export-import
Easily export or import your WordPress customizer settings!
Customizer Reset – Export & Import
customizer-reset
Reset, export, and import your WordPress Customizer settings with just one click of a button.
Advanced Addons, Theme & Core Exporter
advanced-addons-theme-core-exporter
Download installed plugins, themes, and WordPress core files directly from your dashboard. Ideal for backups, migration, and development.
Customizer EX
customizer-ex
Simple Export and Import Customizer settings
Advanced Export: Export WordPress Site Data Including Widget, Customizer & Media Files Developer Profile
5 plugins · 92K total installs
How We Detect Advanced Export: Export WordPress Site Data Including Widget, Customizer & Media Files
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/advanced-export/assets/css/advanced-export-admin.css/wp-content/plugins/advanced-export/assets/js/advanced-export-admin.js/wp-content/plugins/advanced-export/assets/js/advanced-export-admin.jsadvanced-export-admin.css?ver=advanced-export-admin.js?ver=HTML / DOM Fingerprints
data-advanced-export-downloadadvanced_export_js_object<div id="advanced-export-ajax-form-data">