WP-Safety

AjaxPress – Single Page Application for WP | No Reload, Instant Navigation Security & Risk Analysis

wordpress.org/plugins/ajaxpress

The most awaited plugin that transforms any WP site into a Single Page Application in seconds. No page reload, instant navigation, persistent playback …

50 active installs v2.3.0 PHP 5.6+ WP 5.3+ Updated Jan 23, 2026
instant-navigationno-reloadpersistent-playersingle-page-applicationspa
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is AjaxPress – Single Page Application for WP | No Reload, Instant Navigation Safe to Use in 2026?

Generally Safe

Score 100/100

AjaxPress – Single Page Application for WP | No Reload, Instant Navigation has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The ajaxpress plugin v2.3.0 demonstrates a generally strong security posture based on the static analysis provided. The plugin avoids dangerous functions, exclusively uses prepared statements for its SQL queries, and exhibits a high degree of output escaping, with nearly all outputs being properly sanitized. Furthermore, the absence of file operations and external HTTP requests, along with the lack of known vulnerabilities in its history, are positive indicators of secure development practices. The plugin also incorporates capability checks where appropriate. However, a notable area for improvement is the complete absence of nonce checks across its AJAX handlers. While the REST API routes are protected by permission callbacks, the lack of nonce verification on AJAX endpoints presents a potential weakness that could be exploited by attackers to trick authenticated users into performing unintended actions if the AJAX requests themselves do not have inherent CSRF protection. The limited attack surface is a positive, but the missing nonce checks on AJAX handlers remain a specific concern.

Key Concerns

  • Missing nonce checks on AJAX handlers
Vulnerabilities
None known

AjaxPress – Single Page Application for WP | No Reload, Instant Navigation Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

AjaxPress – Single Page Application for WP | No Reload, Instant Navigation Release Timeline

v2.3.0Current
v2.2.5
v2.2.4
v2.2.3
v2.2.2
v2.2.1
v2.2.0
v2.1.1
v2.1.0
v2.0.0
v1.3.2
v1.3.1
v1.3.0
v1.1.2
v1.1.1
v1.1.0
v1.0.2
v1.0.1
v1.0.0
Code Analysis
Analyzed Mar 16, 2026

AjaxPress – Single Page Application for WP | No Reload, Instant Navigation Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
1
38 escaped
Nonce Checks
0
Capability Checks
2
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

97% escaped39 total outputs
Attack Surface

AjaxPress – Single Page Application for WP | No Reload, Instant Navigation Attack Surface

Entry Points5
Unprotected0

REST API Routes 5

GET/wp-json/ajaxpresssettingsincludes\admin\class-admin-rest.php:37
GET/wp-json/ajaxpresslicenseincludes\admin\class-admin-rest.php:44
GET/wp-json/ajaxpressdeactivate-feedbackincludes\admin\class-admin-rest.php:51
GET/wp-json/ajaxpressdiagnostic-permissionincludes\admin\class-admin-rest.php:58
GET/wp-json/ajaxpresstourincludes\admin\class-admin-rest.php:65
WordPress Hooks 11
actionadmin_enqueue_scriptsincludes\admin\class-admin-enqueues.php:28
actionadmin_enqueue_scriptsincludes\admin\class-admin-enqueues.php:29
actionadmin_menuincludes\admin\class-admin-hooks.php:25
filterplugin_row_metaincludes\admin\class-admin-hooks.php:33
actioncurrent_screenincludes\admin\class-admin-hooks.php:36
filteradmin_footer_textincludes\admin\class-admin-hooks.php:44
filterupdate_footerincludes\admin\class-admin-hooks.php:45
actionrest_api_initincludes\admin\class-admin-rest.php:26
actionadmin_enqueue_scriptsincludes\admin\class-deactivate-feedback.php:26
actionwp_enqueue_scriptsincludes\classes\class-enqueues.php:23
actionwp_footerincludes\classes\class-templates.php:23
Maintenance & Trust

AjaxPress – Single Page Application for WP | No Reload, Instant Navigation Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 23, 2026
PHP min version5.6
Downloads5K

Community Trust

Rating100/100
Number of ratings4
Active installs50
Alternatives

AjaxPress – Single Page Application for WP | No Reload, Instant Navigation Alternatives

Akismet Anti-spam: Spam Protection

Akismet Anti-spam: Spam Protection

akismet

A
99

The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.

6.0M 2 CVEs
Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]

Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]

disable-comments

A
99

Allows administrators to globally disable comments on their site. Comments can be disabled according to post type. Multisite friendly.

1.0M 1 CVE
Antispam Bee

Antispam Bee

antispam-bee

A
100

Sophisticated antispam plugin for effective daily comment and trackback spam-fighting. Built with data protection and privacy in mind.

700K 1 CVE
Sucuri Security – Auditing, Malware Scanner and Security Hardening

Sucuri Security – Auditing, Malware Scanner and Security Hardening

sucuri-scanner

A
99

The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.

600K 1 CVE
CF7 Apps – Honeypot, Database, Redirection, Webhook, and Addons for Contact Form 7

CF7 Apps – Honeypot, Database, Redirection, Webhook, and Addons for Contact Form 7

contact-form-7-honeypot

A
100

Addons for Contact Form 7 — Honeypot, Database Entries, Redirection, Spam Protection, Webhooks, ACF integration for Contact Form 7, and more.

300K No CVEs
Developer Profile

AjaxPress – Single Page Application for WP | No Reload, Instant Navigation Developer Profile

ArrayStory

1 plugin · 50 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect AjaxPress – Single Page Application for WP | No Reload, Instant Navigation

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ajaxpress/public/css/ajaxpress.min.css/wp-content/plugins/ajaxpress/public/js/ajaxpress.min.js/wp-content/plugins/ajaxpress/public/css/admin.min.css/wp-content/plugins/ajaxpress/public/js/admin.min.js/wp-content/plugins/ajaxpress/public/css/blank.css
Script Paths
/wp-content/plugins/ajaxpress/public/js/ajaxpress.min.js/wp-content/plugins/ajaxpress/public/js/admin.min.js
Version Parameters
ajaxpress.min.css?ver=ajaxpress.min.js?ver=admin.min.css?ver=admin.min.js?ver=blank.css?ver=

HTML / DOM Fingerprints

CSS Classes
dashicons-ajaxpress
JS Globals
ajaxpress_varsajaxpress_admin_vars
REST Endpoints
/wp-json/ajaxpress/
FAQ

Frequently Asked Questions about AjaxPress – Single Page Application for WP | No Reload, Instant Navigation