WP-Safety

All 404 Redirect to Homepage Security & Risk Analysis

wordpress.org/plugins/all-404-redirect-to-homepage

Using this plugin, you can fix all 404 error links by redirecting them to homepage using the SEO 301 redirection. Improve your SEO rank & pages speed

200K active installs v5.5 PHP + WP 4.5+ Updated Jan 10, 2026
404-errorbroken-imagesredirectionseo-redirect
99
A · Safe
CVEs total2
Unpatched0
Last CVEJun 1, 2021
Plugin page Download
Safety Verdict

Is All 404 Redirect to Homepage Safe to Use in 2026?

Generally Safe

Score 99/100

All 404 Redirect to Homepage has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Jun 1, 2021Updated 2mo ago
Risk Assessment

The 'all-404-redirect-to-homepage' plugin version 5.5 exhibits a mixed security posture. While it demonstrates good practices such as a high percentage of prepared SQL statements and a moderate number of properly escaped outputs, there are significant concerns regarding its attack surface. Specifically, two out of its four AJAX handlers lack authentication checks, presenting a potential entry point for unauthorized actions. The plugin has a history of two medium-severity Cross-Site Scripting (XSS) vulnerabilities, with the last one being in 2021. The absence of currently unpatched vulnerabilities is a positive sign, but the historical pattern of XSS issues, combined with the unprotected AJAX endpoints, suggests a need for careful monitoring and potential remediation. Overall, the plugin has some strengths in its codebase but requires attention to its authentication mechanisms and historical vulnerability trends.

Key Concerns

  • Unprotected AJAX handlers
  • Historical medium severity XSS vulnerabilities
Vulnerabilities
2

All 404 Redirect to Homepage Security Vulnerabilities

CVEs by Year

2 CVEs in 2021
2021
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

WF-0f01c9c8-acd4-44c0-8866-a0a819828006-all-404-redirect-to-homepagemedium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

All 404 Redirect to Homepage & Broken images Redirection <= 2.0 - Cross-Site Scripting

Jun 1, 2021 Patched in 2.1 (966d)
CVE-2021-24326medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

All 404 Redirect to Homepage < 1.21 - Reflected Cross-Site Scripting via tab Parameter

Apr 16, 2021 Patched in 1.21 (1012d)
Code Analysis
Analyzed Mar 16, 2026

All 404 Redirect to Homepage Code Analysis

Dangerous Functions
0
Raw SQL Queries
10
57 prepared
Unescaped Output
46
130 escaped
Nonce Checks
4
Capability Checks
5
File Operations
20
External Requests
0
Bundled Libraries
0

SQL Query Safety

85% prepared67 total queries

Output Escaping

74% escaped176 total outputs
Data Flows
All sanitized

Data Flow Analysis

1 flows
<option_page> (option_page.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

All 404 Redirect to Homepage Attack Surface

Entry Points4
Unprotected2

AJAX Handlers 4

authwp_ajax_P404REDIRECT_HideMsgall-404-redirect-to-homepage.php:24
authwp_ajax_P404REDIRECT_HideAlertall-404-redirect-to-homepage.php:25
authwp_ajax_delete_previous_404_imagefunctions.php:1481
authwp_ajax_send_test_404_emailfunctions.php:1520
WordPress Hooks 25
actionplugins_loadedall-404-redirect-to-homepage.php:17
actionadmin_menuall-404-redirect-to-homepage.php:20
actionadmin_headall-404-redirect-to-homepage.php:21
actionwpall-404-redirect-to-homepage.php:22
actionadmin_enqueue_scriptsall-404-redirect-to-homepage.php:23
actionadmin_bar_menuall-404-redirect-to-homepage.php:27
actionwp_enqueue_scriptsall-404-redirect-to-homepage.php:28
actionadmin_enqueue_scriptsall-404-redirect-to-homepage.php:29
actionwp_footerall-404-redirect-to-homepage.php:78
actionadmin_footerall-404-redirect-to-homepage.php:79
actionwp_footerall-404-redirect-to-homepage.php:219
actionadmin_footerall-404-redirect-to-homepage.php:220
actionadmin_enqueue_scriptsall-404-redirect-to-homepage.php:655
actionadmin_enqueue_scriptsall-404-redirect-to-homepage.php:684
actioncustomize_controls_print_stylesfunctions.php:50
actionplugins_loadedfunctions.php:332
actionadmin_post_clear_redirects_logfunctions.php:345
actionadmin_noticesfunctions.php:411
actionp404_daily_email_summaryfunctions.php:865
actionp404_weekly_email_summaryfunctions.php:866
actionp404_monthly_email_summaryfunctions.php:867
filtercron_schedulesfunctions.php:1422
filterwp_mail_content_typefunctions.php:1552
actionp404_send_scheduled_emailfunctions.php:1774
filterwp_mail_content_typefunctions.php:1792

Scheduled Events 6

p404_daily_email_summary
p404_weekly_email_summary
p404_monthly_email_summary
p404_send_scheduled_email
p404_send_scheduled_email
p404_send_scheduled_email
Maintenance & Trust

All 404 Redirect to Homepage Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 10, 2026
PHP min version
Downloads5.9M

Community Trust

Rating82/100
Number of ratings95
Active installs200K
Alternatives

All 404 Redirect to Homepage Alternatives

301 Redirects – Redirect Manager

301 Redirects – Redirect Manager

eps-301-redirects

A
98

Manage 301 & 302 redirects. Simple redirection & redirects validation. Includes redirect stats & 404 error log.

300K 3 CVEs
Redirect 404 Error Page to Homepage or Custom Page with Logs

Redirect 404 Error Page to Homepage or Custom Page with Logs

redirect-404-error-page-to-homepage-or-custom-page

A
91

Redirect the 404 error page to the homepage or any other page with logs. Supports permanent (301), temporary (302) redirects & not found (404).

10K 2 CVEs
SEO Redirection Plugin – 301 Redirect Manager

SEO Redirection Plugin – 301 Redirect Manager

seo-redirection

A
96

SEO Redirection is a powerful redirect manager to manage 301 redirects without requiring knowledge of Apache .htaccess files.

10K 9 CVEs
Redirect 404 Error Page to Homepage

Redirect 404 Error Page to Homepage

redirect-404-error-page-to-homepage

A
85

Redirect 404 Error Page to Homepage

7K No CVEs
Redirect 404 to Home Page – Custom URL

Redirect 404 to Home Page – Custom URL

redirect-404-to-home-page-custom-url

A
92

This Wordpress Plugin fixes 404 Errors in Google Webmasters by Redirecting all 404 URLs to Home Page or a Custom URL.

4K No CVEs
Developer Profile

All 404 Redirect to Homepage Developer Profile

wp-buy

13 plugins · 355K total installs

73
trust score
Avg Security Score
92/100
Avg Patch Time
926 days
View full developer profile
Detection Fingerprints

How We Detect All 404 Redirect to Homepage

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/all-404-redirect-to-homepage/js/canvasjs.min.js

HTML / DOM Fingerprints

CSS Classes
p404-redirect-dropdown-containerp404-redirect-card
Data Attributes
id="p404RedirectChart"
JS Globals
p404_redirect_chart_data
FAQ

Frequently Asked Questions about All 404 Redirect to Homepage