Does [凹凸曼]一键采集今日头条文章 have any unpatched vulnerabilities?

No. All known vulnerabilities in [凹凸曼]一键采集今日头条文章 have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is [凹凸曼]一键采集今日头条文章 compatible with WordPress 6.8.5?

According to WordPress.org data, [凹凸曼]一键采集今日头条文章 1.3.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is [凹凸曼]一键采集今日头条文章 compatible with PHP 7.4+?

[凹凸曼]一键采集今日头条文章 requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is [凹凸曼]一键采集今日头条文章 updated?

[凹凸曼]一键采集今日头条文章 was last updated on Apr 24, 2025. Frequent updates are generally a positive security signal.

What is [凹凸曼]一键采集今日头条文章's security score?

[凹凸曼]一键采集今日头条文章 has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

[凹凸曼]一键采集今日头条文章 Security & Risk Analysis

wordpress.org/plugins/apoyl-grabtoutiao

在编辑器里输入今日头条文章链接，点击采集今日头条文章就自动抓取到编辑器里,非常方便用户获取今日头条文章内容.

10 active installs v1.3.0 PHP 7.4+ WP 6.0+ Updated Apr 24, 2025

%e9%87%87%e9%9b%86toutiao%e6%8a%93%e5%8f%96%e4%bb%8a%e6%97%a5%e5%a4%b4%e6%9d%a1%e6%96%87%e7%ab%a0

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is [凹凸曼]一键采集今日头条文章 Safe to Use in 2026?

Generally Safe

Score 100/100

[凹凸曼]一键采集今日头条文章 has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

The "apoyl-grabtoutiao" plugin v1.3.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and having a high percentage of properly escaped outputs. Furthermore, it has no recorded vulnerability history, suggesting a potentially stable codebase. However, a significant concern arises from the presence of an unprotected AJAX handler, which represents the sole entry point in the attack surface. While taint analysis did not reveal critical or high-severity issues, the two flows with unsanitized paths are concerning and could potentially lead to vulnerabilities if exploited in conjunction with the unprotected AJAX handler. The single external HTTP request also warrants attention, as it could be a vector for various attacks if not properly validated and secured.

Key Concerns

AJAX handler without authentication check
Flows with unsanitized paths identified
External HTTP request without context

Vulnerabilities

None known

[凹凸曼]一键采集今日头条文章 Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

[凹凸曼]一键采集今日头条文章 Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

13 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

87% escaped15 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths

apoyl_grabtoutiao_ajax (admin\admin.php:78)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

[凹凸曼]一键采集今日头条文章 Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_apoyl_grabtoutiao_ajaxincludes\grabtoutiao.php:56

WordPress Hooks 3

actionplugins_loadedincludes\grabtoutiao.php:47

actionadmin_menuincludes\grabtoutiao.php:53

actionadmin_initincludes\grabtoutiao.php:55

Maintenance & Trust

[凹凸曼]一键采集今日头条文章 Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 24, 2025

PHP min version7.4

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

[凹凸曼]一键采集今日头条文章 Alternatives

[凹凸曼]一键采集抖音视频

apoyl-grabdouyin

通过抖音分享视频链接，一键采集抖音视频到自己网站上，非常方便实用的工具。

20 No CVEs

多合一搜索自动推送管理插件-支持Baidu/Google/Bing/IndexNow/Yandex/头条

baidu-submit-link

多合一搜索自动推送管理插件（原百度搜索推送管理插件）是一款针对WP开发的功能非常强大的百度、Google、Bing、IndexNow、Yandex和头条搜索引擎链接推送插件。协助站长将网站资源快速推送至各大搜索引擎，有利于提升网站的搜索引擎收录效率；该插件还提供文章百度收录查询功能。

3K 1 CVE

胖鼠采集(Fat Rat Collect)

fat-rat-collect

胖鼠采集(Fat Rat Collect) 是一款能够帮助你网站自动化的采集工具. 支持采集、微信、简书、知乎、自定义列表页、自定义详情页面、还有许多特色功能、还可一键采集历史文章, 一键设置自动采集, 自动发布, 为您节省精力, 快来体验一下吧!

1K 2 CVEs

简数采集器

keydatas

简数采集器不仅提供网页文章全自动采集、定时采集等基本功能，还创新实现了智能识别和鼠标可视化点选生成采集规则(不用手写规则)、书签一键采集等特色功能，大幅提升了采集配置效率。

1K 2 CVEs

WxSync-标准云微信公众号文章免费采集-任意公众号自动采集付费购买

wxsync

标准云微信公众号文章采集与自动同步插件,手动采集永久免费,自动同步采集可按月收费

500 1 CVE

Developer Profile

[凹凸曼]一键采集今日头条文章 Developer Profile

apoyl

27 plugins · 710 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect [凹凸曼]一键采集今日头条文章

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/apoyl-grabtoutiao/admin/css/admin.css/wp-content/plugins/apoyl-grabtoutiao/admin/js/admin.js

Script Paths

/wp-content/plugins/apoyl-grabtoutiao/admin/js/admin.js

Version Parameters

apoyl-grabtoutiao?ver=apoyl-grabtoutiao/admin/css/admin.css?ver=apoyl-grabtoutiao/admin/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

article-contentsyl-article-base

Data Attributes

data-wp-hooks='apoyl-grabtoutiao'

JS Globals

window.apoyl_grabtoutiao

FAQ