WP-Safety

Atlant Security Security & Risk Analysis

wordpress.org/plugins/atlant-security

Enterprise-grade WordPress security: WAF, brute force protection, malware scanner, 2FA, honeypots, AI crawler control, and post-breach recovery.

0 active installs v1.1.2 PHP 8.0+ WP 6.0+ Updated Mar 30, 2026
brute-forcefirewallmalware-scannersecuritytwo-factor-authentication
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Atlant Security Safe to Use in 2026?

Generally Safe

Score 100/100

Atlant Security has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The 'atlant-security' v1.1.2 plugin demonstrates a generally good security posture with several robust practices. The vast majority of SQL queries utilize prepared statements, and output escaping is nearly comprehensive, indicating developers have a strong understanding of common web vulnerabilities. The absence of any known CVEs, critical taint flows, or unsanitized paths further strengthens this positive assessment. The plugin also implements a significant number of capability checks, which is a good indicator of authorization awareness.

However, there are a few areas that introduce a modicum of risk. The presence of 4 AJAX handlers without authentication checks is a notable concern, as these could potentially be exploited for unauthorized actions if they perform sensitive operations. The single instance of `set_time_limit` is also worth noting; while not inherently dangerous, its use can sometimes be associated with denial-of-service vectors if not carefully managed. The plugin's vulnerability history being completely clean is an excellent sign, suggesting responsible development and maintenance practices, but it doesn't negate the risks identified in the static analysis.

In conclusion, 'atlant-security' v1.1.2 is relatively secure, with its strengths in prepared SQL statements and output escaping. The primary weakness lies in the unprotected AJAX endpoints, which warrant immediate attention and the implementation of proper authorization checks. The plugin's clean vulnerability record is a testament to good coding, but the identified attack surface requires mitigation to maintain its secure standing.

Key Concerns

  • Unprotected AJAX handlers
  • Dangerous function usage (set_time_limit)
Vulnerabilities
None known

Atlant Security Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Atlant Security Release Timeline

v1.1.2Current
Code Analysis
Analyzed Apr 16, 2026

Atlant Security Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
195 prepared
Unescaped Output
6
655 escaped
Nonce Checks
54
Capability Checks
51
File Operations
10
External Requests
8
Bundled Libraries
0

Dangerous Functions Found

set_time_limitset_time_limit( 15 ); // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged, Squiz.PHP.Discourageincludes/modules/WAF.php:389

SQL Query Safety

100% prepared195 total queries

Output Escaping

99% escaped661 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

18 flows
ajax_set_uninstall_pref (admin/Admin.php:371)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

Atlant Security Attack Surface

Entry Points53
Unprotected4

AJAX Handlers 53

authwp_ajax_aswp_set_uninstall_prefadmin/Admin.php:30
authwp_ajax_aswp_save_settingsadmin/Admin.php:33
authwp_ajax_aswp_complete_setupadmin/Admin.php:34
authwp_ajax_aswp_dismiss_setup_noticeadmin/Admin.php:35
authwp_ajax_aswp_apply_recommendedadmin/Admin.php:36
authwp_ajax_aswp_add_whitelistincludes/Plugin.php:118
authwp_ajax_aswp_remove_whitelistincludes/Plugin.php:119
authwp_ajax_aswp_get_whitelistincludes/Plugin.php:120
authwp_ajax_aswp_whitelist_my_ipincludes/Plugin.php:121
authwp_ajax_aswp_save_login_urlincludes/Plugin.php:122
authwp_ajax_aswp_regenerate_login_urlincludes/Plugin.php:123
authwp_ajax_aswp_download_geoipincludes/Plugin.php:126
authwp_ajax_aswp_test_geoipincludes/Plugin.php:127
authwp_ajax_aswp_waf_toggle_ruleincludes/Plugin.php:130
authwp_ajax_aswp_save_ai_crawler_rulesincludes/modules/AICrawlers.php:22
authwp_ajax_aswp_get_ai_crawler_statsincludes/modules/AICrawlers.php:23
authwp_ajax_aswp_get_cron_statusincludes/modules/CronGuard.php:40
authwp_ajax_aswp_approve_cron_hookincludes/modules/CronGuard.php:41
authwp_ajax_aswp_remove_cron_hookincludes/modules/CronGuard.php:42
authwp_ajax_aswp_save_cron_settingsincludes/modules/CronGuard.php:43
authwp_ajax_aswp_block_ipincludes/modules/IPManager.php:9
authwp_ajax_aswp_unblock_ipincludes/modules/IPManager.php:10
authwp_ajax_aswp_whitelist_ipincludes/modules/IPManager.php:11
authwp_ajax_aswp_get_ip_infoincludes/modules/IPManager.php:12
authwp_ajax_aswp_live_visitorsincludes/modules/IPManager.php:13
authwp_ajax_aswp_visitor_logincludes/modules/IPManager.php:14
authwp_ajax_aswp_visitor_statsincludes/modules/IPManager.php:15
authwp_ajax_aswp_get_outbound_logincludes/modules/OutboundMonitor.php:74
authwp_ajax_aswp_save_outbound_allowlistincludes/modules/OutboundMonitor.php:75
authwp_ajax_aswp_get_outbound_statsincludes/modules/OutboundMonitor.php:76
authwp_ajax_aswp_generate_passphraseincludes/modules/PasswordPolicy.php:22
authwp_ajax_aswp_generate_passphraseincludes/modules/PasswordPolicy.php:32
authwp_ajax_aswp_breach_actionincludes/modules/PostBreach.php:14
authwp_ajax_aswp_get_rest_policiesincludes/modules/RestApiPolicy.php:35
authwp_ajax_aswp_save_rest_policiesincludes/modules/RestApiPolicy.php:36
authwp_ajax_aswp_get_rest_api_statsincludes/modules/RestApiPolicy.php:37
authwp_ajax_aswp_start_scanincludes/modules/Scanner.php:55
authwp_ajax_aswp_scan_statusincludes/modules/Scanner.php:56
authwp_ajax_aswp_get_scan_resultsincludes/modules/Scanner.php:57
authwp_ajax_aswp_quarantine_fileincludes/modules/Scanner.php:58
authwp_ajax_aswp_get_session_infoincludes/modules/SessionSecurity.php:43
authwp_ajax_aswp_destroy_user_sessionsincludes/modules/SessionSecurity.php:44
authwp_ajax_aswp_get_session_statsincludes/modules/SessionSecurity.php:45
authwp_ajax_aswp_2fa_verify_totpincludes/modules/TwoFA.php:31
authwp_ajax_aswp_2fa_generate_totpincludes/modules/TwoFA.php:32
authwp_ajax_aswp_2fa_send_email_otpincludes/modules/TwoFA.php:33
authwp_ajax_aswp_2fa_disableincludes/modules/TwoFA.php:34
authwp_ajax_aswp_2fa_enable_emailincludes/modules/TwoFA.php:35
authwp_ajax_aswp_2fa_regen_codesincludes/modules/TwoFA.php:36
noprivwp_ajax_aswp_2fa_validateincludes/modules/TwoFA.php:37
noprivwp_ajax_aswp_2fa_resendincludes/modules/TwoFA.php:38
authwp_ajax_aswp_run_vuln_auditincludes/modules/VulnAudit.php:21
authwp_ajax_aswp_get_vuln_resultsincludes/modules/VulnAudit.php:22
WordPress Hooks 113
actionadmin_menuadmin/Admin.php:18
actionadmin_enqueue_scriptsadmin/Admin.php:19
actionadmin_noticesadmin/Admin.php:20
actionadmin_initadmin/Admin.php:23
filterplugin_row_metaadmin/Admin.php:26
actionadmin_footer-plugins.phpadmin/Admin.php:29
actionadmin_menuadmin/Admin.php:127
actionplugins_loadedatlant-security.php:78
actionplugins_loadedatlant-security.php:217
actionplugins_loadedatlant-security.php:246
actionplugins_loadedatlant-security.php:255
actioninitatlant-security.php:262
filtercron_schedulesincludes/Plugin.php:24
actioninitincludes/Plugin.php:27
actionadmin_initincludes/Plugin.php:45
actionaswp_cleanup_logsincludes/Plugin.php:53
actionaswp_update_blocked_countsincludes/Plugin.php:54
actionaswp_refresh_cloudflare_ipsincludes/Plugin.php:55
actionaswp_refresh_google_ipsincludes/Plugin.php:56
actionaswp_refresh_microsoft_ipsincludes/Plugin.php:57
actionaswp_update_geoip_dbincludes/Plugin.php:58
actionwpincludes/RequestLogger.php:155
actioninitincludes/modules/AICrawlers.php:16
filterrobots_txtincludes/modules/AICrawlers.php:19
actionactivated_pluginincludes/modules/AuditLogger.php:27
actiondeactivated_pluginincludes/modules/AuditLogger.php:28
actiondeleted_pluginincludes/modules/AuditLogger.php:29
actionupgrader_process_completeincludes/modules/AuditLogger.php:30
actionswitch_themeincludes/modules/AuditLogger.php:33
actionuser_registerincludes/modules/AuditLogger.php:36
actiondelete_userincludes/modules/AuditLogger.php:37
actionset_user_roleincludes/modules/AuditLogger.php:38
actionbefore_delete_postincludes/modules/AuditLogger.php:41
actionupdate_option_users_can_registerincludes/modules/AuditLogger.php:44
actionupdate_option_default_roleincludes/modules/AuditLogger.php:45
actionshutdownincludes/modules/AuditLogger.php:175
actionwp_loadedincludes/modules/CronGuard.php:34
actioninitincludes/modules/CronGuard.php:37
actioninitincludes/modules/CustomLoginURL.php:31
filterquery_varsincludes/modules/CustomLoginURL.php:32
actiontemplate_redirectincludes/modules/CustomLoginURL.php:33
actionlogin_initincludes/modules/CustomLoginURL.php:36
actioninitincludes/modules/CustomLoginURL.php:37
filterlogin_urlincludes/modules/CustomLoginURL.php:40
filterlogout_urlincludes/modules/CustomLoginURL.php:41
filterlostpassword_urlincludes/modules/CustomLoginURL.php:42
filterregister_urlincludes/modules/CustomLoginURL.php:43
filternetwork_site_urlincludes/modules/CustomLoginURL.php:44
filtersite_urlincludes/modules/CustomLoginURL.php:45
filterwp_redirectincludes/modules/CustomLoginURL.php:46
filterforce_ssl_adminincludes/modules/Hardening.php:12
filterrest_endpointsincludes/modules/Hardening.php:22
filterxmlrpc_enabledincludes/modules/Hardening.php:27
actionsend_headersincludes/modules/Hardening.php:31
filterauto_update_pluginincludes/modules/Hardening.php:40
filterauto_update_themeincludes/modules/Hardening.php:45
actionwp_enqueue_scriptsincludes/modules/Honeypot.php:63
actionwp_footerincludes/modules/Honeypot.php:64
actioninitincludes/modules/Honeypot.php:68
actioninitincludes/modules/Honeypot.php:75
filtercomment_form_fieldsincludes/modules/Honeypot.php:80
filterpreprocess_commentincludes/modules/Honeypot.php:81
filterwpcf7_validateincludes/modules/Honeypot.php:86
actioninitincludes/modules/Honeypot.php:94
actionwp_login_failedincludes/modules/LoginProtection.php:10
filterauthenticateincludes/modules/LoginProtection.php:11
filterlogin_errorsincludes/modules/LoginProtection.php:14
filterlost_password_errorsincludes/modules/LoginProtection.php:15
actiontemplate_redirectincludes/modules/LoginProtection.php:19
filterthe_generatorincludes/modules/LoginProtection.php:25
filterscript_loader_srcincludes/modules/LoginProtection.php:26
filterstyle_loader_srcincludes/modules/LoginProtection.php:27
actionaswp_security_eventincludes/modules/Notifications.php:16
actionaswp_daily_digestincludes/modules/Notifications.php:26
filterpre_http_requestincludes/modules/OutboundMonitor.php:68
actionhttp_api_debugincludes/modules/OutboundMonitor.php:71
actionshutdownincludes/modules/OutboundMonitor.php:398
actionuser_profile_update_errorsincludes/modules/PasswordPolicy.php:27
actionvalidate_password_resetincludes/modules/PasswordPolicy.php:28
filterregistration_errorsincludes/modules/PasswordPolicy.php:29
actionshow_user_profileincludes/modules/PasswordPolicy.php:35
actionedit_user_profileincludes/modules/PasswordPolicy.php:36
actionwp_loginincludes/modules/PostBreach.php:458
actionadmin_initincludes/modules/PostBreach.php:466
actionpassword_resetincludes/modules/PostBreach.php:480
actionprofile_updateincludes/modules/PostBreach.php:488
actionadmin_noticesincludes/modules/PostBreach.php:499
actiontemplate_redirectincludes/modules/PostBreach.php:511
filterrest_authentication_errorsincludes/modules/PostBreach.php:514
filterxmlrpc_enabledincludes/modules/PostBreach.php:520
actionadmin_initincludes/modules/PostBreach.php:526
actioninitincludes/modules/RateLimiter.php:33
filterrest_pre_dispatchincludes/modules/RestApiPolicy.php:31
actionaswp_run_scan_batchincludes/modules/Scanner.php:52
actionaswp_run_db_scanincludes/modules/Scanner.php:53
actionadd_attachmentincludes/modules/Scanner.php:61
actionsend_headersincludes/modules/SecurityHeaders.php:15
actionadmin_initincludes/modules/SecurityHeaders.php:17
actionset_auth_cookieincludes/modules/SessionSecurity.php:27
actionsend_headersincludes/modules/SessionSecurity.php:28
actionwp_loginincludes/modules/SessionSecurity.php:31
actioninitincludes/modules/SessionSecurity.php:34
actionwp_loginincludes/modules/SessionSecurity.php:37
actioninitincludes/modules/SessionSecurity.php:40
actionwp_loginincludes/modules/TwoFA.php:17
filterauthenticateincludes/modules/TwoFA.php:18
actionlogin_form_aswp2faincludes/modules/TwoFA.php:19
actionshow_user_profileincludes/modules/TwoFA.php:22
actionedit_user_profileincludes/modules/TwoFA.php:23
actionpersonal_options_updateincludes/modules/TwoFA.php:24
actionedit_user_profile_updateincludes/modules/TwoFA.php:25
actionadmin_enqueue_scriptsincludes/modules/TwoFA.php:28
actioninitincludes/modules/WAF.php:22

Scheduled Events 7

aswp_cleanup_logs
aswp_update_blocked_counts
aswp_refresh_cloudflare_ips
aswp_refresh_google_ips
aswp_refresh_microsoft_ips
aswp_update_geoip_db
aswp_daily_digest
Maintenance & Trust

Atlant Security Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 30, 2026
PHP min version8.0
Downloads120

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Atlant Security Alternatives

Protector – Malware Removal, Firewall & Core Repair

Protector – Malware Removal, Firewall & Core Repair

wp-admin-protect

A
100

Protect your WordPress. The ultimate lightweight security suite. Block brute-force attacks, auto-repair infected core files, hide your login URL, set …

200 No CVEs
Bearmor Security

Bearmor Security

bearmor-security

A
100

Lightweight, powerful WordPress security for small businesses. Malware scanning, login protection, 2FA, hardening - most features FREE.

60 No CVEs
Ultimate Security – Login Protection, 2FA, CAPTCHA & Hardening

Ultimate Security – Login Protection, 2FA, CAPTCHA & Hardening

ultimate-security

A
100

Protect your WordPress site with 2FA, brute force protection, CAPTCHA, custom login URL, and security hardening.

10 No CVEs
Dotsquares Custom Login URL & Security Suite

Dotsquares Custom Login URL & Security Suite

custom-login-url-login-designer

A
100

Change your WordPress login URL, design the login page, and enhance your site's security with built-in protection tools.

0 No CVEs
FreelanceBo Sentra Control

FreelanceBo Sentra Control

freelancebo-sentra-control

A
100

Security agent connecting to FreelanceBo Sentra Control console for WAF, malware scanning, brute force protection, and vulnerability scanning.

0 No CVEs
Developer Profile

Atlant Security Developer Profile

Atlant

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Atlant Security

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/atlant-security/admin/assets/css/common.css/wp-content/plugins/atlant-security/admin/assets/css/font-awesome.css/wp-content/plugins/atlant-security/admin/assets/css/main.css/wp-content/plugins/atlant-security/admin/assets/css/sidebar.css/wp-content/plugins/atlant-security/admin/assets/js/vendors/jquery.min.js/wp-content/plugins/atlant-security/admin/assets/js/vendors/bootstrap.min.js/wp-content/plugins/atlant-security/admin/assets/js/vendors/moment.min.js/wp-content/plugins/atlant-security/admin/assets/js/vendors/chart.min.js+54 more
Version Parameters
atlant-security/admin/assets/css/common.css?ver=atlant-security/admin/assets/css/font-awesome.css?ver=atlant-security/admin/assets/css/main.css?ver=atlant-security/admin/assets/css/sidebar.css?ver=atlant-security/admin/assets/js/vendors/jquery.min.js?ver=atlant-security/admin/assets/js/vendors/bootstrap.min.js?ver=atlant-security/admin/assets/js/vendors/moment.min.js?ver=atlant-security/admin/assets/js/vendors/chart.min.js?ver=atlant-security/admin/assets/js/vendors/fullcalendar.min.js?ver=atlant-security/admin/assets/js/vendors/jquery.sparkline.min.js?ver=atlant-security/admin/assets/js/vendors/jquery.peity.min.js?ver=atlant-security/admin/assets/js/vendors/jquery.easy-pie-chart.js?ver=atlant-security/admin/assets/js/vendors/owl.carousel.min.js?ver=atlant-security/admin/assets/js/vendors/jquery.waypoints.js?ver=atlant-security/admin/assets/js/vendors/jquery.counterup.min.js?ver=atlant-security/admin/assets/js/vendors/jquery.slimscroll.js?ver=atlant-security/admin/assets/js/vendors/toastr.min.js?ver=atlant-security/admin/assets/js/vendors/jquery.flot.js?ver=atlant-security/admin/assets/js/vendors/jquery.flot.tooltip.min.js?ver=atlant-security/admin/assets/js/vendors/jquery.flot.resize.js?ver=atlant-security/admin/assets/js/vendors/jquery.flot.pie.js?ver=atlant-security/admin/assets/js/vendors/jquery.flot.categories.js?ver=atlant-security/admin/assets/js/vendors/jquery.flot.time.js?ver=atlant-security/admin/assets/js/vendors/jquery.steps.min.js?ver=atlant-security/admin/assets/js/vendors/jquery.validate.min.js?ver=atlant-security/admin/assets/js/vendors/modernizr-2.6.2.min.js?ver=atlant-security/admin/assets/js/vendors/bootstrap-filestyle.min.js?ver=atlant-security/admin/assets/js/vendors/isotope.pkgd.min.js?ver=atlant-security/admin/assets/js/vendors/magnific-popup.js?ver=atlant-security/admin/assets/js/vendors/switchery.js?ver=atlant-security/admin/assets/js/vendors/bootstrap-tagsinput.js?ver=atlant-security/admin/assets/js/vendors/dropzone.js?ver=atlant-security/admin/assets/js/vendors/multiselect.min.js?ver=atlant-security/admin/assets/js/vendors/jquery.dataTables.min.js?ver=atlant-security/admin/assets/js/vendors/dataTables.bootstrap.js?ver=atlant-security/admin/assets/js/vendors/datatables.responsive.min.js?ver=atlant-security/admin/assets/js/vendors/responsive.bootstrap.js?ver=atlant-security/admin/assets/js/vendors/jquery.nicescroll.js?ver=atlant-security/admin/assets/js/vendors/jquery.sparkline.min.js?ver=atlant-security/admin/assets/js/vendors/jquery.easypiechart.min.js?ver=atlant-security/admin/assets/js/vendors/moment.min.js?ver=atlant-security/admin/assets/js/vendors/bootstrap-datetimepicker.min.js?ver=atlant-security/admin/assets/js/vendors/select2.min.js?ver=atlant-security/admin/assets/js/vendors/bootstrap-colorpicker.min.js?ver=atlant-security/admin/assets/js/vendors/bootstrap-datepicker.js?ver=atlant-security/admin/assets/js/vendors/bootstrap-timepicker.js?ver=atlant-security/admin/assets/js/vendors/bootstrap-inputmask.min.js?ver=atlant-security/admin/assets/js/vendors/summernote.min.js?ver=atlant-security/admin/assets/js/vendors/jquery.mask.min.js?ver=atlant-security/admin/assets/js/vendors/autosize.min.js?ver=atlant-security/admin/assets/js/vendors/ckeditor.js?ver=atlant-security/admin/assets/js/vendors/jquery.form-wizard.js?ver=atlant-security/admin/assets/js/vendors/jquery.tagsinput.js?ver=atlant-security/admin/assets/js/vendors/moment.min.js?ver=atlant-security/admin/assets/js/vendors/daterangepicker.js?ver=atlant-security/admin/assets/js/vendors/masonry.pkgd.min.js?ver=atlant-security/admin/assets/js/vendors/sweetalert.min.js?ver=atlant-security/admin/assets/js/vendors/magnific-popup.js?ver=atlant-security/admin/assets/js/vendors/jquery.scrollto.js?ver=atlant-security/admin/assets/js/vendors/jquery.sticky.js?ver=atlant-security/admin/assets/js/vendors/jquery.app.js?ver=atlant-security/admin/assets/js/main.js?ver=

HTML / DOM Fingerprints

CSS Classes
aswp-login-form-wrapperaswp-sidebar-menu-itemaswp-tooltip
HTML Comments
<!-- Atlant Security --><!-- Atlant Security Admin Notice --><!-- START Atlant Security -><!-- END Atlant Security -->+9 more
Data Attributes
data-toggle="aswp-tooltip"data-original-title
JS Globals
ASWP_Adminaswp_admin_ajax_objectaswp_paramsASWP_Admin_AJAXaswp_vars
REST Endpoints
/wp-json/atlant-security/v1/settings/wp-json/atlant-security/v1/logs/wp-json/atlant-security/v1/scan/wp-json/atlant-security/v1/ip-block/wp-json/atlant-security/v1/waf/wp-json/atlant-security/v1/bot-detection
Shortcode Output
[atlant_security_login_form]
FAQ

Frequently Asked Questions about Atlant Security