WP-Safety

Atomic Edge Security Security & Risk Analysis

wordpress.org/plugins/atomic-edge-security

Connect your WordPress site to Atomic Edge for enterprise-grade WAF protection, real-time analytics, and advanced security tools.

0 active installs v2.5.1 PHP 7.4+ WP 5.8+ Updated Mar 14, 2026
2fafirewallmalware-scannersecuritywaf
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Atomic Edge Security Safe to Use in 2026?

Generally Safe

Score 100/100

Atomic Edge Security has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 20d ago
Risk Assessment

The "atomic-edge-security" plugin v2.5.1 presents a mixed security posture. It exhibits good practices in several areas, notably the high percentage of SQL queries using prepared statements and a significant number of output escaping occurrences. The complete absence of known CVEs and a clean vulnerability history are strong indicators of diligent security development. However, a major concern is the substantial attack surface exposed through AJAX handlers. With 44 AJAX handlers identified, 40 of which lack proper authentication checks, this opens a significant avenue for potential unauthorized actions if these handlers are exploitable.

While the taint analysis did not reveal critical or high-severity issues, the presence of flows with unsanitized paths, even if not critical, warrants attention as they could be precursors to vulnerabilities under specific conditions. The limited number of file operations and external HTTP requests is a positive sign, reducing the potential for certain types of attacks. The plugin also demonstrates a good use of nonce and capability checks, though their absence on the majority of AJAX endpoints negates much of that benefit.

In conclusion, "atomic-edge-security" v2.5.1 has a strong foundation in secure coding practices regarding database interactions and output handling. The lack of historical vulnerabilities is commendable. The primary weakness lies in the inadequate security measures for its AJAX endpoints, which is a significant oversight that exposes a large portion of the plugin's functionality to potential abuse. Addressing the unprotected AJAX handlers should be the immediate priority for improving its security.

Key Concerns

  • Large attack surface without auth checks (AJAX)
  • Flows with unsanitized paths found
Vulnerabilities
None known

Atomic Edge Security Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Atomic Edge Security Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
24 prepared
Unescaped Output
113
612 escaped
Nonce Checks
17
Capability Checks
23
File Operations
7
External Requests
3
Bundled Libraries
0

SQL Query Safety

96% prepared25 total queries

Output Escaping

84% escaped725 total outputs
Data Flows
4 unsanitized

Data Flow Analysis

12 flows4 with unsanitized paths
wp_login (includes\class-atomicedge-2fa-login.php:83)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
40 unprotected

Atomic Edge Security Attack Surface

Entry Points44
Unprotected40

AJAX Handlers 44

authwp_ajax_atomicedge_dismiss_2fa_reminderincludes\class-atomicedge-2fa.php:169
authwp_ajax_atomicedge_get_analyticsincludes\class-atomicedge-ajax.php:46
authwp_ajax_atomicedge_get_waf_logsincludes\class-atomicedge-ajax.php:49
authwp_ajax_atomicedge_get_ip_rulesincludes\class-atomicedge-ajax.php:52
authwp_ajax_atomicedge_add_ip_whitelistincludes\class-atomicedge-ajax.php:53
authwp_ajax_atomicedge_add_ip_blacklistincludes\class-atomicedge-ajax.php:54
authwp_ajax_atomicedge_remove_ipincludes\class-atomicedge-ajax.php:55
authwp_ajax_atomicedge_get_geo_rulesincludes\class-atomicedge-ajax.php:58
authwp_ajax_atomicedge_update_geo_rulesincludes\class-atomicedge-ajax.php:59
authwp_ajax_atomicedge_run_scanincludes\class-atomicedge-ajax.php:62
authwp_ajax_atomicedge_scan_stepincludes\class-atomicedge-ajax.php:63
authwp_ajax_atomicedge_scan_statusincludes\class-atomicedge-ajax.php:64
authwp_ajax_atomicedge_get_scan_resultsincludes\class-atomicedge-ajax.php:65
authwp_ajax_atomicedge_cancel_scanincludes\class-atomicedge-ajax.php:66
authwp_ajax_atomicedge_reset_scanincludes\class-atomicedge-ajax.php:67
authwp_ajax_atomicedge_scan_debug_testincludes\class-atomicedge-ajax.php:68
authwp_ajax_atomicedge_run_vulnerability_scanincludes\class-atomicedge-ajax.php:71
authwp_ajax_atomicedge_get_vulnerability_resultsincludes\class-atomicedge-ajax.php:72
authwp_ajax_atomicedge_reset_vulnerability_resultsincludes\class-atomicedge-ajax.php:73
authwp_ajax_atomicedge_get_cdn_statusincludes\class-atomicedge-ajax.php:76
authwp_ajax_atomicedge_refresh_cdn_statusincludes\class-atomicedge-ajax.php:77
authwp_ajax_atomicedge_purge_cdn_cacheincludes\class-atomicedge-ajax.php:78
authwp_ajax_atomicedge_update_cdn_settingsincludes\class-atomicedge-ajax.php:79
authwp_ajax_atomicedge_save_cdn_settingsincludes\class-atomicedge-ajax.php:80
authwp_ajax_atomicedge_clear_minify_cacheincludes\class-atomicedge-ajax.php:81
authwp_ajax_atomicedge_clear_cacheincludes\class-atomicedge-ajax.php:84
authwp_ajax_atomicedge_2fa_start_enrollmentincludes\class-atomicedge-ajax.php:87
authwp_ajax_atomicedge_2fa_verify_enrollmentincludes\class-atomicedge-ajax.php:88
authwp_ajax_atomicedge_2fa_cancel_enrollmentincludes\class-atomicedge-ajax.php:89
authwp_ajax_atomicedge_2fa_disableincludes\class-atomicedge-ajax.php:90
authwp_ajax_atomicedge_2fa_regenerate_codesincludes\class-atomicedge-ajax.php:91
authwp_ajax_atomicedge_2fa_get_statusincludes\class-atomicedge-ajax.php:92
authwp_ajax_atomicedge_get_adaptive_defenseincludes\class-atomicedge-ajax.php:95
authwp_ajax_atomicedge_get_actor_profilesincludes\class-atomicedge-ajax.php:96
authwp_ajax_atomicedge_get_threat_detectionsincludes\class-atomicedge-ajax.php:97
authwp_ajax_atomicedge_get_threat_detection_detailincludes\class-atomicedge-ajax.php:98
authwp_ajax_atomicedge_block_ipincludes\class-atomicedge-ajax.php:99
authwp_ajax_atomicedge_unblock_ipincludes\class-atomicedge-ajax.php:100
authwp_ajax_atomicedge_extend_blockincludes\class-atomicedge-ajax.php:101
authwp_ajax_atomicedge_make_permanentincludes\class-atomicedge-ajax.php:102
authwp_ajax_atomicedge_delete_actorincludes\class-atomicedge-ajax.php:103
authwp_ajax_atomicedge_dismiss_detectionincludes\class-atomicedge-ajax.php:104
authwp_ajax_atomicedge_refresh_nonceincludes\class-atomicedge-ajax.php:107
authwp_ajax_atomicedge_cdn_clear_minified_cacheincludes\class-atomicedge-cdn.php:87
WordPress Hooks 31
actionadmin_noticesatomicedge.php:75
actionplugins_loadedatomicedge.php:145
actionatomicedge_2fa_eventincludes\class-atomicedge-2fa-audit.php:89
actionatomicedge_2fa_audit_cleanupincludes\class-atomicedge-2fa-audit.php:95
filterauthenticateincludes\class-atomicedge-2fa-login.php:37
actionwp_loginincludes\class-atomicedge-2fa-login.php:40
actionlogin_form_atomicedge_2faincludes\class-atomicedge-2fa-login.php:43
filterattach_session_informationincludes\class-atomicedge-2fa-login.php:46
filtersend_auth_cookiesincludes\class-atomicedge-2fa-login.php:70
actionshow_user_profileincludes\class-atomicedge-2fa.php:150
actionedit_user_profileincludes\class-atomicedge-2fa.php:151
actionadmin_enqueue_scriptsincludes\class-atomicedge-2fa.php:154
actiondelete_userincludes\class-atomicedge-2fa.php:160
actionadmin_noticesincludes\class-atomicedge-2fa.php:163
actionadmin_noticesincludes\class-atomicedge-2fa.php:166
actionadmin_menuincludes\class-atomicedge-admin.php:45
actionadmin_initincludes\class-atomicedge-admin.php:46
actionadmin_noticesincludes\class-atomicedge-admin.php:47
actionadmin_noticesincludes\class-atomicedge-admin.php:48
actiontemplate_redirectincludes\class-atomicedge-cdn-rewrite.php:52
filteratomicedge_cdn_rewrite_urlsincludes\class-atomicedge-cdn-rewrite.php:55
filterwp_calculate_image_srcsetincludes\class-atomicedge-cdn-rewrite.php:58
filterscript_loader_srcincludes\class-atomicedge-cdn-rewrite.php:61
actionwp_headincludes\class-atomicedge-cdn.php:56
filteratomicedge_cdn_rewrite_urlsincludes\class-atomicedge-cdn.php:61
actionadmin_initincludes\class-atomicedge-cdn.php:84
actionatomicedge_daily_scanincludes\class-atomicedge-cron.php:55
actionatomicedge_sync_settingsincludes\class-atomicedge-cron.php:58
actionatomicedge_cdn_cache_cleanupincludes\class-atomicedge-cron.php:61
filtercron_schedulesincludes\class-atomicedge-cron.php:64
actionadmin_enqueue_scriptsincludes\class-atomicedge.php:135

Scheduled Events 4

atomicedge_daily_scan
atomicedge_2fa_audit_cleanup
atomicedge_sync_settings
atomicedge_cdn_cache_cleanup
Maintenance & Trust

Atomic Edge Security Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 14, 2026
PHP min version7.4
Downloads634

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Atomic Edge Security Alternatives

BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security

BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security

bitfire

A
99

Real-time firewall that stops bots, malware, and hackers with real AI, file protection, and traffic analytics without slowing down your site

300 1 CVE
VMP Security – Firewall, Malware Scan, and Login Security

VMP Security – Firewall, Malware Scan, and Login Security

vmpfence-security

A
100

Your all-in-one WordPress security solution. Stop hackers with our firewall, detect malware before it spreads, and protect your site.

0 No CVEs
Wordfence Security – Firewall, Malware Scan, and Login Security

Wordfence Security – Firewall, Malware Scan, and Login Security

wordfence

A
96

Firewall, Malware Scanner, Two Factor Auth, and Comprehensive Security Features, powered by our 24-hour team. Make security a priority with Wordfence.

5.0M 12 CVEs
Limit Login Attempts Reloaded – Login Security, Brute Force Protection, Firewall

Limit Login Attempts Reloaded – Login Security, Brute Force Protection, Firewall

limit-login-attempts-reloaded

A
98

Block excessive login attempts and protect your site against brute force attacks. Simple, yet powerful tools to improve site performance.

2.0M 4 CVEs
Security Optimizer – The All-In-One Protection Plugin

Security Optimizer – The All-In-One Protection Plugin

sg-security

A
86

Secure your WordPress site from brute-force attacks, threats, malware, and bots. Free to use and easy to set up.

1.0M 5 CVEs
Developer Profile

Atomic Edge Security Developer Profile

shift8

11 plugins · 980 total installs

89
trust score
Avg Security Score
93/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Atomic Edge Security

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/atomic-edge-security/assets/css/atomicedge-backend.css/wp-content/plugins/atomic-edge-security/assets/css/atomicedge-frontend.css/wp-content/plugins/atomic-edge-security/assets/js/atomicedge-backend.js/wp-content/plugins/atomic-edge-security/assets/js/atomicedge-frontend.js
Version Parameters
atomic-edge-security/assets/css/atomicedge-backend.css?ver=atomic-edge-security/assets/css/atomicedge-frontend.css?ver=atomic-edge-security/assets/js/atomicedge-backend.js?ver=atomic-edge-security/assets/js/atomicedge-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
atomicedge-dashboard-widgetatomicedge-scanner-results-tableatomicedge-settings-formatomicedge-cdn-rules-list
Data Attributes
data-atomicedge-nonce
JS Globals
atomicedge_ajax_object
REST Endpoints
/wp-json/atomicedge/v1/settings/wp-json/atomicedge/v1/scan/start/wp-json/atomicedge/v1/scan/status/wp-json/atomicedge/v1/cdn/purge
FAQ

Frequently Asked Questions about Atomic Edge Security