WP-Safety

TermsFeed AutoTerms: Privacy Policy Generator, Cookie Consent, GDPR, CCPA, Terms & Conditions, Disclaimers, Cookies Policy, EULA Security & Risk Analysis

wordpress.org/plugins/auto-terms-of-service-and-privacy-policy

All-in-One compliance solution from TermsFeed: Generator of Privacy Policy, T&Cs, Affiliate Disclaimers and Cookie Consent Notice Banner.

80K active installs v3.0.5 PHP 5.3+ WP 4.2+ Updated Jan 28, 2026
ccpaconsentcookiegdprprivacy-policy
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is TermsFeed AutoTerms: Privacy Policy Generator, Cookie Consent, GDPR, CCPA, Terms & Conditions, Disclaimers, Cookies Policy, EULA Safe to Use in 2026?

Generally Safe

Score 100/100

TermsFeed AutoTerms: Privacy Policy Generator, Cookie Consent, GDPR, CCPA, Terms & Conditions, Disclaimers, Cookies Policy, EULA has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The "auto-terms-of-service-and-privacy-policy" plugin v3.0.5 exhibits a generally good security posture based on the provided static analysis and vulnerability history. The absence of known CVEs and a clean vulnerability history are positive indicators. The plugin effectively uses prepared statements for all SQL queries and implements nonce and capability checks on all identified entry points (shortcodes). Furthermore, it avoids dangerous functions, file operations, and external HTTP requests.

However, a significant concern arises from the taint analysis, which reveals 3 flows with unsanitized paths. While not classified as critical or high severity, this indicates potential for injection vulnerabilities if the data source or the way it's handled allows for malicious input to reach sensitive operations without proper sanitization. Additionally, the output escaping is only 52% proper, suggesting a risk of Cross-Site Scripting (XSS) vulnerabilities if user-controlled data is displayed without adequate sanitization or encoding.

In conclusion, while the plugin demonstrates strong foundational security practices like prepared statements and authorization checks, the unsanitized taint flows and significantly low output escaping percentage are notable weaknesses. These areas require immediate attention to mitigate potential injection and XSS risks. The lack of past vulnerabilities is encouraging but does not negate the current findings.

Key Concerns

  • Unsanitized taint flows detected
  • Low output escaping percentage
Vulnerabilities
None known

TermsFeed AutoTerms: Privacy Policy Generator, Cookie Consent, GDPR, CCPA, Terms & Conditions, Disclaimers, Cookies Policy, EULA Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

TermsFeed AutoTerms: Privacy Policy Generator, Cookie Consent, GDPR, CCPA, Terms & Conditions, Disclaimers, Cookies Policy, EULA Release Timeline

v3.0.5Current
v3.0.4
v3.0.3
v3.0.2
v3.0.1
v3.0.0
v2.5.1
v2.5.0
v2.4.9
v2.4.8
v2.4.7
v2.4.6
v2.4.5
v2.4.4
v2.4.3
v2.4.2
v2.4.1
v2.4.0
v2.3.2
v2.3.1
Code Analysis
Analyzed Mar 16, 2026

TermsFeed AutoTerms: Privacy Policy Generator, Cookie Consent, GDPR, CCPA, Terms & Conditions, Disclaimers, Cookies Policy, EULA Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
3 prepared
Unescaped Output
279
298 escaped
Nonce Checks
3
Capability Checks
4
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared3 total queries

Output Escaping

52% escaped577 total outputs
Data Flows · Security
3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths
_handle (includes\admin\action\set-option.php:16)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

TermsFeed AutoTerms: Privacy Policy Generator, Cookie Consent, GDPR, CCPA, Terms & Conditions, Disclaimers, Cookies Policy, EULA Attack Surface

Entry Points4
Unprotected0

Shortcodes 4

[my_terms_of_service_and_privacy_policy] includes\legacy-shortcodes.php:82
[my_terms_of_service] includes\legacy-shortcodes.php:86
[my_privacy_policy] includes\legacy-shortcodes.php:87
[wpautoterms] includes\shortcodes.php:36
WordPress Hooks 43
actioninitauto-terms-of-service-privacy-policy.php:100
actionadmin_initauto-terms-of-service-privacy-policy.php:108
actioninitincludes\admin\admin.php:42
actionadmin_enqueue_scriptsincludes\admin\admin.php:49
filterpost_row_actionsincludes\admin\admin.php:50
filterpre_update_optionincludes\admin\admin.php:51
actionedit_form_topincludes\admin\admin.php:52
filterget_pagesincludes\admin\admin.php:53
actionactivated_pluginincludes\admin\admin.php:54
actionsave_postincludes\admin\form\legal-page.php:31
actionadmin_enqueue_scriptsincludes\admin\form\legal-page.php:32
actionadmin_initincludes\admin\menu.php:85
actionadmin_menuincludes\admin\menu.php:86
actionadmin_enqueue_scriptsincludes\admin\menu.php:87
actionadmin_noticesincludes\admin\notices.php:53
actionadmin_noticesincludes\admin\review-banner.php:20
actionupdated_optionincludes\admin\slug-helper.php:9
actionadmin_initincludes\admin\slug-helper.php:13
filterdisplay_post_statesincludes\cpt\admin-columns.php:23
filtermap_meta_capincludes\cpt\cpt.php:19
actionadmin_menuincludes\cpt\cpt.php:20
actionwp_enqueue_scriptsincludes\frontend\cookie-consent\cookie-consent.php:30
actionthe_contentincludes\frontend\endorsements.php:10
actionwp_print_stylesincludes\frontend\links.php:19
actionwp_print_stylesincludes\frontend\notice\base-notice.php:36
actionwp_enqueue_scriptsincludes\frontend\notice\base-notice.php:37
filterwidget_pages_argsincludes\frontend\pages-widget-extend.php:12
filterwp_list_pagesincludes\frontend\pages-widget-extend.php:13
actionwidgets_initincludes\frontend\widget.php:34
actioninitincludes\frontend.php:40
filterwp_cache_ob_callback_filterincludes\frontend.php:45
filtercache_enabler_before_storeincludes\frontend.php:46
actionwpincludes\frontend.php:49
actionwp_enqueue_scriptsincludes\frontend.php:50
actionwp_footerincludes\frontend.php:51
actioninitincludes\legal-pages\conf.php:19
actioninitincludes\legal-pages\conf.php:39
actioninitincludes\upgrade.php:17
actionadmin_initincludes\upgrade.php:44
actioninitincludes\wpautoterms.php:16
actionwp_enqueue_scriptsincludes\wpautoterms.php:17
actionadmin_enqueue_scriptsincludes\wpautoterms.php:18
actioninitincludes\wpautoterms.php:20
Maintenance & Trust

TermsFeed AutoTerms: Privacy Policy Generator, Cookie Consent, GDPR, CCPA, Terms & Conditions, Disclaimers, Cookies Policy, EULA Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 28, 2026
PHP min version5.3
Downloads3.4M

Community Trust

Rating94/100
Number of ratings244
Active installs80K
Alternatives

TermsFeed AutoTerms: Privacy Policy Generator, Cookie Consent, GDPR, CCPA, Terms & Conditions, Disclaimers, Cookies Policy, EULA Alternatives

Compliance by Hu-manity.co

Compliance by Hu-manity.co

cookie-notice

A
95

Intentional Consent for WordPress — GDPR, CCPA, CPRA & ePrivacy compliance with consent records, autoblocking & Google Consent Mode v2.

900K 6 CVEs
GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice for CCPA, EU Cookie Law

GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice for CCPA, EU Cookie Law

gdpr-cookie-compliance

A
97

Cookie notice banner for GDPR, CCPA, EU cookie law, data protection and privacy regulations and other cookie law and consent notice requirements on yo …

300K 9 CVEs
iubenda | All-in-one Compliance for GDPR / CCPA Cookie Consent + more

iubenda | All-in-one Compliance for GDPR / CCPA Cookie Consent + more

iubenda-cookie-law-solution

A
97

The solution for GDPR compliance + more. Get your cookie banner, privacy policy, terms and conditions and handle cookie consent in just one plugin.

200K 4 CVEs
Termly – GDPR/CCPA Cookie Consent Banner

Termly – GDPR/CCPA Cookie Consent Banner

uk-cookie-consent

A
99

Our easy to use cookie consent plugin can assist in your GDPR, CCPA, and ePrivacy Directive compliance efforts.

90K 2 CVEs
Pressidium Cookie Consent

Pressidium Cookie Consent

pressidium-cookie-consent

A
100

Lightweight, user-friendly and customizable cookie consent banner to help you comply with the EU GDPR cookie law and CCPA regulations.

10K No CVEs
Developer Profile

TermsFeed AutoTerms: Privacy Policy Generator, Cookie Consent, GDPR, CCPA, Terms & Conditions, Disclaimers, Cookies Policy, EULA Developer Profile

TermsFeed

1 plugin · 80K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect TermsFeed AutoTerms: Privacy Policy Generator, Cookie Consent, GDPR, CCPA, Terms & Conditions, Disclaimers, Cookies Policy, EULA

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/admin.css/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/style.css/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/admin.js/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/frontend.js
Version Parameters
auto-terms-of-service-and-privacy-policy/css/admin.css?ver=auto-terms-of-service-and-privacy-policy/css/style.css?ver=auto-terms-of-service-and-privacy-policy/js/admin.js?ver=auto-terms-of-service-and-privacy-policy/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
wpautoterms-admin-pagewpautoterms-settings-warning
HTML Comments
<!-- START TermsFeed AutoTerms Admin --><!-- END TermsFeed AutoTerms Admin -->
Data Attributes
data-wpautoterms-slug
JS Globals
wpautoterms_admin_params
FAQ

Frequently Asked Questions about TermsFeed AutoTerms: Privacy Policy Generator, Cookie Consent, GDPR, CCPA, Terms & Conditions, Disclaimers, Cookies Policy, EULA