WP-Safety

Automatik Blog Security & Risk Analysis

wordpress.org/plugins/automatik-blog

A plugin for integration with Automatik Blog, allowing automated publishing of SEO-optimized articles via REST API.

1K active installs v1.0.3 PHP 7.0+ WP 5.0+ Updated Mar 2, 2025
articlescategoriescontent-publishingimagesrest-api
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Automatik Blog Safe to Use in 2026?

Generally Safe

Score 92/100

Automatik Blog has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The 'automatik-blog' v1.0.3 plugin exhibits a generally strong security posture based on the provided static analysis and vulnerability history. It demonstrates good practices by ensuring all SQL queries are prepared and all output is properly escaped, which are critical for preventing common web vulnerabilities like SQL injection and cross-site scripting (XSS). The absence of any known CVEs or past vulnerabilities further suggests a history of secure development or diligent patching by the maintainers.

However, there are a few areas that warrant attention. The plugin has a significant attack surface with 26 REST API routes. While the analysis indicates that none of these are exposed without permission callbacks, a large attack surface always presents a higher potential for undiscovered vulnerabilities. Additionally, the fact that there are no nonce checks is a concern, especially if any of the REST API endpoints could be manipulated by an attacker to perform unintended actions. The single file operation also needs to be scrutinized to ensure it's not being used in a way that could lead to directory traversal or arbitrary file writes.

In conclusion, 'automatik-blog' v1.0.3 appears to be a relatively secure plugin with strong foundational security practices in place. The lack of known vulnerabilities is a significant positive. The primary areas for improvement would be to review the 26 REST API endpoints for any potential logic flaws and consider implementing nonce checks where appropriate to add an extra layer of security against CSRF-style attacks. The file operation should also be carefully audited.

Key Concerns

  • No nonce checks on entry points
  • Large REST API attack surface (26 routes)
  • Single file operation present
Vulnerabilities
None known

Automatik Blog Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Automatik Blog Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
118 escaped
Nonce Checks
0
Capability Checks
14
File Operations
1
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped118 total outputs
Attack Surface

Automatik Blog Attack Surface

Entry Points26
Unprotected0

REST API Routes 26

POST/wp-json/automatik_blog/v1/publish-articleincludes\class-rest-api-endpoints.php:18
POST/wp-json/automatik_blog/v1/install-themeincludes\class-rest-api-endpoints.php:25
POST/wp-json/automatik_blog/v1/activate-themeincludes\class-rest-api-endpoints.php:32
POST/wp-json/automatik_blog/v1/update-articleincludes\class-rest-api-endpoints.php:39
POST/wp-json/automatik_blog/v1/create-menuincludes\class-rest-api-endpoints.php:46
POST/wp-json/automatik_blog/v1/add-menu-itemincludes\class-rest-api-endpoints.php:53
POST/wp-json/automatik_blog/v1/assign-menu-locationincludes\class-rest-api-endpoints.php:60
POST/wp-json/automatik_blog/v1/update-site-titleincludes\class-rest-api-endpoints.php:67
POST/wp-json/automatik_blog/v1/update-site-taglineincludes\class-rest-api-endpoints.php:74
POST/wp-json/automatik_blog/v1/update-author-bioincludes\class-rest-api-endpoints.php:81
POST/wp-json/automatik_blog/v1/update-author-display-nameincludes\class-rest-api-endpoints.php:88
POST/wp-json/automatik_blog/v1/update-categoryincludes\class-rest-api-endpoints.php:99
POST/wp-json/automatik_blog/v1/create-categoryincludes\class-rest-api-endpoints.php:106
DELETE/wp-json/automatik_blog/v1/delete-articleincludes\class-rest-api-endpoints.php:113
POST/wp-json/automatik_blog/v1/upload-imageincludes\class-rest-api-endpoints.php:120
GET/wp-json/automatik_blog/v1/postsincludes\class-rest-api-endpoints.php:127
GET/wp-json/automatik_blog/v1/pagesincludes\class-rest-api-endpoints.php:134
GET/wp-json/automatik_blog/v1/categoriesincludes\class-rest-api-endpoints.php:141
GET/wp-json/automatik_blog/v1/authorsincludes\class-rest-api-endpoints.php:148
GET/wp-json/automatik_blog/v1/tagsincludes\class-rest-api-endpoints.php:155
GET/wp-json/automatik_blog/v1/pluginsincludes\class-rest-api-endpoints.php:162
POST/wp-json/automatik_blog/v1/deactivate-pluginincludes\class-rest-api-endpoints.php:169
DELETE/wp-json/automatik_blog/v1/delete-pluginincludes\class-rest-api-endpoints.php:176
POST/wp-json/automatik_blog/v1/install-pluginincludes\class-rest-api-endpoints.php:183
POST/wp-json/automatik_blog/v1/activate-pluginincludes\class-rest-api-endpoints.php:190
POST/wp-json/automatik_blog/v1/create-webstoryincludes\class-rest-api-endpoints.php:197
WordPress Hooks 13
actionplugins_loadedautomatik-blog.php:76
actioninitautomatik-blog.php:81
filterwpseo_sitemap_post_typesautomatik-blog.php:83
actioninitautomatik-blog.php:92
filterrank_math/sitemap/post_typesautomatik-blog.php:94
actioninitautomatik-blog.php:103
filteraioseop_sitemap_excluded_post_typesautomatik-blog.php:105
actionadmin_menuincludes\class-plugin-settings.php:12
actionadmin_enqueue_scriptsincludes\class-plugin-settings.php:15
actionrest_api_initincludes\class-rest-api-endpoints.php:12
filterbig_image_size_thresholdincludes\class-rest-api-endpoints.php:1876
actioninitincludes\class-webstories.php:16
filtertemplate_includeincludes\class-webstories.php:19
Maintenance & Trust

Automatik Blog Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedMar 2, 2025
PHP min version7.0
Downloads4K

Community Trust

Rating100/100
Number of ratings1
Active installs1K
Alternatives

Automatik Blog Alternatives

Media Library Assistant

Media Library Assistant

media-library-assistant

B
76

Enhances the Media Library; powerful gallery and list shortcodes, full taxonomy support, IPTC/EXIF/XMP/PDF processing, bulk/quick edit.

70K 26 CVEs
Categories Images

Categories Images

categories-images

A
100

The Categories Images is a Wordpress plugin allow you to add image to category, tag or custom taxonomy.

50K No CVEs
AI WP Writer – SEO content generator, chatGPT, Gemini

AI WP Writer – SEO content generator, chatGPT, Gemini

ai-wp-writer

A
99

Create high-quality SEO articles and AI images. Auto-fill website. Generate, rewrite and translate with AI. Powered by Gemini, GPT-5, NanoBanana, FLUX

3K 2 CVEs
Category Featured Images

Category Featured Images

category-featured-images

C
63

Set a featured image for all the posts of a category.

700 1 unpatched
New Recent Posts Select Categories By Thao Marky

New Recent Posts Select Categories By Thao Marky

new-recent-posts-select-categories-by-thao-marky

A
92

Display Recent Posts in your Website with images thumbnail of the Contents.

700 No CVEs
Developer Profile

Automatik Blog Developer Profile

Automatik Blog

1 plugin · 1K total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Automatik Blog

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/automatik-blog/assets/css/admin-styles.css
Version Parameters
automatik-blog/assets/css/admin-styles.css?ver=

HTML / DOM Fingerprints

CSS Classes
automatik_blog-admin-wrapper
Data Attributes
target="_blank"
REST Endpoints
/automatik_blog/v1/publish-article/automatik_blog/v1/install-theme/automatik_blog/v1/activate-theme/automatik_blog/v1/update-article/automatik_blog/v1/create-menu
FAQ

Frequently Asked Questions about Automatik Blog