Does AutoPost AI have any unpatched vulnerabilities?

No. All known vulnerabilities in AutoPost AI have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is AutoPost AI compatible with WordPress 6.9.4?

According to WordPress.org data, AutoPost AI 1.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is AutoPost AI compatible with PHP 7.4+?

AutoPost AI requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is AutoPost AI updated?

AutoPost AI was last updated on Dec 14, 2025. Frequent updates are generally a positive security signal.

What is AutoPost AI's security score?

AutoPost AI has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

AutoPost AI Security & Risk Analysis

wordpress.org/plugins/autopost-ai

Generate and refine blog posts with AI. Pick a category, get topic ideas, queue SEO-optimized posts with images, and schedule creation in WordPress.

300 active installs v1.2 PHP 7.4+ WP 6.0+ Updated Dec 14, 2025

ai-contentblog-automationblog-post-aichatgptpost-generation

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is AutoPost AI Safe to Use in 2026?

Generally Safe

Score 100/100

AutoPost AI has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The "autopost-ai" v1.2 plugin exhibits a strong security posture based on the provided static analysis. A significant strength is the complete absence of dangerous functions, raw SQL queries, and unsanitized output. All identified SQL queries utilize prepared statements, and all output is properly escaped, mitigating common injection and Cross-Site Scripting (XSS) vulnerabilities. Furthermore, the plugin demonstrates robust authentication and authorization practices with 100% of its 9 AJAX entry points protected by nonce and capability checks. The lack of known CVEs and vulnerability history is a positive indicator of its security development and maintenance.

However, a minor concern lies in the presence of 6 external HTTP requests, which could potentially introduce risks if the remote endpoints are compromised or if the data sent is not properly validated. While no critical or high-severity taint flows were identified, this aspect warrants continued vigilance. The absence of shortcodes and REST API routes simplifies the attack surface. Overall, the plugin is well-secured with strong development practices, but the external HTTP requests are the only area requiring a degree of caution.

Key Concerns

External HTTP requests

Vulnerabilities

None known

AutoPost AI Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

AutoPost AI Code Analysis

Dangerous Functions

Raw SQL Queries

13 prepared

Unescaped Output

74 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared13 total queries

Output Escaping

100% escaped74 total outputs

Data Flows

All sanitized

Data Flow Analysis

5 flows

handle_form_submissions (includes\class-autopostai-admin.php:54)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

AutoPost AI Attack Surface

Entry Points9

Unprotected0

AJAX Handlers 9

authwp_ajax_autopost_ai_get_topicsincludes\class-autopostai-ajax.php:243

authwp_ajax_autopost_ai_save_queueincludes\class-autopostai-ajax.php:337

authwp_ajax_autopost_ai_save_post_settingsincludes\class-autopostai-ajax.php:388

authwp_ajax_autopost_ai_save_api_keyincludes\class-autopostai-ajax.php:420

authwp_ajax_autopost_ai_save_promptincludes\class-autopostai-ajax.php:435

authwp_ajax_autopost_ai_load_queue_entriesincludes\class-autopostai-ajax.php:450

authwp_ajax_autopost_ai_load_created_postsincludes\class-autopostai-ajax.php:562

authwp_ajax_autopost_ai_create_post_nowincludes\class-autopostai-ajax.php:658

authwp_ajax_autopost_ai_delete_topicincludes\class-autopostai-ajax.php:820

WordPress Hooks 11

filtercron_schedulesautopost-ai.php:26

actionadmin_initautopost-ai.php:74

actionplugins_loadedautopost-ai.php:93

actionadmin_noticesautopost-ai.php:107

actionadmin_menuincludes\class-autopostai-admin.php:7

actionadmin_enqueue_scriptsincludes\class-autopostai-admin.php:8

actionadmin_initincludes\class-autopostai-admin.php:9

actionwp_enqueue_scriptsincludes\class-autopostai-admin.php:10

filtercron_schedulesincludes\class-autopostai-cron.php:7

actioninitincludes\class-autopostai-cron.php:59

actionautopost_ai_cron_hookincludes\class-autopostai-cron.php:60

Scheduled Events 1

autopost_ai_cron_hook

Maintenance & Trust

AutoPost AI Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 14, 2025

PHP min version7.4

Downloads790

Community Trust

Rating100/100

Number of ratings1

Active installs300

Alternatives

AutoPost AI Alternatives

MP AI Content Generator

mp-ai-content-generator

100

Seamlessly generate AI-powered content in your WordPress editor using Google Gemini or OpenAI's ChatGPT with a simple prompt.

20 No CVEs

ContentBot AI Writer (ChatGPT, GPT4)

content-bot

Get ideas, inspiration, and content in a few clicks with our AI Writer. All content is unique and original. Simply tweak it and go.

600 1 unpatched

ClearPost – AI Blog Post Generator & Automated SEO Content Writer for WordPress

clearpost-simple-ai-auto-post

100

Automatically generate and publish SEO-optimized blog posts with AI. Your automated blog content engine for WordPress. Free forever, premium autopilot …

10 No CVEs

Maika Genius — AI Content & Chatbot with ChatGPT and Gemini for WooCommerce

maika-genius

100

Maika Genius is your one-stop solution for using the power of AI to supercharge your WooCommerce shop, boost your sales, and free up your time.

10 No CVEs

Insya Magic — AI Content Generator for ChatGPT, Claude and Gemini

newsletter-page-redirects

Generate SEO-optimized content with AI. Multi-provider support (OpenAI, Anthropic, Google), templates, image generation & WooCommerce integration.

10 1 CVE

Developer Profile

AutoPost AI Developer Profile

Guru Plugins

8 plugins · 320 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect AutoPost AI

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/autopost-ai/assets/admin.css/wp-content/plugins/autopost-ai/assets/admin.js

Script Paths

/wp-content/plugins/autopost-ai/assets/admin.js

Version Parameters

autopost-ai/assets/admin.css?ver=autopost-ai/assets/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

autopost-ai-admin-formautopost-ai-dashboard-widgetautopost-ai-settings-section

HTML Comments

Data Attributes

data-autopostai-post-iddata-autopostai-action

JS Globals

AutoPostAI

REST Endpoints

/wp-json/autopost-ai/v1/generate_post/wp-json/autopost-ai/v1/get_topics

Shortcode Output

[autopost_ai_form][autopost_ai_topics]

FAQ