Does AyeCode Connect have any unpatched vulnerabilities?

No. All known vulnerabilities in AyeCode Connect have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is AyeCode Connect compatible with WordPress 6.9.4?

According to WordPress.org data, AyeCode Connect 1.4.15 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is AyeCode Connect compatible with PHP 5.6+?

AyeCode Connect requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is AyeCode Connect updated?

AyeCode Connect was last updated on Jan 22, 2026. Frequent updates are generally a positive security signal.

What is AyeCode Connect's security score?

AyeCode Connect has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

AyeCode Connect Security & Risk Analysis

wordpress.org/plugins/ayecode-connect

Use this service plugin to easily activate any of our products, open a support ticket and view documentation all from your wp-admin!

10K active installs v1.4.15 PHP 5.6+ WP 5.0+ Updated Jan 22, 2026

ayecodegeodirectorygetpaidserviceuserswp

A · Safe

CVEs total1

Unpatched0

Last CVEDec 30, 2024

Plugin page Download

Safety Verdict

Is AyeCode Connect Safe to Use in 2026?

Generally Safe

Score 99/100

AyeCode Connect has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Dec 30, 2024Updated 2mo ago

Risk Assessment

The "ayecode-connect" v1.4.15 plugin exhibits a mixed security posture. While it demonstrates good practices like a high percentage of prepared SQL statements and proper output escaping, there are notable areas of concern. The presence of two unprotected AJAX handlers represents a significant attack surface, as these entry points could be exploited without proper authentication, potentially leading to unauthorized actions or data compromise. The taint analysis, though showing no critical or high severity flows, did identify several flows with unsanitized paths, which, in conjunction with the unprotected AJAX handlers, warrants careful investigation for potential vulnerabilities. The plugin's vulnerability history, while currently showing no unpatched CVEs, does include a past medium severity vulnerability, which was also related to missing authorization. This pattern suggests a recurring weakness in how the plugin handles user permissions for certain actions. In conclusion, the plugin has strengths in its secure coding practices for common areas like SQL and output handling, but the unprotected entry points and historical authorization issues present a clear risk that needs to be addressed.

Key Concerns

Unprotected AJAX handlers
Flows with unsanitized paths (Taint Analysis)
Past medium severity vulnerability (Missing Authorization)

Vulnerabilities

AyeCode Connect Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-56255medium · 4.3Missing Authorization

AyeCode Connect <= 1.3.8 - Missing Authorization

Dec 30, 2024 Patched in 1.3.9 (10d)

Code Analysis

Analyzed Mar 16, 2026

AyeCode Connect Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

208 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

86% prepared7 total queries

Output Escaping

80% escaped260 total outputs

Data Flows

6 unsanitized

Data Flow Analysis

7 flows6 with unsanitized paths

demo_site_redirect (includes\class-ayecode-connect.php:203)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

AyeCode Connect Attack Surface

Entry Points12

Unprotected2

AJAX Handlers 12

authwp_ajax_ayecode_connect_updatesincludes\class-ayecode-connect-settings.php:93

authwp_ajax_ayecode_connect_disconnectincludes\class-ayecode-connect-settings.php:94

authwp_ajax_ayecode_connect_licencesincludes\class-ayecode-connect-settings.php:98

authwp_ajax_ayecode_connect_supportincludes\class-ayecode-connect-settings.php:99

authwp_ajax_ayecode_connect_support_userincludes\class-ayecode-connect-settings.php:100

authwp_ajax_ayecode_connect_install_must_use_pluginincludes\class-ayecode-connect-settings.php:104

authwp_ajax_ayecode_connect_check_connectionincludes\class-ayecode-connect-settings.php:108

authwp_ajax_ayecode_connect_clear_licensesincludes\class-ayecode-connect-settings.php:112

authwp_ajax_ayecode_connect_verify_turnstile_keysincludes\class-ayecode-connect-turnstile.php:82

authwp_ajax_uwp_fep_post_submitincludes\class-ayecode-connect-turnstile.php:184

noprivwp_ajax_uwp_fep_post_submitincludes\class-ayecode-connect-turnstile.php:185

authwp_ajax_ayecode_connect_demo_contentincludes\class-ayecode-demo-content.php:89

WordPress Hooks 65

actionplugins_loadedayecode-connect.php:33

actionayecode_connect_sync_licensesayecode-connect.php:150

actionactivated_pluginayecode-connect.php:170

actionadmin_menuincludes\class-ayecode-connect-settings.php:87

actionsetup_themeincludes\class-ayecode-connect-support.php:86

actionsetup_themeincludes\class-ayecode-connect-support.php:87

actionadmin_footerincludes\class-ayecode-connect-support.php:106

actionadmin_menuincludes\class-ayecode-connect-turnstile-settings.php:46

actionadmin_initincludes\class-ayecode-connect-turnstile-settings.php:47

actionadmin_footerincludes\class-ayecode-connect-turnstile-settings.php:592

actionayecode_verify_turnstile_form_fieldsincludes\class-ayecode-connect-turnstile.php:81

actionadmin_footerincludes\class-ayecode-connect-turnstile.php:88

actionlogin_formincludes\class-ayecode-connect-turnstile.php:92

filterauthenticateincludes\class-ayecode-connect-turnstile.php:93

actionlostpassword_formincludes\class-ayecode-connect-turnstile.php:99

actionlostpassword_postincludes\class-ayecode-connect-turnstile.php:100

actionregister_formincludes\class-ayecode-connect-turnstile.php:105

filterregistration_errorsincludes\class-ayecode-connect-turnstile.php:106

actioncomment_form_submit_buttonincludes\class-ayecode-connect-turnstile.php:111

actionpre_comment_on_postincludes\class-ayecode-connect-turnstile.php:112

actiongeodir_after_main_form_fieldsincludes\class-ayecode-connect-turnstile.php:125

filtergeodir_validate_ajax_save_post_dataincludes\class-ayecode-connect-turnstile.php:130

actiongeodir_report_post_form_after_fieldsincludes\class-ayecode-connect-turnstile.php:135

actiongeodir_report_post_validate_dataincludes\class-ayecode-connect-turnstile.php:136

actiongeodir_claim_post_form_after_fieldsincludes\class-ayecode-connect-turnstile.php:141

filtergeodir_validate_ajax_claim_listing_dataincludes\class-ayecode-connect-turnstile.php:142

actionuwp_template_fieldsincludes\class-ayecode-connect-turnstile.php:150

filteruwp_validate_resultincludes\class-ayecode-connect-turnstile.php:151

actionuwp_mailerlite_subscribe_fieldsincludes\class-ayecode-connect-turnstile.php:154

actionuwp_mailerlite_form_validateincludes\class-ayecode-connect-turnstile.php:155

actionuwp_mailchimp_subscribe_fieldsincludes\class-ayecode-connect-turnstile.php:159

actionuwp_mailchimp_form_validateincludes\class-ayecode-connect-turnstile.php:160

actionuwp_mailpoet_subscribe_fieldsincludes\class-ayecode-connect-turnstile.php:164

actionuwp_mailpoet_form_validateincludes\class-ayecode-connect-turnstile.php:165

actionuwp_activecampaign_subscribe_fieldsincludes\class-ayecode-connect-turnstile.php:169

actionuwp_activecampaign_form_validateincludes\class-ayecode-connect-turnstile.php:170

actionuwp_brevo_subscribe_fieldsincludes\class-ayecode-connect-turnstile.php:174

actionuwp_brevo_form_validateincludes\class-ayecode-connect-turnstile.php:175

actionuwp_frontend_post_after_form_fieldsincludes\class-ayecode-connect-turnstile.php:180

filtergetpaid_before_payment_form_pay_buttonincludes\class-ayecode-connect-turnstile.php:190

actiongetpaid_checkout_error_checksincludes\class-ayecode-connect-turnstile.php:191

filtergeodir_ppl_contact_form_captcha_inputincludes\class-ayecode-connect-turnstile.php:200

actiongeodir_ppl_contact_block_form_captcha_validincludes\class-ayecode-connect-turnstile.php:204

filterblockstrap_blocks_contact_form_captcha_inputincludes\class-ayecode-connect-turnstile.php:212

actionblockstrap_blocks_contact_form_captcha_validincludes\class-ayecode-connect-turnstile.php:216

actionadmin_footerincludes\class-ayecode-connect-turnstile.php:224

actionlogin_footerincludes\class-ayecode-connect-turnstile.php:229

actionlogin_footerincludes\class-ayecode-connect-turnstile.php:230

actionwp_footerincludes\class-ayecode-connect-turnstile.php:232

actionrest_api_initincludes\class-ayecode-connect.php:104

actionedd_api_button_argsincludes\class-ayecode-connect.php:105

actionadmin_initincludes\class-ayecode-connect.php:106

filterupgrader_post_installincludes\class-ayecode-connect.php:107

actionadmin_noticesincludes\class-ayecode-connect.php:126

actionrest_api_initincludes\class-ayecode-connect.php:130

actioninitincludes\class-ayecode-connect.php:131

actionadmin_noticesincludes\class-ayecode-connect.php:132

actionrest_api_initincludes\class-ayecode-connect.php:137

actionwidgets_initincludes\class-ayecode-connect.php:140

actionenqueue_block_editor_assetsincludes\class-ayecode-connect.php:141

filteraui_screen_idsincludes\class-ayecode-connect.php:145

actioncurrent_screenincludes\class-ayecode-connect.php:148

actionadmin_menuincludes\class-ayecode-demo-content.php:80

actioninitincludes\class-ayecode-demo-content.php:86

filterwp_redirectincludes\class-ayecode-demo-content.php:108

Scheduled Events 2

ayecode_connect_sync_licenses

geodir_flush_rewrite_rules

Maintenance & Trust

AyeCode Connect Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 22, 2026

PHP min version5.6

Downloads449K

Community Trust

Rating100/100

Number of ratings3

Active installs10K

Alternatives

AyeCode Connect Alternatives

WP Ultimate Review

wp-ultimate-review

WP Ultimate Review is the perfect plugin to collect & display customers' feedback effortlessly on products, services, & content in WordPress.

70K 8 CVEs

PWA

pwa

100

WordPress feature plugin to bring Progressive Web App (PWA) capabilities to Core

20K No CVEs

IMPress for IDX Broker

idx-broker-platinum

IMPress for IDX Broker is now the IMPress family of plugins all-in-one. IMPress Listings and IMPress Agents have been consolidated with this already p …

7K 5 CVEs

Easy Accept Payments via PayPal

wordpress-easy-paypal-payment-or-donation-accept-plugin

Easy to use Wordpress plugin to accept PayPal payments for a service or product or donation in one click

7K 2 CVEs

Amazon Web Services

amazon-web-services

Houses the Amazon Web Services (AWS) PHP SDK v2 libraries and manages access keys.

6K No CVEs

Developer Profile

AyeCode Connect Developer Profile

Stiofan

12 plugins · 90K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

191 days

View full developer profile

Detection Fingerprints

How We Detect AyeCode Connect

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ayecode-connect/assets/css/dist/main.css/wp-content/plugins/ayecode-connect/assets/js/dist/main.js

Script Paths

/wp-content/plugins/ayecode-connect/assets/js/dist/main.js

Version Parameters

ayecode-connect/assets/css/dist/main.css?ver=ayecode-connect/assets/js/dist/main.js?ver=

HTML / DOM Fingerprints

CSS Classes

ayecode-connect-wrapayecode-connect-admin

Data Attributes

data-ayecode-connect-ajax-url

JS Globals

ayecode_connect_ajax_obj

REST Endpoints

/wp-json/ayecode-connect/v1/updates

FAQ