AZEXO Advertising Analytics Security & Risk Analysis
wordpress.org/plugins/azexo-advertising-analyticsThis plugin collects data from CRM-system, advertising platforms and your website. With this data it generate reports on key business indexes.
Is AZEXO Advertising Analytics Safe to Use in 2026?
Generally Safe
Score 85/100AZEXO Advertising Analytics has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "azexo-advertising-analytics" v1.27.3 plugin exhibits significant security concerns despite a clean vulnerability history. The static analysis reveals a large attack surface with 20 AJAX handlers lacking authentication checks, posing a substantial risk of unauthorized actions. While there are no known CVEs, this absence might indicate a lack of rigorous historical security auditing rather than inherent security. The code's reliance on raw SQL queries (only 2% using prepared statements) combined with multiple taint flows identified as having unsanitized paths (specifically 2 high-severity flows) points to potential vulnerabilities like SQL injection or data leakage. The limited use of nonce and capability checks further exacerbates the risk posed by the unprotected AJAX endpoints. The plugin does demonstrate strengths in output escaping (79% properly escaped) and avoids file operations and external HTTP requests, which are positive indicators. However, the numerous unprotected entry points and the presence of high-severity taint flows are critical weaknesses that overshadow these strengths, indicating a need for immediate attention and remediation.
Key Concerns
- AJAX handlers without auth checks
- High severity taint flows with unsanitized paths
- Low percentage of SQL prepared statements
- Limited nonce checks
- Limited capability checks
AZEXO Advertising Analytics Security Vulnerabilities
AZEXO Advertising Analytics Release Timeline
AZEXO Advertising Analytics Code Analysis
Bundled Libraries
SQL Query Safety
Output Escaping
Data Flow Analysis
AZEXO Advertising Analytics Attack Surface
AJAX Handlers 20
Shortcodes 2
WordPress Hooks 40
Scheduled Events 1
Maintenance & Trust
AZEXO Advertising Analytics Maintenance & Trust
Maintenance Signals
Community Trust
AZEXO Advertising Analytics Alternatives
SlimStat Analytics
wp-slimstat
The leading web analytics plugin for WordPress
Analytics by BestWebSoft – Google Analytics Dashboard and Statistic Plugin for WordPress
bws-google-analytics
Add Google Analytics code to WordPress website and track basic stats.
Advanced Reporting & Statistics for WooCommerce – Orders, Products & Customers Reporting
webd-woocommerce-advanced-reporting-statistics
A comprehensive WordPress Plugin for Advanced WooCommerce Reporting, Product Sales Report, Statistics, Analytics & Forecasting Tool for Orders, Pr …
Traffic
traffic
Full featured monitoring & analytics for WordPress APIs.
graphical statistics report
graphical-statistics-report
This plugin will display the graphical report for admin about post count, user registration, comments posted activity.
AZEXO Advertising Analytics Developer Profile
12 plugins · 150 total installs
How We Detect AZEXO Advertising Analytics
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/azexo-advertising-analytics/assets/css/aza-report.css/wp-content/plugins/azexo-advertising-analytics/assets/js/aza-report.js/wp-content/plugins/azexo-advertising-analytics/assets/js/aza-campaign.js/wp-content/plugins/azexo-advertising-analytics/assets/js/aza-chart.js/wp-content/plugins/azexo-advertising-analytics/assets/js/aza-datepicker.js/wp-content/plugins/azexo-advertising-analytics/assets/js/aza-modal.js/wp-content/plugins/azexo-advertising-analytics/assets/js/aza-settings.js/wp-content/plugins/azexo-advertising-analytics/assets/js/aza-visit.js+1 more/wp-content/plugins/azexo-advertising-analytics/aza-report.phpazexo-advertising-analytics/assets/css/aza-report.css?ver=azexo-advertising-analytics/assets/js/aza-report.js?ver=azexo-advertising-analytics/assets/js/aza-campaign.js?ver=azexo-advertising-analytics/assets/js/aza-chart.js?ver=azexo-advertising-analytics/assets/js/aza-datepicker.js?ver=azexo-advertising-analytics/assets/js/aza-modal.js?ver=azexo-advertising-analytics/assets/js/aza-settings.js?ver=azexo-advertising-analytics/assets/js/aza-visit.js?ver=azexo-advertising-analytics/assets/js/aza-lead.js?ver=HTML / DOM Fingerprints
aza-report-widgetaza-campaign-widgetaza-chart-widgetaza-datepicker-widgetaza-modal-widgetaza-settings-widgetaza-visit-widgetaza-lead-widgetdata-aza-idwindow.azavar aza/wp-json/aza/v1/lead/get/wp-json/aza/v1/lead/create/wp-json/aza/v1/lead/update/wp-json/aza/v1/lead/delete/wp-json/aza/v1/visit/get/wp-json/aza/v1/visit/create/wp-json/aza/v1/visit/update/wp-json/aza/v1/visit/delete/wp-json/aza/v1/campaign/get/wp-json/aza/v1/campaign/create/wp-json/aza/v1/campaign/update/wp-json/aza/v1/campaign/delete/wp-json/aza/v1/target/get/wp-json/aza/v1/target/create/wp-json/aza/v1/target/update/wp-json/aza/v1/target/delete/wp-json/aza/v1/settings/get/wp-json/aza/v1/settings/update/wp-json/aza/v1/promo_code/get/wp-json/aza/v1/promo_code/create/wp-json/aza/v1/promo_code/update/wp-json/aza/v1/promo_code/delete[aza_report][aza_campaign][aza_visit][aza_lead]