WP-Safety

Baskerville AI Security Security & Risk Analysis

wordpress.org/plugins/baskerville-ai-security

Advanced WordPress security plugin with AI bot detection, GeoIP access control, and Cloudflare Turnstile integration.

0 active installs v1.0.3 PHP 7.4+ WP 6.2+ Updated Apr 3, 2026
anti-botcaptchafirewallsecurityspam-protection
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Baskerville AI Security Safe to Use in 2026?

Generally Safe

Score 100/100

Baskerville AI Security has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The baskerville-ai-security plugin v1.0.3 exhibits a mixed security posture. On the positive side, it demonstrates good practices with 100% of its SQL queries utilizing prepared statements and a high percentage (99%) of outputs being properly escaped. The presence of numerous nonce and capability checks, along with a clean vulnerability history, are also strong indicators of a security-conscious development approach. However, significant concerns arise from its attack surface. Three out of a total of nine entry points (AJAX handlers and REST API routes) lack proper authentication or permission checks. This presents a considerable risk, as unauthenticated or improperly authorized access could be exploited. The taint analysis also flagged one high-severity flow with unsanitized paths, which, while not classified as critical, warrants immediate attention as it suggests a potential for data manipulation or unintended behavior.

The absence of any recorded vulnerabilities in its history is a positive sign, suggesting the plugin has been relatively robust. However, this must be weighed against the identified weaknesses in the current code. The presence of the `unserialize` function, while not directly linked to a vulnerability in the provided data, is inherently risky as it can lead to object injection if used with untrusted input. The plugin's overall risk profile is moderate, with strengths in core security practices offset by specific, high-impact weaknesses in its exposed entry points and taint flow.

Key Concerns

  • AJAX handlers without auth checks
  • REST API routes without permission callbacks
  • High severity taint flow with unsanitized paths
  • Use of dangerous unserialize function
Vulnerabilities
None known

Baskerville AI Security Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Baskerville AI Security Release Timeline

v1.0.3Current
v1.0.2
Code Analysis
Analyzed Apr 16, 2026

Baskerville AI Security Code Analysis

Dangerous Functions
3
Raw SQL Queries
0
132 prepared
Unescaped Output
14
1376 escaped
Nonce Checks
12
Capability Checks
9
File Operations
15
External Requests
5
Bundled Libraries
1

Dangerous Functions Found

unserialize$data = @unserialize($raw);includes/class-baskerville-core.php:249
unserialize$data= @unserialize($raw);includes/class-baskerville-core.php:270
unserialize$data = @unserialize($raw);includes/class-baskerville-core.php:319

Bundled Libraries

Select2

SQL Query Safety

100% prepared132 total queries

Output Escaping

99% escaped1390 total outputs
Data Flows · Security
5 unsanitized

Data Flow Analysis

15 flows5 with unsanitized paths
render_traffic_tab (admin/class-baskerville-admin.php:2148)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Baskerville AI Security Attack Surface

Entry Points9
Unprotected3

AJAX Handlers 8

authwp_ajax_baskerville_install_maxmindadmin/class-baskerville-admin.php:20
authwp_ajax_baskerville_update_deflect_geoipadmin/class-baskerville-admin.php:21
authwp_ajax_baskerville_clear_geoip_cacheadmin/class-baskerville-admin.php:22
authwp_ajax_baskerville_run_benchmarkadmin/class-baskerville-admin.php:23
authwp_ajax_baskerville_get_live_feedadmin/class-baskerville-admin.php:24
authwp_ajax_baskerville_get_live_statsadmin/class-baskerville-admin.php:25
authwp_ajax_baskerville_import_logsadmin/class-baskerville-admin.php:26
authwp_ajax_baskerville_ip_lookupadmin/class-baskerville-admin.php:27

REST API Routes 1

GET/wp-json/baskerville/v1/fpincludes/class-baskerville-rest.php:21
WordPress Hooks 36
actionadmin_menuadmin/class-baskerville-admin.php:16
actionadmin_enqueue_scriptsadmin/class-baskerville-admin.php:17
actionadmin_initadmin/class-baskerville-admin.php:18
actionadmin_noticesadmin/class-baskerville-admin.php:19
actionadmin_enqueue_scriptsadmin/class-baskerville-admin.php:28
filtercron_schedulesbaskerville-ai-security.php:37
actionplugins_loadedbaskerville-ai-security.php:49
actioninitbaskerville-ai-security.php:65
actioninitbaskerville-ai-security.php:66
actionsend_headersbaskerville-ai-security.php:69
actiontemplate_redirectbaskerville-ai-security.php:72
actionrest_api_initbaskerville-ai-security.php:76
actionbaskerville_cleanup_statsbaskerville-ai-security.php:86
actionbaskerville_cleanup_cachebaskerville-ai-security.php:89
actionbaskerville_process_log_filesbaskerville-ai-security.php:92
actionbaskerville_cleanup_log_filesbaskerville-ai-security.php:95
actionbaskerville_update_deflect_geoipbaskerville-ai-security.php:98
actionwp_enqueue_scriptsincludes/class-baskerville-core.php:20
actionadmin_enqueue_scriptsincludes/class-baskerville-core.php:21
actionwp_enqueue_scriptsincludes/class-baskerville-core.php:51
actioninitincludes/class-baskerville-honeypot.php:29
filterquery_varsincludes/class-baskerville-honeypot.php:32
actionwp_footerincludes/class-baskerville-honeypot.php:35
actiontemplate_redirectincludes/class-baskerville-honeypot.php:38
actioninitincludes/class-baskerville-turnstile.php:53
filterquery_varsincludes/class-baskerville-turnstile.php:54
actiontemplate_redirectincludes/class-baskerville-turnstile.php:55
actionlogin_formincludes/class-baskerville-turnstile.php:62
actionlogin_enqueue_scriptsincludes/class-baskerville-turnstile.php:63
filterauthenticateincludes/class-baskerville-turnstile.php:64
actionregister_formincludes/class-baskerville-turnstile.php:67
filterregistration_errorsincludes/class-baskerville-turnstile.php:68
actioncomment_form_after_fieldsincludes/class-baskerville-turnstile.php:71
actioncomment_form_logged_in_afterincludes/class-baskerville-turnstile.php:72
filterpreprocess_commentincludes/class-baskerville-turnstile.php:73
actionwp_enqueue_scriptsincludes/class-baskerville-turnstile.php:76

Scheduled Events 5

baskerville_cleanup_stats
baskerville_cleanup_cache
baskerville_process_log_files
baskerville_cleanup_log_files
baskerville_update_deflect_geoip
Maintenance & Trust

Baskerville AI Security Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 3, 2026
PHP min version7.4
Downloads221

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Baskerville AI Security Alternatives

Captcha by BestWebSoft – Advanced Spam Protection, Math & OCR-Friendly Captcha for Site Forms

Captcha by BestWebSoft – Advanced Spam Protection, Math & OCR-Friendly Captcha for Site Forms

captcha-bws

A
99

1 The Ultimate Spam Protection Plugin Using Captcha for WordPress Forms.

10K 2 CVEs
BotBlocker Security – Firewall & Bot Protection

BotBlocker Security – Firewall & Bot Protection

botblocker-security

A
100

Protect your WordPress site: firewall, bot & brute-force protection, anti-spam, multi-layer CAPTCHA, optional cloud threat intel.

2K No CVEs
Bot Protection with Turnstile

Bot Protection with Turnstile

bot-protection-turnstile

A
100

A lightweight plugin that protects core WordPress forms and selected third‑party plugins from spam and bot attacks using Cloudflare Turnstile CAPTCHA.

80 No CVEs
Captcha Spam Blocker

Captcha Spam Blocker

captcha-spam-blocker

A
100

Enhance your site’s security with dynamic CAPTCHA, blocking spam and bot access on forms. GDPR-compliant.

50 No CVEs
BotFirewall | Stop Spam Bots & Secure Login

BotFirewall | Stop Spam Bots & Secure Login

botfirewall

A
100

BotFirewall is a powerful and modern plugin designed to protect your WordPress site from malicious bots, spam, and DDoS attacks.

20 No CVEs
Developer Profile

Baskerville AI Security Developer Profile

eQualitie

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Baskerville AI Security

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/baskerville-ai-security/assets/css/select2.min.css/wp-content/plugins/baskerville-ai-security/assets/js/select2.min.js/wp-content/plugins/baskerville-ai-security/assets/js/chart.min.js/wp-content/plugins/baskerville-ai-security/assets/js/admin.js/wp-content/plugins/baskerville-ai-security/assets/js/live-feed.js
Version Parameters
baskerville-ai-security/assets/css/select2.min.css?ver=baskerville-ai-security/assets/js/select2.min.js?ver=baskerville-ai-security/assets/js/chart.min.js?ver=baskerville-ai-security/assets/js/admin.js?ver=baskerville-ai-security/assets/js/live-feed.js?ver=

HTML / DOM Fingerprints

JS Globals
baskervilleAdmin
REST Endpoints
/wp-json/baskerville/v1
FAQ

Frequently Asked Questions about Baskerville AI Security