Does BotSubmit have any unpatched vulnerabilities?

No. All known vulnerabilities in BotSubmit have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is BotSubmit compatible with WordPress 6.9.4?

According to WordPress.org data, BotSubmit 1.3.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is BotSubmit compatible with PHP 7.2+?

BotSubmit requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is BotSubmit updated?

BotSubmit was last updated on Feb 18, 2026. Frequent updates are generally a positive security signal.

What is BotSubmit's security score?

BotSubmit has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

BotSubmit Security & Risk Analysis

wordpress.org/plugins/botsubmit

Submit URLs to IndexNow (free) and paid indexing services for faster search engine indexing.

30 active installs v1.3.1 PHP 7.2+ WP 5.0+ Updated Feb 18, 2026

googleindexingindexnowseoyandex

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is BotSubmit Safe to Use in 2026?

Generally Safe

Score 100/100

BotSubmit has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The botsubmit v1.3.1 plugin exhibits a generally good security posture based on the provided static analysis. The complete absence of output escaping vulnerabilities and a high percentage of prepared statements for SQL queries are significant strengths. Furthermore, the lack of any recorded historical CVEs or known vulnerability types suggests a history of secure development practices. The plugin also demonstrates good use of nonces and capability checks on its entry points, which are crucial for preventing common WordPress attacks.

However, a notable concern arises from the taint analysis, which revealed 5 flows with unsanitized paths out of a total of 7 analyzed. While no critical or high-severity taint issues were identified, this indicates potential weaknesses where external input might not be sufficiently validated or sanitized, potentially leading to unexpected behavior or, in more severe cases, vulnerabilities like cross-site scripting (XSS) or file inclusion if not handled properly downstream. The existence of 8 external HTTP requests also warrants a cautious approach, as these can be vectors for supply chain attacks if the external services are compromised.

In conclusion, botsubmit v1.3.1 appears to be a relatively secure plugin, particularly in its handling of output and database interactions. The primary area of concern is the significant number of unsanitized paths identified in the taint analysis, which, despite not currently manifesting as critical vulnerabilities, represents an area that requires careful review and potential remediation to ensure robust security. The limited attack surface and strong authentication checks on entry points are positive indicators.

Key Concerns

Flows with unsanitized paths detected
External HTTP requests made

Vulnerabilities

None known

BotSubmit Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

BotSubmit Code Analysis

Dangerous Functions

Raw SQL Queries

50 prepared

Unescaped Output

147 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

76% prepared66 total queries

Output Escaping

100% escaped147 total outputs

Data Flows

5 unsanitized

Data Flow Analysis

7 flows5 with unsanitized paths

bulk_action_admin_notice (botsubmit.php:2369)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

BotSubmit Attack Surface

Entry Points4

Unprotected0

AJAX Handlers 4

authwp_ajax_botsubmit_resend_urlbotsubmit.php:126

authwp_ajax_botsubmit_send_queue_itembotsubmit.php:129

authwp_ajax_botsubmit_export_settingsbotsubmit.php:132

authwp_ajax_botsubmit_import_settingsbotsubmit.php:133

WordPress Hooks 22

actionadmin_menubotsubmit.php:98

actiontransition_post_statusbotsubmit.php:101

actioncreated_categorybotsubmit.php:104

actionedited_categorybotsubmit.php:105

actioncreated_post_tagbotsubmit.php:106

actionedited_post_tagbotsubmit.php:107

actionpost_updatedbotsubmit.php:112

filterbulk_actions-edit-postbotsubmit.php:115

filterbulk_actions-edit-pagebotsubmit.php:116

filterhandle_bulk_actions-edit-postbotsubmit.php:117

filterhandle_bulk_actions-edit-pagebotsubmit.php:118

actionadmin_initbotsubmit.php:121

actionadmin_noticesbotsubmit.php:123

actionadd_meta_boxesbotsubmit.php:136

actionsave_postbotsubmit.php:137

actionadmin_enqueue_scriptsbotsubmit.php:140

actionbotsubmit_send_url_cronbotsubmit.php:143

actionbotsubmit_process_queuebotsubmit.php:146

filtercron_schedulesbotsubmit.php:147

actioninitbotsubmit.php:150

actionplugins_loadedbotsubmit.php:153

actionplugins_loadedbotsubmit.php:156

Scheduled Events 1

botsubmit_process_queue

Maintenance & Trust

BotSubmit Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 18, 2026

PHP min version7.2

Downloads316

Community Trust

Rating0/100

Number of ratings0

Active installs30

Alternatives

BotSubmit Alternatives

CrawlWP SEO – Instant Search Engine Indexing & SEO Performance Monitor

mihdan-index-now

Improve your WordPress SEO with instant search-engine indexing, SEO insights, and indexing status tracking.

40K 1 CVE

ReCrawler

recrawler

ReCrawler is a small WordPress Plugin for quickly notifying search engines whenever their website content is created, updated, or deleted.

4K No CVEs

Indexing website for Google

2index-page-indexer

100

Easily index your website pages in Google, Yandex, and Bing. 2Index Page Indexer uses the 2index.ninja API.

70 No CVEs

Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization

metasync

Search Atlas SEO is a user-friendly WordPress plugin that simplifies complex and time-consuming SEO tasks into efficient, easy-to-manage processes.

8K 1 unpatched

IndexMeNow

indexmenow

100

Push your URLs to IndexMeNow for fast Google indexation. Supports manual push, bulk push, auto-push on publish/update, sitemap push, and more.

2K No CVEs

Developer Profile

BotSubmit Developer Profile

naumov22

1 plugin · 30 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect BotSubmit

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/botsubmit/assets/css/admin.css/wp-content/plugins/botsubmit/assets/js/admin.js

Script Paths

/wp-content/plugins/botsubmit/assets/js/admin.js

Version Parameters

botsubmit-admin-styles?ver=botsubmit-admin-js?ver=

HTML / DOM Fingerprints

Data Attributes

data-botsubmit-noncedata-botsubmit-sendingdata-botsubmit-resend-nonce

JS Globals

botsubmit_export

FAQ