Does Bruce Clay SEO WP have any unpatched vulnerabilities?

No. All known vulnerabilities in Bruce Clay SEO WP have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Bruce Clay SEO WP compatible with WordPress 5.5.18?

According to WordPress.org data, Bruce Clay SEO WP 0.8.0 has been tested up to WordPress 5.5.18. Check the plugin's changelog for the latest compatibility information.

Is Bruce Clay SEO WP compatible with PHP 5.6+?

Bruce Clay SEO WP requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Bruce Clay SEO WP updated?

Bruce Clay SEO WP was last updated on Sep 9, 2020. Frequent updates are generally a positive security signal.

What is Bruce Clay SEO WP's security score?

Bruce Clay SEO WP has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Bruce Clay SEO WP Security & Risk Analysis

wordpress.org/plugins/bruce-clay-seo

Next-level SEO plugin! Get on-page guidance per keyword based on analysis of top competitors. See analytics in the WP dashboard.

10 active installs v0.8.0 PHP 5.6+ WP 4.5+ Updated Sep 9, 2020

content-analysisgoogle-analyticsgoogle-search-consolereadabilityseo

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Bruce Clay SEO WP Safe to Use in 2026?

Generally Safe

Score 85/100

Bruce Clay SEO WP has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The 'bruce-clay-seo' plugin v0.8.0 exhibits a mixed security posture. While it demonstrates good practices by exclusively using prepared statements for SQL queries and having no known vulnerabilities, several concerning aspects are present in the static analysis. The most significant weakness lies in its attack surface, with 2 AJAX handlers, both of which lack authentication checks. This opens the door to potential unauthorized actions if these handlers are exploitable. Furthermore, a very low percentage (4%) of output escaping indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities across numerous output points.

Taint analysis shows a moderate concern with 3 flows having unsanitized paths, though thankfully no critical or high severity issues were found. The presence of file operations and external HTTP requests, while not inherently insecure, warrants careful review in conjunction with the other identified risks. The plugin's history of no known vulnerabilities is a positive indicator, but it does not negate the risks identified in the current version's code. The limited total entry points are a strength, but the lack of protection on these is a significant concern. Overall, the plugin has strengths in its SQL handling and vulnerability history, but the unauthenticated AJAX actions and poor output escaping present notable risks that require immediate attention.

Key Concerns

AJAX handlers without auth checks
Low percentage of properly escaped output
Flows with unsanitized paths

Vulnerabilities

None known

Bruce Clay SEO WP Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Bruce Clay SEO WP Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

257

12 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

4% escaped269 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

5 flows3 with unsanitized paths

big_table_page (src\class-seotoolset-admin-menu.php:200)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Bruce Clay SEO WP Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_save_meta_descriptionsrc\class-seotoolset.php:231

authwp_ajax_seotoolset_apiRequestsrc\class-seotoolsetapi.php:217

WordPress Hooks 22

actionadmin_noticesseotoolset.php:100

actionadmin_noticesseotoolset.php:119

actionadmin_enqueue_scriptsseotoolset.php:148

filterpostbox_classes_dashboard_seotoolset_dashboard_widgetsrc\class-seotoolset-admin-meta-boxes.php:101

filterpostbox_classes_page_seotoolset_post_widgetsrc\class-seotoolset-admin-meta-boxes.php:170

actioninitsrc\class-seotoolset.php:222

actionwp_headsrc\class-seotoolset.php:223

actionwp_footersrc\class-seotoolset.php:224

filterwp_titlesrc\class-seotoolset.php:226

filterdocument_title_partssrc\class-seotoolset.php:227

filterget_canonical_urlsrc\class-seotoolset.php:228

actionsave_postsrc\class-seotoolset.php:230

actionadmin_initsrc\class-seotoolset.php:235

actionadmin_body_classsrc\class-seotoolset.php:236

actionadmin_menusrc\class-seotoolset.php:237

actionadmin_enqueue_scriptssrc\class-seotoolset.php:238

actionwp_dashboard_setupsrc\class-seotoolset.php:241

actionadd_meta_boxessrc\class-seotoolset.php:242

actionsave_postsrc\class-seotoolset.php:245

actionsave_postsrc\class-seotoolset.php:246

actionmce_csssrc\class-seotoolset.php:249

actionsave_postsrc\class-seotoolset.php:444

Maintenance & Trust

Bruce Clay SEO WP Maintenance & Trust

Maintenance Signals

WordPress version tested5.5.18

Last updatedSep 9, 2020

PHP min version5.6

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Bruce Clay SEO WP Alternatives

Yoast SEO – Advanced SEO with real-time guidance and built-in AI

wordpress-seo

Improve your SEO with real-time feedback, schema, and clear guidance. Upgrade for AI tools, Google Docs integration, and 24/7 support, no hidden fees.

10.0M 17 CVEs