WP-Safety

CiteKit – Citation and Reference Manager Security & Risk Analysis

wordpress.org/plugins/citation-reference-manager

Add citations, footnotes, tooltips, and bibliographies to your WordPress content. Manage all your references in one place and generate automatic APA, …

30 active installs v3.0.0 PHP 7.4+ WP 6.3+ Updated Apr 6, 2026
bibliographyblockscitationsfootnotesreference-manager
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is CiteKit – Citation and Reference Manager Safe to Use in 2026?

Generally Safe

Score 100/100

CiteKit – Citation and Reference Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The citation-reference-manager plugin v1.0.0 exhibits a strong security posture in several key areas. It demonstrates excellent adherence to secure coding practices by utilizing prepared statements for 86% of its SQL queries and ensuring 100% of its outputs are properly escaped. The presence of nonce and capability checks on its entry points, coupled with the absence of dangerous functions, file operations, and external HTTP requests, further contributes to its security. However, the taint analysis reveals two flows with unsanitized paths, which are flagged as high severity. While there is no historical vulnerability data, these taint flows represent a significant area of concern that needs immediate attention. The overall security is good, but the identified high-severity taint flows are a critical weakness that undermines the otherwise robust implementation.

Key Concerns

  • High severity unsanitized paths in taint analysis
  • Moderate percentage of SQL without prepare
Vulnerabilities
None known

CiteKit – Citation and Reference Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

CiteKit – Citation and Reference Manager Release Timeline

v3.0.0Current
v2.0.0
v1.0.0
Code Analysis
Analyzed Mar 16, 2026

CiteKit – Citation and Reference Manager Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
12 prepared
Unescaped Output
0
43 escaped
Nonce Checks
3
Capability Checks
3
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

86% prepared14 total queries

Output Escaping

100% escaped43 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths
ajax_save_row (reference-manager.php:341)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

CiteKit – Citation and Reference Manager Attack Surface

Entry Points5
Unprotected0

AJAX Handlers 2

authwp_ajax_citekit_remove_citereference-manager.php:47
authwp_ajax_citekit_save_rowreference-manager.php:48

Shortcodes 3

[cite] reference-manager.php:52
[tooltip] reference-manager.php:53
[bibliography] reference-manager.php:54
WordPress Hooks 9
actionwp_enqueue_scriptsreference-manager.php:35
actionadmin_enqueue_scriptsreference-manager.php:36
actioncitekit_daily_cleanupreference-manager.php:41
actionsave_postreference-manager.php:43
actionadd_meta_boxesreference-manager.php:44
actionsave_postreference-manager.php:45
actionadmin_menureference-manager.php:50
actionsave_postreference-manager.php:162
actionsave_postreference-manager.php:301

Scheduled Events 1

citekit_daily_cleanup
Maintenance & Trust

CiteKit – Citation and Reference Manager Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 6, 2026
PHP min version7.4
Downloads706

Community Trust

Rating0/100
Number of ratings0
Active installs30
Alternatives

CiteKit – Citation and Reference Manager Alternatives

CM Footnotes – Boost your content’s credibility with footnotes, citations, and bibliography

CM Footnotes – Boost your content’s credibility with footnotes, citations, and bibliography

cm-footnotes

A
100

Add and manage footnotes, citations, and bibliography with this footnotes Plugin. Improve clarity and provide references.

100 No CVEs
Modern Footnotes

Modern Footnotes

modern-footnotes

A
97

Add inline footnotes to your posts. On desktop, the footnotes will appear as tooltips. On mobile, the footnote will expand beneath the text.

6K 3 CVEs
Footnotes Made Easy

Footnotes Made Easy

footnotes-made-easy

A
98

Allows post authors to easily add and manage footnotes in posts.

2K 1 CVE
Citations

Citations

citations

A
85

This Plugin introduces practical citation functionality to the WordPress Block Editor, aiming to streamline the process of adding references to your c …

200 No CVEs
Endnotes

Endnotes

endnotes

A
85

Easily add footnotes to your posts and pages.

100 No CVEs
Developer Profile

CiteKit – Citation and Reference Manager Developer Profile

writerspress

1 plugin · 30 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect CiteKit – Citation and Reference Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/citation-reference-manager/assets/css/tooltip.css/wp-content/plugins/citation-reference-manager/assets/js/tooltip.js/wp-content/plugins/citation-reference-manager/assets/css/src.css/wp-content/plugins/citation-reference-manager/assets/js/src.js
Script Paths
/wp-content/plugins/citation-reference-manager/assets/js/tooltip.js/wp-content/plugins/citation-reference-manager/assets/js/src.js
Version Parameters
citation-reference-manager/assets/css/tooltip.css?ver=citation-reference-manager/assets/js/tooltip.js?ver=citation-reference-manager/assets/css/src.css?ver=citation-reference-manager/assets/js/src.js?ver=

HTML / DOM Fingerprints

CSS Classes
citebox
Data Attributes
data-uuid
JS Globals
citekitAjax
Shortcode Output
[cite][tooltip][bibliography]
FAQ

Frequently Asked Questions about CiteKit – Citation and Reference Manager