WP-Safety

CleverNode Related Content Security & Risk Analysis

wordpress.org/plugins/clevernode-related-content

CleverNode Related Content is a semantic correlation service that allows you to place a collection of related articles on your WordPress site.

10 active installs v1.1.6 PHP 7.4+ WP 5.9+ Updated Nov 7, 2024
related-postssemantic-related-postssemantic-textual-similaritysimilar-postsyou-also-may-like-posts
91
A · Safe
CVEs total1
Unpatched0
Last CVEDec 11, 2024
Plugin page Download
Safety Verdict

Is CleverNode Related Content Safe to Use in 2026?

Generally Safe

Score 91/100

CleverNode Related Content has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Dec 11, 2024Updated 1yr ago
Risk Assessment

The "clevernode-related-content" v1.1.6 plugin demonstrates a generally strong security posture based on the provided static analysis. Notably, all SQL queries utilize prepared statements, and all output is properly escaped, significantly mitigating common vulnerabilities like SQL injection and cross-site scripting (XSS). The absence of file operations and external HTTP requests further reduces the attack surface. The presence of nonce and capability checks on its single AJAX handler is also a positive indicator of secure coding practices.

However, the plugin's vulnerability history presents a moderate concern. A past medium-severity vulnerability related to Cross-site Scripting, though currently patched, indicates a potential for such issues to arise. While the taint analysis shows no current unsanitized flows, this historical context suggests that input validation and sanitization should remain a focus for future development. The bundled Guzzle library, while not inherently problematic, is a third-party component that would require monitoring for its own security updates.

In conclusion, the plugin exhibits good security fundamentals with robust SQL and output handling. The historical XSS vulnerability is a notable weakness that warrants attention, even if resolved. The limited attack surface and protected entry points are strengths, but ongoing vigilance regarding third-party libraries and input validation is recommended to maintain a secure state.

Key Concerns

  • Past medium severity XSS vulnerability
  • Bundled library (Guzzle) requires monitoring
Vulnerabilities
1

CleverNode Related Content Security Vulnerabilities

CVEs by Year

1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2024-54329medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CleverNode Related Content <= 1.1.5 - Reflected Cross-Site Scripting

Dec 11, 2024 Patched in 1.1.6 (9d)
Code Analysis
Analyzed Mar 17, 2026

CleverNode Related Content Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
229 escaped
Nonce Checks
5
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Guzzle

Output Escaping

100% escaped229 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
callback_connection_form (inc\Classes\Settings_API_Fields.php:825)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

CleverNode Related Content Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 1

authwp_ajax_clevernode_review_laterinc\Plugin_Setup.php:117

Shortcodes 1

[clevernode-related] inc\App\Script.php:79
WordPress Hooks 37
filterthe_contentinc\App\MetaTags.php:46
actionwp_headinc\App\MetaTags.php:55
actionwp_headinc\App\MetaTags.php:56
actionwp_headinc\App\MetaTags.php:57
actionwp_headinc\App\MetaTags.php:58
actionwp_headinc\App\MetaTags.php:59
actionwp_headinc\App\MetaTags.php:60
actionamp_post_template_headinc\App\MetaTags.php:63
actionamp_post_template_headinc\App\MetaTags.php:64
actionamp_post_template_headinc\App\MetaTags.php:65
actionamp_post_template_headinc\App\MetaTags.php:66
actionamp_post_template_headinc\App\MetaTags.php:67
actionamp_post_template_headinc\App\MetaTags.php:68
filterdocument_title_separatorinc\App\MetaTags.php:73
actionwp_enqueue_scriptsinc\App\Script.php:51
filterthe_contentinc\App\Script.php:56
actioninitinc\App\Script.php:65
actionadmin_noticesinc\Classes\Admin_Notices.php:31
actionadmin_enqueue_scriptsinc\Classes\Settings_API.php:85
filtersafe_style_cssinc\Classes\Settings_API_Fields.php:226
actionadmin_action_clevernode_connectioninc\Modules\Connection.php:48
actionadmin_head-toplevel_page_clevernode-settingsinc\Modules\Connection.php:53
actionadmin_menuinc\Modules\Settings.php:55
actionadmin_initinc\Modules\Settings.php:60
actionadmin_initinc\Modules\Settings.php:65
filterplugin_action_links_clevernode-related-content/clevernode-related-content.phpinc\Modules\Settings.php:70
actionadmin_footerinc\Modules\Settings.php:75
filterpre_update_option_clevernode_plugin_settingsinc\Modules\Settings.php:80
actionplugins_loadedinc\Plugin_Setup.php:75
actionactivate_plugininc\Plugin_Setup.php:81
filterplugin_row_metainc\Plugin_Setup.php:86
actionadmin_enqueue_scriptsinc\Plugin_Setup.php:91
actionadmin_noticesinc\Plugin_Setup.php:96
actionadmin_noticesinc\Plugin_Setup.php:97
actionadmin_initinc\Plugin_Setup.php:102
actionadmin_initinc\Plugin_Setup.php:107
actionadmin_initinc\Plugin_Setup.php:112
Maintenance & Trust

CleverNode Related Content Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5
Last updatedNov 7, 2024
PHP min version7.4
Downloads5K

Community Trust

Rating100/100
Number of ratings4
Active installs10
Alternatives

CleverNode Related Content Alternatives

Inline Related Posts

Inline Related Posts

intelly-related-posts

A
96

Inline Related Posts AUTOMATICALLY inserts related posts INSIDE your content, capturing immediately the reader's attention.

100K 7 CVEs
YARPP – Yet Another Related Posts Plugin

YARPP – Yet Another Related Posts Plugin

yet-another-related-posts-plugin

B
83

The best WordPress plugin for displaying related posts. Simple and flexible, with a powerful proven algorithm and inbuilt caching.

100K 8 CVEs
Contextual Related Posts

Contextual Related Posts

contextual-related-posts

A
86

Keep visitors on your site longer with intelligent, fast-loading, contextually related posts. Block, shortcode, custom post type and widget ready.

60K 8 CVEs
Related Posts for WordPress

Related Posts for WordPress

related-posts-for-wp

A
99

The best WordPress plugin for related posts. Simple, flexible, powerful algorithm, and built-in caching. Fully setup with only 1 click!

20K 6 CVEs
Internal Linking of Related Contents

Internal Linking of Related Contents

internal-linking-of-related-contents

A
99

Internal Linking of Related Contents allows you to automatically insert inline related posts within your WordPress articles.

4K 1 CVE
Developer Profile

CleverNode Related Content Developer Profile

Metup

1 plugin · 10 total installs

88
trust score
Avg Security Score
91/100
Avg Patch Time
9 days
View full developer profile
Detection Fingerprints

How We Detect CleverNode Related Content

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/clevernode-related-content/assets/js/script.js
Script Paths
//epeex.com/related/service/widget/clevernode/

HTML / DOM Fingerprints

CSS Classes
clevernode-related-content-placeholder
HTML Comments
CleverNode Shortcode Active
Data Attributes
data-accountdata-channel
Shortcode Output
<div id="" class="clevernode-related-content-placeholder"></div>
FAQ

Frequently Asked Questions about CleverNode Related Content