Does Cloud Customer Area have any unpatched vulnerabilities?

No. All known vulnerabilities in Cloud Customer Area have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Cloud Customer Area compatible with WordPress 6.7.5?

According to WordPress.org data, Cloud Customer Area 2.1.0 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Cloud Customer Area compatible with PHP 5.6+?

Cloud Customer Area requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Cloud Customer Area updated?

Cloud Customer Area was last updated on Feb 22, 2025. Frequent updates are generally a positive security signal.

What is Cloud Customer Area's security score?

Cloud Customer Area has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Cloud Customer Area Security & Risk Analysis

wordpress.org/plugins/cloud-customer-area

The only plugin to create and manage a reserved customer area, using cloud services (ex: Google Drive).

100 active installs v2.1.0 PHP 5.6+ WP 4.0+ Updated Feb 22, 2025

cloud-integrationcustomers-areadocuments-exchangegoogle-drivereserved-area

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Cloud Customer Area Safe to Use in 2026?

Generally Safe

Score 92/100

Cloud Customer Area has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The cloud-customer-area plugin v2.1.0 demonstrates a generally good security posture with several positive indicators. Notably, all identified entry points (AJAX handlers, REST API routes, and shortcodes) appear to have authentication or permission checks, and it correctly utilizes prepared statements for all SQL queries, preventing common SQL injection vulnerabilities. The plugin also makes use of nonce and capability checks, further enhancing its security. However, a significant concern arises from the complete lack of output escaping across all 30 identified outputs. This leaves the plugin highly susceptible to Cross-Site Scripting (XSS) attacks, where malicious scripts could be injected and executed in users' browsers.

The taint analysis, while limited in scope, did identify one flow with an unsanitized path, which warrants further investigation. Despite this, the plugin has no recorded vulnerability history, suggesting a relatively stable track record. In conclusion, while the plugin excels in preventing direct database and authentication bypass vulnerabilities, the absence of output escaping represents a critical flaw that significantly elevates its risk profile. The lack of a history of vulnerabilities is positive, but it does not mitigate the immediate XSS risk posed by unescaped output.

Key Concerns

0% of outputs properly escaped
1 flow with unsanitized paths (taint analysis)

Vulnerabilities

None known

Cloud Customer Area Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Cloud Customer Area Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped30 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

3 flows1 with unsanitized paths

ajax_action_download_file (inc\class-main.php:559)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Cloud Customer Area Attack Surface

Entry Points7

Unprotected0

AJAX Handlers 6

authwp_ajax_cca_get_filesinc\class-main.php:324

noprivwp_ajax_cca_get_filesinc\class-main.php:325

authwp_ajax_cca_get_file_infoinc\class-main.php:326

noprivwp_ajax_cca_get_file_infoinc\class-main.php:327

authwp_ajax_cca_download_fileinc\class-main.php:328

noprivwp_ajax_cca_download_fileinc\class-main.php:329

Shortcodes 1

[cloud-customer-area] inc\class-main.php:287

WordPress Hooks 14

actioninitinc\class-main.php:58

actionafter_setup_themeinc\class-main.php:161

filterplugin_action_linksinc\class-main.php:169

actioninitinc\class-main.php:183

actioninitinc\class-main.php:189

actionadmin_menuinc\class-main.php:203

actionadmin_initinc\class-main.php:206

actionshow_user_profileinc\class-main.php:228

actionedit_user_profileinc\class-main.php:229

actioninitinc\class-main.php:230

actionadmin_enqueue_scriptsinc\class-main.php:233

actionwp_headinc\class-main.php:242

actionwp_enqueue_scriptsinc\class-main.php:265

actioninitinc\class-main.php:309

Maintenance & Trust

Cloud Customer Area Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedFeb 22, 2025

PHP min version5.6

Downloads6K

Community Trust

Rating100/100

Number of ratings2

Active installs100

Alternatives

Cloud Customer Area Alternatives

Embed Files from Google Drive

google-drive-embedder

100

Browse for Google Drive documents and embed directly in your posts/pages. Extends Google Apps Login plugin so no extra user auth required.

5K No CVEs

Image and video gallery from Google Drive

skaut-google-drive-gallery

100

A WordPress gallery using Google Drive as file storage

4K No CVEs

Connector for Gravity Forms and Google Sheets

wp-gravity-forms-spreadsheets

Gravity Forms Google Sheets Connector sends Gravity forms entries to Google Sheets.

3K 4 CVEs

File Manager for Dropbox

integrate-dropbox

100

Secure Dropbox integration for WordPress. Manage, share, and embed files via blocks, shortcodes, and Elementor widgets.

300 No CVEs

Cloud Storage Manager for Fluent Forms – Google Drive, Dropbox, OneDrive, S3 Uploads

cloud-storage-manager

100

Upload Fluent Forms files to Google Drive, Dropbox, OneDrive, S3, and Cloudflare R2. Save server space with cloud storage.

100 No CVEs

Developer Profile

Cloud Customer Area Developer Profile

TotalPress.org

3 plugins · 3K total installs

trust score

Avg Security Score

92/100

Avg Patch Time

120 days

View full developer profile

Detection Fingerprints

How We Detect Cloud Customer Area

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cloud-customer-area/assets/css/cca-frontend.css/wp-content/plugins/cloud-customer-area/assets/css/cca-backend.css/wp-content/plugins/cloud-customer-area/assets/js/cca-frontend.js/wp-content/plugins/cloud-customer-area/assets/js/cca-backend.js

Script Paths

/wp-content/plugins/cloud-customer-area/assets/js/cca-frontend.js/wp-content/plugins/cloud-customer-area/assets/js/cca-backend.js

Version Parameters

cloud-customer-area/assets/css/cca-frontend.css?ver=cloud-customer-area/assets/css/cca-backend.css?ver=cloud-customer-area/assets/js/cca-frontend.js?ver=cloud-customer-area/assets/js/cca-backend.js?ver=

HTML / DOM Fingerprints

CSS Classes

cca-customer-areacca-customer-area-wrappercca-file-upload-formcca-file-listcca-file-itemcca-download-linkcca-upload-buttoncca-label

HTML Comments

Data Attributes

data-cca-iddata-cca-typedata-cca-sizedata-cca-date

JS Globals

window.cca_ajax_object

Shortcode Output

[cloud_customer_area]

FAQ