WP-Safety

ContentTrace Security & Risk Analysis

wordpress.org/plugins/contenttrace

Protect your WordPress content with invisible fingerprints and dual detection technology. Find who copied your posts and prove ownership.

0 active installs v1.0.1 PHP 7.4+ WP 5.0+ Updated Unknown
content-protectioncopyrightdmcaduplicate-contentplagiarism
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is ContentTrace Safe to Use in 2026?

Generally Safe

Score 100/100

ContentTrace has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The "contenttrace" plugin version 1.0.1 exhibits a generally strong security posture based on the provided static analysis. A significant strength is the complete absence of unprotected entry points, with all 17 AJAX handlers appearing to have proper authentication checks. Furthermore, the plugin demonstrates good practices in its use of prepared statements for SQL queries (61%) and robust output escaping (93%). The lack of any recorded vulnerabilities in its history, including critical or high severity ones, is also a positive indicator of responsible development and diligent security testing.

While the plugin has many strengths, a potential area for attention lies in the 9 external HTTP requests. Each external request introduces a dependency on an external service and can be a vector for various attacks if not handled with extreme care, such as Server-Side Request Forgery (SSRF) or data exfiltration if the plugin transmits sensitive information. Though the taint analysis shows no unsanitized paths, the existence of these external requests warrants careful review during any deeper security audit. The current data suggests a low immediate risk, but vigilance regarding these external interactions is recommended.

Key Concerns

  • External HTTP requests present potential risks
Vulnerabilities
None known

ContentTrace Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

ContentTrace Code Analysis

Dangerous Functions
0
Raw SQL Queries
9
14 prepared
Unescaped Output
17
214 escaped
Nonce Checks
23
Capability Checks
20
File Operations
0
External Requests
9
Bundled Libraries
0

SQL Query Safety

61% prepared23 total queries

Output Escaping

93% escaped231 total outputs
Data Flows
All sanitized

Data Flow Analysis

3 flows
ajax_generate_dmca (includes\class-scanner.php:2029)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

ContentTrace Attack Surface

Entry Points17
Unprotected0

AJAX Handlers 17

authwp_ajax_contenttrace_archive_submitincludes\class-archive.php:53
authwp_ajax_contenttrace_archive_verifyincludes\class-archive.php:54
authwp_ajax_contenttrace_scan_nowincludes\class-scanner.php:51
authwp_ajax_contenttrace_start_scanincludes\class-scanner.php:52
authwp_ajax_contenttrace_process_batchincludes\class-scanner.php:53
authwp_ajax_contenttrace_get_scan_statusincludes\class-scanner.php:54
authwp_ajax_contenttrace_cancel_scanincludes\class-scanner.php:55
authwp_ajax_contenttrace_export_scan_logincludes\class-scanner.php:56
authwp_ajax_contenttrace_generate_dmcaincludes\class-scanner.php:57
authwp_ajax_contenttrace_send_takedownincludes\class-scanner.php:58
authwp_ajax_contenttrace_add_test_duplicateincludes\class-scanner.php:59
authwp_ajax_contenttrace_check_urlincludes\class-scanner.php:60
authwp_ajax_contenttrace_test_emailincludes\class-scanner.php:61
authwp_ajax_contenttrace_get_takedown_historyincludes\class-scanner.php:62
authwp_ajax_contenttrace_get_job_logsincludes\class-scanner.php:63
authwp_ajax_contenttrace_compare_textincludes\class-scanner.php:64
authwp_ajax_contenttrace_check_statusincludes\class-settings.php:35
WordPress Hooks 21
actionplugins_loadedcontenttrace.php:39
actionpublish_postincludes\class-archive.php:58
actionpublish_pageincludes\class-archive.php:59
actionadd_meta_boxesincludes\class-archive.php:63
actioncontenttrace_archive_submitincludes\class-archive.php:527
actionadmin_menuincludes\class-dashboard.php:32
actionadmin_initincludes\class-dashboard.php:33
actioninitincludes\class-plugin.php:72
actionadmin_enqueue_scriptsincludes\class-plugin.php:73
actionwp_headincludes\class-plugin.php:74
actioncontenttrace_daily_scanincludes\class-scanner.php:45
actioncontenttrace_process_scan_batchincludes\class-scanner.php:48
actionadmin_menuincludes\class-scanner.php:67
actionadmin_initincludes\class-scanner.php:70
actionadmin_menuincludes\class-settings.php:30
actionadmin_initincludes\class-settings.php:31
actionadmin_enqueue_scriptsincludes\class-settings.php:32
filterthe_contentincludes\class-token.php:47
filterthe_excerptincludes\class-token.php:50
filterthe_content_feedincludes\class-token.php:54
filterthe_excerpt_rssincludes\class-token.php:55

Scheduled Events 4

contenttrace_archive_submit
contenttrace_daily_scan
contenttrace_daily_scan
contenttrace_daily_scan
Maintenance & Trust

ContentTrace Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedUnknown
PHP min version7.4
Downloads157

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

ContentTrace Alternatives

CopyCat Blocker

CopyCat Blocker

copycat-blocker

A
92

Protect your website content from being copied with a customizable text replacement system.

0 No CVEs
Secure Copy Content Protection and Content Locking

Secure Copy Content Protection and Content Locking

secure-copy-content-protection

B
83

Copy Protection plugin is activated it disables the right click, copy paste, content selection and copy shortcut keys

20K 15 CVEs
WP Content Copy Protection

WP Content Copy Protection

wp-content-copy-protection

A
85

WP Content Copy Protection uses aggressive techniques in protecting your online content (text/source/images/video/audio) from being stolen.

10K 1 CVE
WP-Copyright-Protection

WP-Copyright-Protection

wp-copyright-protection

A
92

Simple copyright protection for your images and text. No right click, no text selections, no screenshots. A very lean and clean plugin.

6K No CVEs
Copyscape Premium

Copyscape Premium

copyscape-premium

A
98

The Copyscape Premium plugin lets you check if a WordPress post is unique before it's published, by searching for duplicate content on the web.

1K 2 CVEs
Developer Profile

ContentTrace Developer Profile

Md Saddam Hossain Shakil

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect ContentTrace

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/contenttrace/css//wp-content/plugins/contenttrace/js/
Script Paths
/wp-content/plugins/contenttrace/js/contenttrace.js
Version Parameters
contenttrace/js/contenttrace.js?ver=contenttrace/css/contenttrace.css?ver=

HTML / DOM Fingerprints

CSS Classes
contenttrace-archive-metabox
Data Attributes
data-contenttrace-post-id
JS Globals
contenttrace_ajax_object
REST Endpoints
/wp-json/contenttrace/v1/settings
FAQ

Frequently Asked Questions about ContentTrace