Does EasyTest – Simplify A/B Testing have any unpatched vulnerabilities?

Yes — EasyTest – Simplify A/B Testing currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is EasyTest – Simplify A/B Testing compatible with WordPress 6.8.5?

According to WordPress.org data, EasyTest – Simplify A/B Testing 1.0.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is EasyTest – Simplify A/B Testing updated?

EasyTest – Simplify A/B Testing was last updated on Jun 5, 2025. Frequent updates are generally a positive security signal.

What is EasyTest – Simplify A/B Testing's security score?

EasyTest – Simplify A/B Testing has a WP-Safety security score of 76/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

EasyTest – Simplify A/B Testing Security & Risk Analysis

wordpress.org/plugins/convertpro

EasyTest allows you to perform A/B testing, split testing, and compare pages with ease.

20K active installs v1.0.1 PHP + WP 5.0+ Updated Jun 5, 2025

ab-testcompare-pageselement-ab-testsplit-test

B · Generally Safe

CVEs total2

Unpatched1

Last CVEDec 31, 2025

Plugin page Download

Safety Verdict

Is EasyTest – Simplify A/B Testing Safe to Use in 2026?

Mostly Safe

Score 76/100

EasyTest – Simplify A/B Testing is generally safe to use. 2 past CVEs were resolved. Keep it updated.

2 known CVEs 1 unpatched Last CVE: Dec 31, 2025Updated 10mo ago

Risk Assessment

The ConvertPro plugin exhibits a mixed security posture. While it demonstrates good practices in SQL query preparation and output escaping, a significant concern lies in its attack surface, particularly the high number of AJAX handlers lacking proper authentication checks. The taint analysis further highlights this by identifying a substantial number of flows with unsanitized paths, including five deemed high severity. This suggests a potential for attackers to exploit these entry points to manipulate data or execute unintended actions. The plugin's vulnerability history, despite a recent medium severity vulnerability, indicates a pattern of missing authorization, reinforcing the concerns raised by the static analysis. While the absence of critical vulnerabilities and a generally good approach to prepared statements and escaping are strengths, the unaddressed AJAX handlers and unsanitized taint flows represent immediate and significant risks that require urgent attention.

Key Concerns

High number of unprotected AJAX handlers
High severity unsanitized taint flows
Unpatched CVE
Missing nonce checks on AJAX
Low capability checks coverage

Vulnerabilities

EasyTest – Simplify A/B Testing Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2025-63031medium · 5.3Missing Authorization

EasyTest <= 1.0.1 - Missing Authorization

Dec 31, 2025Unpatched

CVE-2023-36684medium · 6.5Missing Authorization

Convert Pro <= 1.7.5 - Missing Authorization

Jul 21, 2023 Patched in 1.7.6 (186d)

Code Analysis

Analyzed Mar 16, 2026

EasyTest – Simplify A/B Testing Code Analysis

Dangerous Functions

Raw SQL Queries

38 prepared

Unescaped Output

190 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

84% prepared45 total queries

Output Escaping

95% escaped201 total outputs

Data Flows

8 unsanitized

Data Flow Analysis

11 flows8 with unsanitized paths

random_redirect (includes\Classes\Redirection.php:46)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

6 unprotected

EasyTest – Simplify A/B Testing Attack Surface

Entry Points8

Unprotected6

AJAX Handlers 8

authwp_ajax_convertpro_ajax_actionincludes\function.php:6

noprivwp_ajax_convertpro_ajax_actionincludes\function.php:7

authwp_ajax_convertpro_interactions_report_ajaxincludes\function.php:153

noprivwp_ajax_convertpro_interactions_report_ajaxincludes\function.php:154

authwp_ajax_convertpro_get_chart_dataincludes\function.php:274

noprivwp_ajax_convertpro_get_chart_dataincludes\function.php:275

authwp_ajax_get_conversion_page_permalinkincludes\function.php:384

noprivwp_ajax_get_conversion_page_permalinkincludes\function.php:385

WordPress Hooks 20

actionwp_enqueue_scriptsconvert-pro.php:65

actionplugins_loadedconvert-pro.php:66

actioninitconvert-pro.php:237

actioninitconvert-pro.php:240

actionswitch_themeFinestics\Insights.php:124

actionswitch_themeFinestics\Insights.php:125

actionadmin_footerFinestics\Insights.php:138

actionadmin_noticesFinestics\Insights.php:157

actionadmin_initFinestics\Insights.php:160

filtercron_schedulesFinestics\Insights.php:166

actionadmin_menuincludes\Admin.php:15

actionadmin_enqueue_scriptsincludes\Admin.php:16

actionwp_enqueue_scriptsincludes\Admin.php:17

actionadmin_enqueue_scriptsincludes\Assets.php:15

actionwp_enqueue_scriptsincludes\Assets.php:17

actioninitincludes\Classes\ElementRedirection.php:23

actiontemplate_redirectincludes\Classes\ElementRedirection.php:24

actiontemplate_redirectincludes\Classes\Redirection.php:9

actiontemplate_redirectincludes\Classes\Redirection.php:10

actionconvertpro-variation-btnincludes\hook.php:2

Maintenance & Trust

EasyTest – Simplify A/B Testing Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJun 5, 2025

PHP min version

Downloads10K

Community Trust

Rating100/100

Number of ratings1

Active installs20K

Alternatives

EasyTest – Simplify A/B Testing Alternatives

Unbounce Landing Pages

unbounce

100

Unbounce is the most powerful standalone landing page builder available.

10K No CVEs

Personizely — A/B Testing, Personalization, Popups & CRO

personizely

Personizely is a Conversion Optimization Toolkit that helps you boost engagement and sales through A/B testing, website personalization, and popups.

400 1 CVE

Sigmize: A/B Testing, Session Recordings, Heatmaps & Revenue Tracking for WooCommerce, SureCart & EDD

sigmize

Powerful A/B testing for WordPress with heatmaps, session replays, and e-commerce tracking for WooCommerce, SureCart, and EDD.

100 1 CVE

PageTest.ai – AI-Powered A/B and Multivariate Testing for WordPress

pagetest-ai

100

Run AI-powered A/B and multivariate tests on your WordPress site—no coding needed. Optimize conversions by finding your best content.

20 No CVEs

A/B See

ab-see

WordPress A/B testing in two shortcodes.

10 No CVEs

Developer Profile

EasyTest – Simplify A/B Testing Developer Profile

WP Grids

4 plugins · 21K total installs

trust score

Avg Security Score

82/100

Avg Patch Time

98 days

View full developer profile

Detection Fingerprints

How We Detect EasyTest – Simplify A/B Testing

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/convertpro/assets/css/style.css/wp-content/plugins/convertpro/assets/js/frontent-script.js

Script Paths

/wp-content/plugins/convertpro/assets/js/frontent-script.js

Version Parameters

convertpro/assets/css/style.css?ver=convertpro/assets/js/frontent-script.js?ver=

HTML / DOM Fingerprints

CSS Classes

cp-elements-previewcp-frontend-editorcp-modal-open

HTML Comments

Data Attributes

data-cp-iddata-cp-namedata-cp-type

JS Globals

convertpro_object

Shortcode Output

[convertpro[cp_modal[cp_popup[cp_form

FAQ