WP-Safety

CyStack Security – Vulnerability Scanner & Security Monitoring Security & Risk Analysis

wordpress.org/plugins/cystack-security

CyStack Security constantly monitors your websites and servers to detect security issues and vulnerabilities.

10 active installs v1.0.4 PHP 5.6+ WP 4.0+ Updated Aug 3, 2020
cloud-securityscansonitorvulnerabilityweb-security
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is CyStack Security – Vulnerability Scanner & Security Monitoring Safe to Use in 2026?

Generally Safe

Score 85/100

CyStack Security – Vulnerability Scanner & Security Monitoring has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The "cystack-security" v1.0.4 plugin presents a significant security risk due to its large, unprotected attack surface. All 12 AJAX handlers lack authentication checks, meaning any unauthenticated user can trigger these functions, potentially leading to unauthorized actions or information disclosure. While the code exhibits good practices in other areas like SQL query handling and output escaping (75% proper), the absence of proper authorization for such a substantial portion of its entry points overshadows these strengths. The lack of known vulnerabilities in its history is a positive indicator, suggesting past security diligence. However, the current state of the code, with its numerous unprotected AJAX endpoints, creates a critical security gap that could be easily exploited. Without immediate patching of these authorization flaws, the plugin remains highly vulnerable.

Key Concerns

  • 12 unprotected AJAX handlers
  • 1 nonce check, but 12 AJAX handlers unprotected
  • 3 of 4 outputs not properly escaped
Vulnerabilities
None known

CyStack Security – Vulnerability Scanner & Security Monitoring Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

CyStack Security – Vulnerability Scanner & Security Monitoring Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
3 escaped
Nonce Checks
1
Capability Checks
1
File Operations
5
External Requests
0
Bundled Libraries
0

Output Escaping

75% escaped4 total outputs
Attack Surface
12 unprotected

CyStack Security – Vulnerability Scanner & Security Monitoring Attack Surface

Entry Points12
Unprotected12

AJAX Handlers 12

authwp_ajax_cystack_clear_meta_ajaxsrc\Api\ClearMeta.php:14
authwp_ajax_cystack_clear_meta_ajaxsrc\Api\ClearMeta.php:15
authwp_ajax_cystack_clear_meta_ajaxsrc\Api\ClearMeta.php:16
authwp_ajax_cystack_disconnect_ajaxsrc\Api\Disconnect.php:17
authwp_ajax_cystack_disconnect_ajaxsrc\Api\Disconnect.php:18
authwp_ajax_cystack_disconnect_ajaxsrc\Api\Disconnect.php:19
authwp_ajax_cystack_registration_ajaxsrc\Api\Registration.php:17
authwp_ajax_cystack_registration_ajaxsrc\Api\Registration.php:18
authwp_ajax_cystack_registration_ajaxsrc\Api\Registration.php:19
authwp_ajax_cystack_update_email_ajaxsrc\Api\UpdateEmail.php:14
authwp_ajax_cystack_update_email_ajaxsrc\Api\UpdateEmail.php:15
authwp_ajax_cystack_update_email_ajaxsrc\Api\UpdateEmail.php:16
WordPress Hooks 4
actionwp_headcystack-security.php:78
actionplugins_loadedsrc\Base\BuildMenu.php:12
actionadmin_menusrc\Base\BuildMenu.php:13
actionadmin_enqueue_scriptssrc\Base\Enqueue.php:12
Maintenance & Trust

CyStack Security – Vulnerability Scanner & Security Monitoring Maintenance & Trust

Maintenance Signals

WordPress version tested5.5.18
Last updatedAug 3, 2020
PHP min version5.6
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

CyStack Security – Vulnerability Scanner & Security Monitoring Alternatives

SecuSeek – Web Security Scanner & Vulnerability Assessment

SecuSeek – Web Security Scanner & Vulnerability Assessment

secuseek

A
100

Professional web security scanning and vulnerability assessment plugin. Comprehensive security analysis, real-time threat detection, and detailed secu …

100 No CVEs
AntiVirus

AntiVirus

antivirus

A
99

Security plugin to protect your blog or website against exploits and spam injections.

30K 1 CVE
Malcure Malware Shield — Removal, Repair, Monitor

Malcure Malware Shield — Removal, Repair, Monitor

wp-malware-removal

A
96

Fast malware removal & security shield. Fix hacks, stop redirects, clean SEO spam. Real-time threat intelligence. No bloat.

10K 3 CVEs
WPScan – WordPress Security Scanner

WPScan – WordPress Security Scanner

wpscan

A
100

WPScan WordPress Security Scanner - Scans your system for security vulnerabilities listed in the WPScan Vulnerability Database.

9K No CVEs
SiteLock Security – WP Hardening, Login Security & Malware Scans

SiteLock Security – WP Hardening, Login Security & Malware Scans

sitelock

A
98

Free, lightweight WordPress security. Harden your site with login protection & 2FA, see Site Health clearly and run on-demand checks—setup in minutes.

1K 2 CVEs
Developer Profile

CyStack Security – Vulnerability Scanner & Security Monitoring Developer Profile

CyStack

1 plugin · 10 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect CyStack Security – Vulnerability Scanner & Security Monitoring

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/cystack-security/assets/cystack.css/wp-content/plugins/cystack-security/assets/cystack-bridge.css/wp-content/plugins/cystack-security/js/dist/cystack.js
Script Paths
/wp-content/plugins/cystack-security/js/dist/cystack.js
Version Parameters
cystack-csscystack-bridge-csscystack-js

HTML / DOM Fingerprints

JS Globals
cystackConfig
REST Endpoints
/wp-json/cystack/v1/clear_meta/wp-json/cystack/v1/registration
FAQ

Frequently Asked Questions about CyStack Security – Vulnerability Scanner & Security Monitoring