Does Darkstar Keyword Manager have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Darkstar Keyword Manager compatible with WordPress 6.9.4?

According to WordPress.org data, Darkstar Keyword Manager 1.0.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Darkstar Keyword Manager compatible with PHP 7.4+?

Darkstar Keyword Manager requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Darkstar Keyword Manager updated?

Darkstar Keyword Manager was last updated on Mar 20, 2026. Frequent updates are generally a positive security signal.

What is Darkstar Keyword Manager's security score?

Darkstar Keyword Manager has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Darkstar Keyword Manager Security & Risk Analysis

wordpress.org/plugins/darkstar-keyword-manager

Import and manage SEO keywords from any keyword tool. View volume, difficulty, and which pages already target each keyword via RankMath and Yoast.

0 active installs v1.0.1 PHP 7.4+ WP 5.6+ Updated Mar 20, 2026

keyword-researchkeywordsrankmathseoyoast

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Darkstar Keyword Manager Safe to Use in 2026?

Generally Safe

Score 100/100

Darkstar Keyword Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "darkstar-keyword-manager" v1.0.1 plugin exhibits a mixed security posture. On the positive side, it demonstrates strong practices with 100% of its SQL queries utilizing prepared statements and a very high percentage (98%) of output escaping. It also has a clean vulnerability history with no recorded CVEs, suggesting a generally stable codebase or diligent patching by developers.

However, there are significant security concerns stemming from the static analysis. The plugin exposes a large attack surface through 8 AJAX handlers, with a concerning 7 of them lacking authentication checks. This represents a substantial risk as any unauthenticated user could potentially interact with these handlers. Additionally, the presence of 2 flows with unsanitized paths, even without a reported critical or high severity, warrants caution as these could be potential avenues for exploitation if not properly handled. The single instance of a dangerous function, `set_time_limit`, while not inherently a vulnerability, is often an indicator of less secure coding practices that could be exploited in conjunction with other weaknesses.

In conclusion, while the plugin has a good track record and strong fundamentals in SQL and output handling, the large number of unprotected AJAX endpoints and the presence of unsanitized paths are critical weaknesses that significantly elevate the risk profile. These issues need to be addressed to improve the plugin's overall security.

Key Concerns

Multiple unprotected AJAX handlers
Unsanitized paths identified in taint analysis
Use of dangerous function (set_time_limit)

Vulnerabilities

None known

Darkstar Keyword Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Darkstar Keyword Manager Release Timeline

v1.0.1Current

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

Darkstar Keyword Manager Code Analysis

Dangerous Functions

Raw SQL Queries

27 prepared

Unescaped Output

235 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

set_time_limit@set_time_limit( 300 ); // phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged, Squiz.PHP.Discouincludes/class-dskm-admin.php:284

SQL Query Safety

100% prepared27 total queries

Output Escaping

98% escaped240 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

render_import_page (includes/class-dskm-admin.php:616)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

7 unprotected

Darkstar Keyword Manager Attack Surface

Entry Points8

Unprotected7

AJAX Handlers 8

authwp_ajax_dskm_dismiss_upgrade_noticeincludes/class-dskm-admin.php:20

authwp_ajax_dskm_get_keywordsincludes/class-dskm-ajax.php:10

authwp_ajax_dskm_toggle_favouriteincludes/class-dskm-ajax.php:11

authwp_ajax_dskm_delete_keywordincludes/class-dskm-ajax.php:12

authwp_ajax_dskm_bulk_actionincludes/class-dskm-ajax.php:13

authwp_ajax_dskm_add_keywordincludes/class-dskm-ajax.php:14

authwp_ajax_dskm_delete_listincludes/class-dskm-ajax.php:15

authwp_ajax_dskm_delete_all_dupesincludes/class-dskm-ajax.php:16

WordPress Hooks 11

actionadmin_initdarkstar-keyword-manager.php:48

actionplugins_loadeddarkstar-keyword-manager.php:60

actionadmin_initdarkstar-keyword-manager.php:78

actionadmin_menuincludes/class-dskm-admin.php:10

actionadmin_enqueue_scriptsincludes/class-dskm-admin.php:11

actionadmin_initincludes/class-dskm-admin.php:12

actionadmin_noticesincludes/class-dskm-admin.php:13

actionadmin_post_dskm_upload_fileincludes/class-dskm-admin.php:16

actionadmin_post_dskm_import_mappedincludes/class-dskm-admin.php:17

filterupload_dirincludes/class-dskm-importer.php:182

actionadmin_initincludes/class-dskm-settings.php:10

Maintenance & Trust

Darkstar Keyword Manager Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 20, 2026

PHP min version7.4

Downloads124

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

Darkstar Keyword Manager Alternatives

SEO One-Click Publishing

ada-seo-by-adaptify

100

A one-click SEO publishing plugin designed to streamline content optimization and publishing. It ensures SEO best practices are seamlessly integrated.

500 No CVEs

Website LLMs.txt

website-llms-txt

Automatically generate and manage LLMS.txt files for LLM/AI content understanding, with full Yoast SEO, Rank Math, SEOPress, and AIOSEO integration.

30K 3 CVEs

Surfer – WordPress Plugin

surferseo

Connect Surfer's Content Editor to WordPress. Write and optimize your articles for SEO, find new keyword ideas and publish straight to WordPress.

6K 3 CVEs

Keyword Research Tool

keyword-research-tool

100

Keyword Research made simple for Wordpress. Enter your keyword and quickly discover keyword opportunities related to your topic.

800 No CVEs

WP Keyword Suggest

wp-keyword-suggest

This SEO plugin offers keyword suggestions, taken from autocomplete google, yahoo, bing... up to 250 keywords ideas

500 No CVEs

Developer Profile

Darkstar Keyword Manager Developer Profile

justinblayney

2 plugins · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Darkstar Keyword Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/darkstar-keyword-manager/assets/css/admin.css/wp-content/plugins/darkstar-keyword-manager/assets/js/admin.js

Script Paths

/wp-content/plugins/darkstar-keyword-manager/assets/js/admin.js

Version Parameters

darkstar-keyword-manager/assets/css/admin.css?ver=darkstar-keyword-manager/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

dskm-upgrade-notice

HTML Comments

Data Attributes

data-noncedata-ajaxurldata-perpagedata-confirmdeletedata-confirmbulkdeletedata-confirmdedupeall+4 more

JS Globals

dskmData

FAQ