Domain Check Security & Risk Analysis
wordpress.org/plugins/domain-checkDomain Check lets you search domain names, check SSL certificates and HTTPS, set email alerts for domain and SSL expiration, and get daily coupons.
Is Domain Check Safe to Use in 2026?
Generally Safe
Score 85/100Domain Check has a strong security track record. Known vulnerabilities have been patched promptly.
The domain-check plugin v1.0.19 exhibits a concerning security posture primarily due to its unprotected attack surface. All six identified AJAX handlers lack authentication checks, meaning any unauthenticated user could potentially trigger these actions, leading to unauthorized operations or unintended consequences. While the plugin demonstrates good practices in its SQL query handling, using prepared statements exclusively, and largely escapes output, the vulnerability history, particularly a past medium-severity Cross-Site Scripting (XSS) vulnerability, highlights a latent risk of input validation failures. The taint analysis also reveals a significant number of flows with unsanitized paths, with 19 identified as high severity. This suggests that user-supplied data might be reaching sensitive functions without proper sanitization, which, combined with the unprotected AJAX handlers, creates a substantial risk of exploitation.
Key Concerns
- AJAX handlers without authentication checks
- High severity unsanitized taint flows
- Past medium severity XSS vulnerability
- Lack of nonce checks on AJAX handlers
- Lack of capability checks on AJAX handlers
Domain Check Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
Domain Check <= 1.0.16 - Reflected Cross-Site Scripting via domain
Domain Check Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Domain Check Attack Surface
AJAX Handlers 6
WordPress Hooks 12
Scheduled Events 3
Maintenance & Trust
Domain Check Maintenance & Trust
Maintenance Signals
Community Trust
Domain Check Alternatives
HTTPS Domain Alias
https-domain-alias
Enable your site to have a different domains for HTTP and HTTPS.
Easy HTTPS Redirection (SSL)
https-redirection
The plugin allows an automatic redirection to the "HTTPS" version/URL of the site. Make your site SSL compatible easily.
SSL Insecure Content Fixer
ssl-insecure-content-fixer
Clean up WordPress website HTTPS insecure content
WP Force SSL & HTTPS SSL Redirect
wp-force-ssl
Enable SSL & HTTPS redirect with 1 click! Add SSL certificate & WP Force SSL to redirect site from HTTP to HTTPS & fix SSL errors.
WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan
wp-letsencrypt-ssl
Lifetime SSL solution - Free SSL certificate & HTTPS redirect, resolve insecure site, fix SSL errors, SSL score, SSL monitoring, really simple setup.
Domain Check Developer Profile
1 plugin · 100 total installs
How We Detect Domain Check
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/domain-check/css/domain-check.css/wp-content/plugins/domain-check/css/domain-check-admin.css/wp-content/plugins/domain-check/js/domain-check.js/wp-content/plugins/domain-check/js/domain-check-admin.js/wp-content/plugins/domain-check/js/domain-check.js/wp-content/plugins/domain-check/js/domain-check-admin.jsdomain-check/css/domain-check.css?ver=domain-check/css/domain-check-admin.css?ver=domain-check/js/domain-check.js?ver=domain-check/js/domain-check-admin.js?ver=HTML / DOM Fingerprints
domain-check-dashboard-widgetdc-dashboard-widgetdomain-check-settings-fieldsdc-fielddomain-check-maindc-main<!-- Domain Check Dashboard Widget -->data-dc-domain-inputdata-dc-domain-search-resultsdata-dc-domain-search-loadingdata-dc-domain-search-errordata-dc-domain-search-emptyDomainCheckDomainCheckAdmin