Does DUZZ have any unpatched vulnerabilities?

No. All known vulnerabilities in DUZZ have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is DUZZ compatible with WordPress 4.7.32?

According to WordPress.org data, DUZZ 1.01 has been tested up to WordPress 4.7.32. Check the plugin's changelog for the latest compatibility information.

How often is DUZZ updated?

DUZZ was last updated on May 2, 2017. Frequent updates are generally a positive security signal.

What is DUZZ's security score?

DUZZ has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

DUZZ Security & Risk Analysis

wordpress.org/plugins/duzz-seo

DUZZ adds meta data for SEO and Facebook shares as well as analytics and webmaster tools code to your site and much more.

0 active installs v1.01 PHP + WP 4.7+ Updated May 2, 2017

facebook-metameta-datameta-tagsonpage-seoseo

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is DUZZ Safe to Use in 2026?

Generally Safe

Score 85/100

DUZZ has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The duzz-seo plugin version 1.01 exhibits a generally positive security posture based on the provided static analysis. The plugin has no recorded vulnerabilities (CVEs), suggesting a history of secure development or effective patching by its developers. Notably, the absence of dangerous functions, file operations, and external HTTP requests are strong indicators of good security practices. The reliance on prepared statements for all SQL queries and a high percentage of properly escaped output further bolster its security. The presence of a nonce check is also a positive sign, although capability checks are notably absent. The lack of any detected taint flows, unsanitized paths, or a significant attack surface (AJAX handlers, REST API routes, shortcodes, cron events) further contributes to a low-risk profile.

However, the absence of capability checks on the identified entry points (even though there are none in this specific scan, it's a general concern for the code structure) represents a potential weakness. If future versions introduce new entry points or if the current, albeit zero, entry points were to require authorization, the lack of capability checks could become a significant vulnerability. The absence of any recorded vulnerabilities is excellent, but it's important to remember that static analysis is not exhaustive and zero vulnerabilities to date do not guarantee future safety. The plugin appears well-coded with good attention to common web security pitfalls.

Key Concerns

No capability checks found

Vulnerabilities

None known

DUZZ Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

DUZZ Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

30 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

94% escaped32 total outputs

Attack Surface

DUZZ Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 7

actionadmin_enqueue_scriptsduzz-seo.php:32

actionadd_meta_boxesduzz-seo.php:46

actionsave_postduzz-seo.php:109

actionadmin_menuduzz-seo.php:136

actionadmin_initduzz-seo.php:153

actionwp_headduzz-seo.php:367

filterpre_get_document_titleduzz-seo.php:385

Maintenance & Trust

DUZZ Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32

Last updatedMay 2, 2017

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

DUZZ Alternatives

Meta Tag Manager

meta-tag-manager

Easily add and manage custom meta tags to various parts of your site or on individual posts, such as Yahoo and Google verification tags.

70K 3 CVEs

HeadSpace2 SEO

headspace2

Controls almost every aspect of your site's meta-data, including advanced tagging, Analytics, and dozens of plugins. The best WordPress SEO solu …

3K No CVEs

Basic SEO Pack

basic-seo-pack

Simple but complete SEO Pack to make your site SEO Friendly. Quick way to add meta tags to your post and pages using WP custom fields.

800 No CVEs

Simple Meta Tags

simple-meta-tags

Allows you to set global meta tags and customize on each individual page/post. Please Note: Does not support custom post types

800 1 unpatched

Auto SEO

auto-seo

Auto SEO is a quick, simple way to add title, meta keywords, and meta descriptions to your site all at one from a single page.

600 1 CVE

Developer Profile

DUZZ Developer Profile

Saud Ashfaq

1 plugin · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect DUZZ

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/duzz-seo/css/duzz-style.css

HTML / DOM Fingerprints

CSS Classes

duzz_topduzz_mid

Data Attributes

id="post_title_tag"name="post_title_tag"id="post_meta_title"name="post_meta_title"id="post_meta_description"name="post_meta_description"+12 more

FAQ