Dynaposty Dynamic Landing Pages Security & Risk Analysis
wordpress.org/plugins/dynaposty-dynamic-landing-pagesDynaPosty lets you define url variables and create shortcodes for corresponding dynamic content fields. Translation: Easiest. Dynamic. Landers. Ever.
Is Dynaposty Dynamic Landing Pages Safe to Use in 2026?
Generally Safe
Score 85/100Dynaposty Dynamic Landing Pages has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The dynaposty-dynamic-landing-pages plugin v0.2 exhibits a concerning security posture due to significant weaknesses in its handling of user-supplied data and entry points. While the plugin demonstrates good practice by exclusively using prepared statements for SQL queries and has no recorded vulnerability history, these strengths are overshadowed by critical security flaws. The static analysis reveals a small attack surface of two AJAX handlers, both of which lack authentication checks, presenting a direct avenue for unauthorized actions. Furthermore, the plugin fails to implement any nonce checks on these critical entry points. The taint analysis indicates two flows with unsanitized paths, although they are not flagged as critical or high severity, they highlight potential issues in how data is processed. A particularly worrying finding is that 0% of the 25 identified outputs are properly escaped, which strongly suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the site.
Key Concerns
- AJAX handlers without authentication
- No nonce checks on AJAX handlers
- No output escaping
- Unsanitized paths in taint analysis
- Use of dangerous function 'create_function'
Dynaposty Dynamic Landing Pages Security Vulnerabilities
Dynaposty Dynamic Landing Pages Code Analysis
Dangerous Functions Found
Output Escaping
Data Flow Analysis
Dynaposty Dynamic Landing Pages Attack Surface
AJAX Handlers 2
WordPress Hooks 4
Maintenance & Trust
Dynaposty Dynamic Landing Pages Maintenance & Trust
Maintenance Signals
Community Trust
Dynaposty Dynamic Landing Pages Alternatives
Block Visibility — Conditional Visibility Control for the Block Editor
block-visibility
Easily show or hide any WordPress block. Schedule block visibility. Restrict blocks to specific screen sizes, user roles, post types, and more.
Dynamic Month & Year into Posts
dynamic-month-year-into-posts
Automate SEO and content with dynamic shortcodes for dates, years, months, age calculations, seasons and countdowns in content, titles and meta.
If-So Dynamic Content Personalization
if-so
Personalize any content! Add or replace content according to the visitor's profile and interaction with the site. No coding required!
Random Content
random-content
Display random content anywhere on your WordPress site. Rotate testimonials, banners, CTAs, and more with a simple shortcode or widget.
Account Engagement
pardot
Integrate Account Engagement with WordPress: easily track visitors, embed forms and dynamic content in pages and posts, or use the forms or dynamic co …
Dynaposty Dynamic Landing Pages Developer Profile
1 plugin · 10 total installs
How We Detect Dynaposty Dynamic Landing Pages
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/dynaposty-dynamic-landing-pages/dypo-admin.css/wp-content/plugins/dynaposty-dynamic-landing-pages/dypo-admin.js/wp-content/plugins/dynaposty-dynamic-landing-pages/js/jquery.json-2.2.js/wp-content/plugins/dynaposty-dynamic-landing-pages/dypo-admin.js/wp-content/plugins/dynaposty-dynamic-landing-pages/js/jquery.json-2.2.jsHTML / DOM Fingerprints
dypo_messagedypo_passid="dypo_envTest"class="dypo_message"DYPO_URLDYPO_JS_URLDYPO_SHORTCODE_TABLEDYPO_NUM_SHORTCODESDYPO_COOKIE_NAMEDYPO_COOKIE_VAL+9 more