WP-Safety

Easy Architect Security & Risk Analysis

wordpress.org/plugins/easy-architect

Visually build custom post types, meta fields, and dynamic templates—no code. Extended blocks for icons, galleries, embeds, and dynamic content.

0 active installs v1.2.4 PHP 7.4+ WP 6.7+ Updated Jan 10, 2026
block-bindingscustom-fieldscustom-post-typemetatemplates
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Easy Architect Safe to Use in 2026?

Generally Safe

Score 100/100

Easy Architect has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "easy-architect" v1.2.4 plugin exhibits a generally good security posture based on the provided static analysis. The plugin makes strong use of prepared statements for all SQL queries and properly escapes a high percentage of its output, indicating a conscious effort to prevent common web vulnerabilities like SQL injection and cross-site scripting. The absence of dangerous functions, critical or high-severity taint flows, and any recorded vulnerability history further contribute to this positive assessment.

However, there are specific areas of concern. The plugin exposes two unprotected entry points: one AJAX handler and one REST API route that lacks permission callbacks. These unprotected endpoints represent significant attack vectors. While the static analysis did not find any flaws in taint analysis or dangerous functions, these unprotected entry points could potentially be exploited if malicious input is not properly handled downstream. The presence of these gaps, despite otherwise good practices, warrants careful attention.

In conclusion, "easy-architect" v1.2.4 demonstrates a solid foundation in secure coding practices, particularly concerning database interactions and output sanitization. The lack of historical vulnerabilities is a strong positive indicator. Nevertheless, the identified unprotected AJAX and REST API endpoints are critical weaknesses that could be leveraged for unauthorized actions or information disclosure. Addressing these specific exposure points should be the immediate priority to improve the plugin's overall security.

Key Concerns

  • AJAX handler without auth check
  • REST API route without permission callback
Vulnerabilities
None known

Easy Architect Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Easy Architect Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
61 prepared
Unescaped Output
21
314 escaped
Nonce Checks
7
Capability Checks
12
File Operations
1
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared61 total queries

Output Escaping

94% escaped335 total outputs
Data Flows
All sanitized

Data Flow Analysis

1 flows
<easy-icon> (includes\easy-icon.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Easy Architect Attack Surface

Entry Points8
Unprotected2

AJAX Handlers 1

authwp_ajax_eaar_delete_itemsincludes\delete-confirmation.php:21

REST API Routes 7

GET/wp-json/eaar/v1/rateincludes\easy-icon.php:282
GET/wp-json/eaar/v1/get-ratingincludes\easy-icon.php:289
GET/wp-json/eaar/v1/delete-ratingsincludes\easy-icon.php:298
GET/wp-json/eaar/v1/next-instance-idincludes\easy-icon.php:307
GET/wp-json/eaar/v1/meta-editor-dataincludes\meta.php:132
GET/wp-json/eaar/v1/smetaincludes\meta.php:146
GET/wp-json/eaar/v1/meta-orderincludes\meta.php:155
WordPress Hooks 40
actioniniteasy-architect.php:44
actionplugins_loadedeasy-architect.php:45
actionwp_enqueue_scriptseasy-architect.php:46
actionadmin_enqueue_scriptseasy-architect.php:47
actionadmin_enqueue_scriptsincludes\dashicon-picker.php:18
actionadmin_enqueue_scriptsincludes\delete-confirmation.php:20
actionadmin_post_easy_form_submitincludes\easy-form.php:26
actionadmin_post_nopriv_easy_form_submitincludes\easy-form.php:27
actioneaar_cleanup_form_fileincludes\easy-form.php:28
actionrest_api_initincludes\easy-icon.php:28
actionwp_enqueue_scriptsincludes\easy-lightbox.php:14
actioninitincludes\media-modal-object-position.php:19
actionadmin_enqueue_scriptsincludes\media-modal-object-position.php:20
filterattachment_fields_to_editincludes\media-modal-object-position.php:21
filterattachment_fields_to_saveincludes\media-modal-object-position.php:22
filterrender_block_core/imageincludes\media-modal-object-position.php:25
filterpost_thumbnail_htmlincludes\media-modal-object-position.php:26
actionadmin_enqueue_scriptsincludes\meta-menu.php:26
actionadmin_menuincludes\meta-menu.php:27
filterset-screen-optionincludes\meta-menu.php:28
actioninitincludes\meta.php:32
actionrest_api_initincludes\meta.php:33
actioninitincludes\post-type-edit-menu.php:44
actionadmin_enqueue_scriptsincludes\post-type-edit-menu.php:45
actionadmin_menuincludes\post-type-edit-menu.php:46
actioninitincludes\post-type-menu.php:48
actionadmin_enqueue_scriptsincludes\post-type-menu.php:49
actionadmin_menuincludes\post-type-menu.php:50
filterset-screen-optionincludes\post-type-menu.php:52
actioninitincludes\post-type.php:66
actionpre_get_postsincludes\post-type.php:67
actionrestrict_manage_postsincludes\post-type.php:68
actionload-edit.phpincludes\post-type.php:69
filtermanage_post_posts_columnsincludes\post-type.php:72
actionmanage_post_posts_custom_columnincludes\post-type.php:73
actionupdated_post_metaincludes\unpublish.php:29
actionadded_post_metaincludes\unpublish.php:30
actioneaar_unpublish_postincludes\unpublish.php:33
filterregister_block_type_argsincludes\visibility.php:24
filterrender_block_dataincludes\visibility.php:25

Scheduled Events 1

eaar_cleanup_form_file
Maintenance & Trust

Easy Architect Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 10, 2026
PHP min version7.4
Downloads966

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Easy Architect Alternatives

Meta Box

Meta Box

meta-box

A
89

Meta Box plugin is a powerful, professional developer toolkit to create custom meta boxes and custom fields for your custom post types in WordPress.

500K 6 CVEs
CubeWP Framework

CubeWP Framework

cubewp-framework

C
52

CubeWP is an end-to-end dynamic content framework for WordPress to help you shrink time and cut cost of development up to 90%.

4K 1 unpatched
Custom post types, Custom Fields & more

Custom post types, Custom Fields & more

custom-post-types

A
98

Custom Post Types, Custom Fields, Custom Taxonomies, Custom Templates, Custom Admin Pages, Custom Admin Notices. Directly from the WP dashboard.

3K 3 CVEs
PT Theme Addon

PT Theme Addon

pt-theme-addon

A
85

Plugin to add team, testimonial portfolio and clients custom post type. Each post type has its widget and shortcode to use in theme.

1K No CVEs
Business Era Extension

Business Era Extension

business-era-extension

A
85

Plugin to extend features of Business Era Theme. This plugin registers custom post types, widgets and custom fields for the Business Era theme.

100 No CVEs
Developer Profile

Easy Architect Developer Profile

Jürgen Müller

5 plugins · 760 total installs

93
trust score
Avg Security Score
99/100
Avg Patch Time
9 days
View full developer profile
Detection Fingerprints

How We Detect Easy Architect

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/easy-architect/build/meta/style-index.css/wp-content/plugins/easy-architect/build/style-index.css/wp-content/plugins/easy-architect/build/index.js
Script Paths
/wp-content/plugins/easy-architect/build/index.js
Version Parameters
easy-architect/build/meta/style-index.css?ver=easy-architect/build/style-index.css?ver=easy-architect/build/index.js?ver=

HTML / DOM Fingerprints

CSS Classes
eaar-easy-form-container
Data Attributes
data-eaar-parent
JS Globals
EAAR_GLYPH_LOCALIZE
REST Endpoints
/wp-json/easy-architect/v1/settings
Shortcode Output
[easy-architect-gallery[easy-architect-text[easy-architect-image[easy-architect-embed
FAQ

Frequently Asked Questions about Easy Architect