Does Easy Media Statistics have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Easy Media Statistics compatible with WordPress 6.9.4?

According to WordPress.org data, Easy Media Statistics 1.0.8 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Easy Media Statistics compatible with PHP 7.2+?

Easy Media Statistics requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Easy Media Statistics updated?

Easy Media Statistics was last updated on Dec 23, 2025. Frequent updates are generally a positive security signal.

What is Easy Media Statistics's security score?

Easy Media Statistics has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Easy Media Statistics Security & Risk Analysis

wordpress.org/plugins/easy-media-statistics

Get detailed insights into visitors behavior when they listen to audio or view videos on your site - privacy-friendly.

30 active installs v1.0.8 PHP 7.2+ WP 6.2+ Updated Dec 23, 2025

analyticsmediaprivacy-friendlystatisticstracking

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Easy Media Statistics Safe to Use in 2026?

Generally Safe

Score 100/100

Easy Media Statistics has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The "easy-media-statistics" plugin v1.0.8 exhibits a mixed security posture. On the positive side, it demonstrates strong adherence to secure coding practices regarding SQL queries, utilizing prepared statements exclusively, and a high rate of output escaping. It also avoids dangerous functions, file operations, and external HTTP requests, which are common vectors for vulnerabilities.

However, significant concerns arise from its attack surface and taint analysis. The plugin exposes 3 out of 4 entry points without proper authentication or permission checks, including all REST API routes. The taint analysis reveals 2 flows with unsanitized paths, flagged as high severity, indicating a potential for sensitive data to be manipulated or accessed improperly. While the plugin has no recorded vulnerability history, this should not be a cause for complacency given the identified risks in its current codebase.

In conclusion, the plugin's strengths in SQL and output handling are overshadowed by its critical weaknesses in access control for its entry points and the presence of high-severity unsanitized data flows. The lack of historical vulnerabilities is a positive sign but doesn't mitigate the immediate risks presented by the static analysis.

Key Concerns

REST API routes without permission callbacks
AJAX handler without auth check
Taint flows with unsanitized paths (High severity)
Unprotected entry points (3/4)

Vulnerabilities

None known

Easy Media Statistics Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Easy Media Statistics Release Timeline

v1.0.8Current

v1.0.7

v1.0.6

v1.0.5

v1.0.4

v1.0.3

v1.0.2

v1.0.1

v1.0.0

Code Analysis

Analyzed Mar 16, 2026

Easy Media Statistics Code Analysis

Dangerous Functions

Raw SQL Queries

31 prepared

Unescaped Output

56 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared31 total queries

Output Escaping

90% escaped62 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

add_media_statistics (easy-media-statistics.php:114)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

Easy Media Statistics Attack Surface

Entry Points4

Unprotected3

AJAX Handlers 2

noprivwp_ajax_add_media_statisticseasy-media-statistics.php:25

authwp_ajax_add_media_statisticseasy-media-statistics.php:26

REST API Routes 2

GET/wp-json/layart/v1/media-statsincludes\easy_media_statistics_admin.php:619

GET/wp-json/layart/v1/media-overviewincludes\easy_media_statistics_admin.php:622

WordPress Hooks 10

actionwp_enqueue_scriptseasy-media-statistics.php:23

actionadmin_enqueue_scriptseasy-media-statistics.php:24

actionadmin_initincludes\easy_media_statistics_admin.php:13

actionadmin_menuincludes\easy_media_statistics_admin.php:14

actionwp_dashboard_setupincludes\easy_media_statistics_admin.php:15

actionshow_user_profileincludes\easy_media_statistics_admin.php:16

actionedit_user_profileincludes\easy_media_statistics_admin.php:17

actionwp_loginincludes\easy_media_statistics_admin.php:18

actionclear_auth_cookieincludes\easy_media_statistics_admin.php:19

actionrest_api_initincludes\easy_media_statistics_admin.php:20

Maintenance & Trust

Easy Media Statistics Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 23, 2025

PHP min version7.2

Downloads732

Community Trust

Rating0/100

Number of ratings0

Active installs30

Alternatives

Easy Media Statistics Alternatives

GA Google Analytics – Connect Google Analytics to WordPress

ga-google-analytics

100

Adds Google Analytics tracking code to your WordPress site. Supports many tracking features.

400K No CVEs

SlimStat Analytics

wp-slimstat

The leading web analytics plugin for WordPress

80K 24 CVEs

Connect Matomo – Analytics Dashboard for WordPress

wp-piwik

Adds Matomo (former Piwik) statistics to your WordPress dashboard and is also able to add the Matomo Tracking Code to your blog.

60K 5 CVEs

NewStatPress

newstatpress

NewStatPress (Statpress plugin fork) is a real-time plugin to manage the visits' statistics about your blog (without external web analytics).

9K 10 CVEs

User Activity Tracking and Log

user-activity-tracking-and-log

Track time and monitor user activity & history on your website, LMS online learning system, membership or WooCommerce site.

3K 2 CVEs

Developer Profile

Easy Media Statistics Developer Profile

Jürgen Müller

5 plugins · 760 total installs

trust score

Avg Security Score

99/100

Avg Patch Time

9 days

View full developer profile

Detection Fingerprints

How We Detect Easy Media Statistics

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/easy-media-statistics/admin/css/style.css/wp-content/plugins/easy-media-statistics/public/js/script.js/wp-content/plugins/easy-media-statistics/admin/js/statistics.js

Script Paths

public/js/script.jsadmin/js/statistics.js

Version Parameters

easy-media-statistics/public/js/script.js?ver=easy-media-statistics/admin/css/style.css?ver=easy-media-statistics/admin/js/statistics.js?ver=

HTML / DOM Fingerprints

Data Attributes

data-nonce

JS Globals

laem_localize

FAQ