Does EazyDocs – AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder have any unpatched vulnerabilities?

No. All known vulnerabilities in EazyDocs – AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is EazyDocs – AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder compatible with WordPress 6.9.4?

According to WordPress.org data, EazyDocs – AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder 2.10.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

EazyDocs – AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder Security & Risk Analysis

wordpress.org/plugins/eazydocs

Build professional knowledge bases with unlimited docs, drag-and-drop editor, live search, and SEO optimization.

2K active installs v2.10.2 PHP 7.4+ WP 5.0+ Updated Mar 7, 2026

documentationfaqhelp-deskknowledge-basewordpress-wiki

A · Safe

CVEs total9

Unpatched0

Last CVEApr 7, 2025

Plugin page Download

Safety Verdict

Is EazyDocs – AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder Safe to Use in 2026?

Generally Safe

Score 91/100

EazyDocs – AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder has a strong security track record. Known vulnerabilities have been patched promptly.

9 known CVEsLast CVE: Apr 7, 2025Updated 27d ago

Risk Assessment

Eazydocs v2.10.2 exhibits a mixed security posture. While the code analysis shows good practices in many areas, such as a high percentage of prepared SQL statements and properly escaped output, there are notable concerns. The presence of two AJAX handlers without authentication checks represents a direct attack vector that could be exploited to perform unauthorized actions. The plugin also has a history of significant vulnerabilities, including high-severity ones like Remote File Inclusion and SQL Injection, indicating a past struggle with secure coding. The fact that there are currently no unpatched CVEs is positive, but the historical prevalence of severe vulnerability types suggests a need for continued vigilance and robust security practices.

Key Concerns

Unprotected AJAX handlers
Past high-severity vulnerabilities (2 high CVEs)
Past medium-severity vulnerabilities (7 medium CVEs)
Bundled outdated library (Freemius v1.0)

Vulnerabilities

EazyDocs – AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder Security Vulnerabilities

CVEs by Year

4 CVEs in 2023

2023

4 CVEs in 2024

2024

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

High

Medium

9 total CVEs

CVE-2025-32221medium · 4.3Missing Authorization

EazyDocs <= 2.7.1 - Missing Authorization

Apr 7, 2025 Patched in 2.7.2 (275d)

CVE-2024-54376high · 8.8Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

EazyDocs <= 2.8.0 - Authenticated (Contributor+) Local File Inclusion

Dec 11, 2024 Patched in 2.8.1 (392d)

CVE-2024-38720medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

EazyDocs <= 2.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Jul 11, 2024 Patched in 2.5.1 (22d)

CVE-2024-38721medium · 4.3Missing Authorization

EazyDocs <= 2.5.0 - Missing Authorization

Jul 11, 2024 Patched in 2.5.1 (22d)

CVE-2024-3999medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

EazyDocs – Most Powerful Knowledge base, wiki, Documentation Builder Plugin <= 2.4.1 - Authenticated (Admin+) Stored Cross-Site Scripting

Jun 11, 2024 Patched in 2.5.0 (23d)

CVE-2024-0248medium · 4.3Missing Authorization

EazyDocs 2.3.8 - 2.3.9 - Missing Authorization

Dec 21, 2023 Patched in 2.4.0 (93d)

CVE-2023-6035high · 8.8Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

EazyDocs <= 2.3.3 - Authenticated (Subscriber+) SQL Injection

Nov 20, 2023 Patched in 2.3.4 (64d)

CVE-2023-47648medium · 6.5Missing Authorization

EazyDocs <= 2.3.5 - Missing Authorization via doc_one_page and edit_doc_one_page

Nov 7, 2023 Patched in 2.3.6 (92d)

CVE-2023-47549medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

EazyDocs <= 2.3.5 - Unauthenticated Stored Cross-Site Scripting via edit_doc_one_page

Nov 7, 2023 Patched in 2.3.6 (77d)

Code Analysis

Analyzed Mar 16, 2026

EazyDocs – AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder Code Analysis

Dangerous Functions

Raw SQL Queries

28 prepared

Unescaped Output

288

1746 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

SQL Query Safety

54% prepared52 total queries

Output Escaping

86% escaped2034 total outputs

Data Flows

All sanitized

Data Flow Analysis

9 flows

csf_export (includes\csf\functions\actions.php:62)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

EazyDocs – AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder Attack Surface

Entry Points29

Unprotected2

AJAX Handlers 24

authwp_ajax_eaz_nestable_docsincludes\Admin\Admin.php:34

authwp_ajax_eaz_parent_nestable_docsincludes\Admin\Admin.php:35

authwp_ajax_ezd_dismiss_antimanual_noticeincludes\Admin\AntimanualNotice.php:48

authwp_ajax_ezd_plugin_actionincludes\Admin\setup-wizard\Plugin_Installer.php:12

authwp_ajax_csf-get-iconsincludes\csf\functions\actions.php:50

authwp_ajax_csf-exportincludes\csf\functions\actions.php:91

authwp_ajax_csf-importincludes\csf\functions\actions.php:131

authwp_ajax_csf-resetincludes\csf\functions\actions.php:162

authwp_ajax_csf-chosenincludes\csf\functions\actions.php:201

authwp_ajax_eazydocs_handle_feedbackincludes\Frontend\Ajax.php:23

noprivwp_ajax_eazydocs_handle_feedbackincludes\Frontend\Ajax.php:24

authwp_ajax_eazydocs_search_resultsincludes\Frontend\Ajax.php:26

noprivwp_ajax_eazydocs_search_resultsincludes\Frontend\Ajax.php:27

authwp_ajax_docs_single_contentincludes\Frontend\Ajax.php:29

noprivwp_ajax_docs_single_contentincludes\Frontend\Ajax.php:30

authwp_ajax_eazydocs_feedback_emailincludes\Frontend\Mailer.php:9

noprivwp_ajax_eazydocs_feedback_emailincludes\Frontend\Mailer.php:10

authwp_ajax_ezd_setup_wizard_save_settingsincludes\functions.php:1969

authwp_ajax_ezd_migrate_to_eazydocsincludes\functions.php:2435

authwp_ajax_ezd_install_advanced_accordionincludes\functions.php:2595

authwp_ajax_ezd_import_sample_dataincludes\functions.php:2632

authwp_ajax_ezd_notify_save_reviewincludes\notices\asking-for-review.php:27

authwp_ajax_ezd_dismiss_gutenberg_infoincludes\notices\gutenberg-info.php:11

authwp_ajax_ezd_handle_offer_noticeincludes\notices\offer.php:291

Shortcodes 5

[eazydocs] includes\Frontend\Shortcode.php:19

[ezd_google_login] includes\Google_Login.php:40

[conditional_data] shortcodes\conditional_data.php:2

[ezd-view-docs] shortcodes\ezd-view-docs.php:12

[reference] shortcodes\reference.php:2

WordPress Hooks 131

actioninitblocks.php:19

actioncurrent_screenblocks.php:20

filterblock_categories_allblocks.php:26

filterblock_categories_allblocks.php:28

filterhide_freemius_powered_byeazydocs.php:63

actioniniteazydocs.php:83

actionplugins_loadedeazydocs.php:84

actionafter_setup_themeeazydocs.php:85

actionadmin_noticeseazydocs.php:86

filterplugin_row_metaeazydocs.php:87

actionadmin_headeazydocs.php:89

actionadmin_noticeseazydocs.php:104

actionadmin_noticeseazydocs.php:108

actionrest_api_initeazydocs.php:234

actionadmin_menuincludes\Admin\Admin.php:28

actionadmin_menuincludes\Admin\Admin.php:29

filteradmin_body_classincludes\Admin\Admin.php:30

actioncustomize_controls_print_footer_scriptsincludes\Admin\Admin.php:31

filterget_edit_post_linkincludes\Admin\Admin.php:32

filterdisplay_post_statesincludes\Admin\Admin.php:36

actionsave_postincludes\Admin\Admin.php:504

actionsave_postincludes\Admin\Admin.php:505

actionadmin_noticesincludes\Admin\AntimanualNotice.php:45

actionadmin_enqueue_scriptsincludes\Admin\Assets.php:22

actionadmin_enqueue_scriptsincludes\Admin\Assets.php:24

actionenqueue_block_editor_assetsincludes\Admin\Assets.php:26

actioncustomize_controls_enqueue_scriptsincludes\Admin\Assets.php:27

actionadmin_initincludes\Admin\Create_Post.php:22

actionadmin_initincludes\Admin\Delete_Post.php:21

actionwp_enqueue_scriptsincludes\csf\classes\abstract.class.php:20

actionadmin_menuincludes\csf\classes\admin-options.class.php:107

actionadmin_bar_menuincludes\csf\classes\admin-options.class.php:108

actionnetwork_admin_menuincludes\csf\classes\admin-options.class.php:112

filteradmin_footer_textincludes\csf\classes\admin-options.class.php:432

actionadd_meta_boxes_commentincludes\csf\classes\comment-options.class.php:38

actionedit_commentincludes\csf\classes\comment-options.class.php:39

actioncustomize_registerincludes\csf\classes\customize-options.class.php:44

actioncustomize_save_afterincludes\csf\classes\customize-options.class.php:45

actionwp_enqueue_scriptsincludes\csf\classes\customize-options.class.php:49

actionadd_meta_boxesincludes\csf\classes\metabox-options.class.php:52

actionsave_postincludes\csf\classes\metabox-options.class.php:53

actionedit_attachmentincludes\csf\classes\metabox-options.class.php:54

actionwp_nav_menu_item_custom_fieldsincludes\csf\classes\nav-menu-options.class.php:32

actionwp_update_nav_menu_itemincludes\csf\classes\nav-menu-options.class.php:33

filterwp_edit_nav_menu_walkerincludes\csf\classes\nav-menu-options.class.php:35

actionadmin_initincludes\csf\classes\profile-options.class.php:32

actionshow_user_profileincludes\csf\classes\profile-options.class.php:44

actionedit_user_profileincludes\csf\classes\profile-options.class.php:45

actionpersonal_options_updateincludes\csf\classes\profile-options.class.php:47

actionedit_user_profile_updateincludes\csf\classes\profile-options.class.php:48

actionafter_setup_themeincludes\csf\classes\setup.class.php:76

actioninitincludes\csf\classes\setup.class.php:77

actionswitch_themeincludes\csf\classes\setup.class.php:78

actionadmin_enqueue_scriptsincludes\csf\classes\setup.class.php:79

actionwp_enqueue_scriptsincludes\csf\classes\setup.class.php:80

actionwp_headincludes\csf\classes\setup.class.php:81

filteradmin_body_classincludes\csf\classes\setup.class.php:82

actioninitincludes\csf\classes\setup.class.php:264

actionadmin_footerincludes\csf\classes\shortcode-options.class.php:47

actioncustomize_controls_print_footer_scriptsincludes\csf\classes\shortcode-options.class.php:48

actionelementor/editor/before_enqueue_scriptsincludes\csf\classes\shortcode-options.class.php:59

actionelementor/editor/footerincludes\csf\classes\shortcode-options.class.php:60

actionelementor/editor/footerincludes\csf\classes\shortcode-options.class.php:61

actionenqueue_block_editor_assetsincludes\csf\classes\shortcode-options.class.php:258

actionmedia_buttonsincludes\csf\classes\shortcode-options.class.php:262

actionadmin_initincludes\csf\classes\taxonomy-options.class.php:41

actionadmin_footerincludes\csf\fields\icon\icon.php:41

actioncustomize_controls_print_footer_scriptsincludes\csf\fields\icon\icon.php:42

actionadmin_print_footer_scriptsincludes\csf\fields\link\link.php:65

actionprint_default_editor_scriptsincludes\csf\fields\wp_editor\wp_editor.php:62

actionadmin_initincludes\Edit_OnePage.php:18

actionwp_footerincludes\Elementor\Search\ezd-search.php:33

actionelementor/widgets/registerincludes\Elementor\Widgets.php:14

actionelementor/elements/categories_registeredincludes\Elementor\Widgets.php:17

actionelementor/editor/before_enqueue_scriptsincludes\Elementor\Widgets.php:20

filteris_singularincludes\Frontend\Ajax.php:398

actionwp_enqueue_scriptsincludes\Frontend\Assets.php:18

actionwp_enqueue_scriptsincludes\Frontend\Assets.php:19

filtertemplate_includeincludes\Frontend\Frontend.php:16

actioneazydocs_footnoteincludes\Frontend\Frontend.php:17

actioneazydocs_related_articlesincludes\Frontend\Frontend.php:18

actioneazydocs_viewed_articlesincludes\Frontend\Frontend.php:19

filterbody_classincludes\Frontend\Frontend.php:20

actioneazydocs_prev_next_docsincludes\Frontend\Frontend.php:21

actionezd_negative_feedback_notificationincludes\Frontend\Mailer.php:11

actionezd_negative_feedback_notificationincludes\Frontend\Mailer.php:174

actionwpincludes\Frontend\post-views.php:32

filtermanage_doc_posts_columnsincludes\Frontend\search-counts.php:34

actionmanage_doc_posts_custom_columnincludes\Frontend\search-counts.php:39

actionadmin_footerincludes\functions.php:766

actionadd_meta_boxesincludes\functions.php:1070

actionsave_postincludes\functions.php:1111

filterthe_password_formincludes\functions.php:1205

filterbody_classincludes\functions.php:1530

filterbody_classincludes\functions.php:1602

filterthe_contentincludes\functions.php:1848

filterthe_contentincludes\functions.php:1887

actionrss2_itemincludes\functions.php:1985

actioninitincludes\functions.php:2067

actioninitincludes\functions.php:2143

filtershow_admin_barincludes\functions.php:2148

actiontemplate_redirectincludes\functions.php:2163

actionsave_postincludes\functions.php:2347

actiondelete_postincludes\functions.php:2348

actionsave_postincludes\functions.php:2409

actiondelete_postincludes\functions.php:2410

actioninitincludes\Google_Login.php:32

actionlogin_formincludes\Google_Login.php:35

actionregister_formincludes\Google_Login.php:36

actiontemplate_redirectincludes\Google_Login.php:38

actionlogin_messageincludes\Google_Login.php:39

actionlogin_enqueue_scriptsincludes\Google_Login.php:43

filterquery_varsincludes\Google_Login.php:60

actionadmin_noticesincludes\notices\asking-for-review.php:22

actionadmin_initincludes\notices\class-remote-notice-client.php:115

actionadmin_noticesincludes\notices\class-remote-notice-client.php:118

actionadmin_noticesincludes\notices\deactivate-other-doc-plugins.php:12

actionadmin_initincludes\notices\deactivate-other-doc-plugins.php:59

actionadmin_noticesincludes\notices\gutenberg-info.php:10

actionadmin_initincludes\notices\update-database.php:13

actionplugins_loadedincludes\notices\_notices.php:16

actionadmin_initincludes\One_Page.php:17

actioninitincludes\One_Page_Docs.php:27

actioninitincludes\Post_Types.php:25

actioninitincludes\Post_Types.php:26

actioninitincludes\Post_Types.php:27

filterpost_type_linkincludes\Root_Conversion.php:26

actiontemplate_redirectincludes\Root_Conversion.php:29

filterpost_type_linkincludes\Root_Conversion.php:37

filterrequestincludes\Root_Conversion.php:45

actionwidgets_initincludes\sidebars.php:13

Scheduled Events 2

ezd_negative_feedback_notification

Maintenance & Trust

EazyDocs – AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 7, 2026

PHP min version7.4

Downloads91K

Community Trust

Rating94/100

Number of ratings95

Active installs2K

Alternatives

EazyDocs – AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder Alternatives

BasePress Knowledge Base + Oxygen Visual Site Builder Integration

basepress-oxygen-integration

Integrate BasePress Knowledge Base with Oxygen Visual Site Builder

40 No CVEs

BasePress Knowledge Base + SearchWP Integration

basepress-searchwp-integration

Integrate BasePress Knowledge Base Premium with SearchWP 3.x and 4.x

10 No CVEs

BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor

betterdocs

A full-featured documentation plugin including AI writing assistance to create knowledge bases, docs, FAQs, wikis, and more with easy drag & drop UI.

40K 7 CVEs

Echo Knowledge Base – Documentation, FAQs, Chat & Smart Search

echo-knowledge-base

A fully featured, easy-to-use documentation plugin with AI chat and search integration. Build beautiful knowledge bases, FAQs, docs, and wikis.

10K 1 CVE

Knowledge Base

knowledgebase

Effortlessly build a comprehensive knowledge base for unlimited products on your WordPress site and elevate your customer support experience.

100 4 CVEs

Developer Profile

EazyDocs – AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder Developer Profile

Spider Themes

7 plugins · 14K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

109 days

View full developer profile

Detection Fingerprints

How We Detect EazyDocs – AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/eazydocs/assets/css/frontend.min.css/wp-content/plugins/eazydocs/assets/css/backend.min.css/wp-content/plugins/eazydocs/assets/js/frontend.min.js/wp-content/plugins/eazydocs/assets/js/backend.min.js/wp-content/plugins/eazydocs/assets/js/eazydocs-editor.js/wp-content/plugins/eazydocs/assets/vendors/tippyjs/tippy.min.js/wp-content/plugins/eazydocs/assets/vendors/tippyjs/tippy.css/wp-content/plugins/eazydocs/assets/vendors/datatable/datatables.min.js+9 more

Script Paths

/wp-content/plugins/eazydocs/assets/js/frontend.min.js/wp-content/plugins/eazydocs/assets/js/backend.min.js/wp-content/plugins/eazydocs/assets/js/eazydocs-editor.js/wp-content/plugins/eazydocs/assets/vendors/tippyjs/tippy.min.js/wp-content/plugins/eazydocs/assets/vendors/datatable/datatables.min.js/wp-content/plugins/eazydocs/assets/vendors/toastify/toastify.js+3 more

Version Parameters

/wp-content/plugins/eazydocs/assets/css/frontend.min.css?ver=/wp-content/plugins/eazydocs/assets/css/backend.min.css?ver=/wp-content/plugins/eazydocs/assets/js/frontend.min.js?ver=/wp-content/plugins/eazydocs/assets/js/backend.min.js?ver=/wp-content/plugins/eazydocs/assets/js/eazydocs-editor.js?ver=/wp-content/plugins/eazydocs/assets/vendors/tippyjs/tippy.min.js?ver=/wp-content/plugins/eazydocs/assets/vendors/tippyjs/tippy.css?ver=/wp-content/plugins/eazydocs/assets/vendors/datatable/datatables.min.js?ver=/wp-content/plugins/eazydocs/assets/vendors/datatable/datatables.css?ver=/wp-content/plugins/eazydocs/assets/vendors/toastify/toastify.js?ver=/wp-content/plugins/eazydocs/assets/vendors/toastify/toastify.css?ver=/wp-content/plugins/eazydocs/assets/vendors/select2/js/select2.full.min.js?ver=/wp-content/plugins/eazydocs/assets/vendors/select2/css/select2.min.css?ver=/wp-content/plugins/eazydocs/build/styles/frontend.css?ver=/wp-content/plugins/eazydocs/build/styles/frontend.min.css?ver=/wp-content/plugins/eazydocs/build/js/frontend.js?ver=/wp-content/plugins/eazydocs/build/js/frontend.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

eazydocs-single-doceazydocs-contenteazydocs-toc-wrappereazydocs-primary-naveazydocs-main-menueazydocs-breadcrumbeazydocs-entry-headereazydocs-post-thumbnail+7 more

HTML Comments

+1 more

Data Attributes

data-eazydocs-iddata-eazydocs-titledata-eazydocs-urldata-eazydocs-position

JS Globals

EazyDocsFrontendeazydocs_varsezd_globalsEazyDocsFrontendAjaxeazydocs_editor_params

REST Endpoints

/wp-json/eazydocs/v1/docs/wp-json/eazydocs/v1/settings/wp-json/eazydocs/v1/search/wp-json/eazydocs/v1/posts

Shortcode Output

[eazydocs][eazydocs_faq][eazydocs_search][eazydocs_toc]

FAQ