Does EnvyDoc – WordPress Plugin for Ultimate Online Documentation have any unpatched vulnerabilities?

No. All known vulnerabilities in EnvyDoc – WordPress Plugin for Ultimate Online Documentation have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is EnvyDoc – WordPress Plugin for Ultimate Online Documentation compatible with WordPress 5.7.15?

According to WordPress.org data, EnvyDoc – WordPress Plugin for Ultimate Online Documentation 1.1 has been tested up to WordPress 5.7.15. Check the plugin's changelog for the latest compatibility information.

EnvyDoc – WordPress Plugin for Ultimate Online Documentation Security & Risk Analysis

wordpress.org/plugins/envydoc

EnvyDoc WordPress plugin can help you create unlimited online docs for your project. The plugin offers extra-ordinary features, including easy-to-use …

0 active installs v1.1 PHP + WP 4.9+ Updated Mar 14, 2021

docdocsdocumentationonlinepreview

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is EnvyDoc – WordPress Plugin for Ultimate Online Documentation Safe to Use in 2026?

Generally Safe

Score 85/100

EnvyDoc – WordPress Plugin for Ultimate Online Documentation has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The envydoc v1.1 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by avoiding dangerous functions, utilizing prepared statements for all SQL queries, and having no recorded vulnerabilities in its history. This suggests a generally well-developed plugin with a focus on secure coding for database interactions and a lack of known exploitable flaws. However, significant concerns arise from the attack surface analysis. The plugin exposes four AJAX handlers without authentication checks, creating a direct pathway for unauthenticated users to interact with potentially sensitive functionality. Furthermore, a low percentage of output is properly escaped, indicating a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. While taint analysis shows no current flows, this could be due to a lack of complex data manipulation or insufficient analysis depth; the unescaped output is a strong indicator that XSS is a plausible threat.

While the absence of past vulnerabilities and the use of prepared statements are strengths, the unprotected AJAX endpoints and the low output escaping rate represent critical security weaknesses. The plugin's vulnerability history being clean is reassuring, but it does not negate the immediate risks present in the code's attack surface and output handling. A balanced conclusion is that envydoc v1.1 has a solid foundation in certain areas but requires immediate attention to address its unprotected entry points and output escaping deficiencies to mitigate significant security risks, particularly XSS and potential unauthorized actions.

Key Concerns

AJAX handlers without authentication
Low percentage of properly escaped output
Low percentage of properly escaped output
Low percentage of properly escaped output
Low percentage of properly escaped output
Low percentage of properly escaped output
Low percentage of properly escaped output
Only one nonce check found

Vulnerabilities

None known

EnvyDoc – WordPress Plugin for Ultimate Online Documentation Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

EnvyDoc – WordPress Plugin for Ultimate Online Documentation Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

347

221 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

39% escaped568 total outputs

Attack Surface

4 unprotected

EnvyDoc – WordPress Plugin for Ultimate Online Documentation Attack Surface

Entry Points11

Unprotected4

AJAX Handlers 6

noprivwp_ajax_envydoc_addpostincludes\class-envy-doc.php:475

authwp_ajax_envydoc_addpostincludes\class-envy-doc.php:476

authwp_ajax_item_sortincludes\class-envy-doc.php:490

noprivwp_ajax_item_sortincludes\class-envy-doc.php:491

authwp_ajax_thumbs_rating_add_votepublic\partials\envy-doc-voting-display.php:116

noprivwp_ajax_thumbs_rating_add_votepublic\partials\envy-doc-voting-display.php:117

Shortcodes 5

[envy_doc] public\partials\doc\envy-doc-public-display.php:160

[envy_doc] public\partials\envy-doc-public-display.php:137

[thumbs_rating_top] public\partials\envy-doc-voting-display.php:387

[thumbs-rating-buttons] public\partials\envy-doc-voting-display.php:401

[envy_doc_kb] public\partials\kb\envy-kb-public-display.php:141

WordPress Hooks 30

actionadmin_initadmin\partials\envy-doc-admin-settings.php:29

actionadmin_headadmin\partials\envy-doc-admin-settings.php:134

actionadd_meta_boxesincludes\class-envy-doc-metabox.php:3

actionsave_postincludes\class-envy-doc-metabox.php:16

actionwidgets_initincludes\class-envy-doc-widget.php:87

actionplugins_loadedincludes\class-envy-doc.php:142

actionadmin_enqueue_scriptsincludes\class-envy-doc.php:157

actionadmin_enqueue_scriptsincludes\class-envy-doc.php:158

actionwp_enqueue_scriptsincludes\class-envy-doc.php:173

actionwp_enqueue_scriptsincludes\class-envy-doc.php:174

actioninitincludes\class-envy-doc.php:270

actioninitincludes\class-envy-doc.php:335

actionadmin_menuincludes\class-envy-doc.php:358

filtersubmenu_fileincludes\class-envy-doc.php:380

filterviews_edit-envydoc-kbincludes\class-envy-doc.php:467

actionadd_meta_boxesincludes\class-envy-kb-metabox.php:3

actionsave_postincludes\class-envy-kb-metabox.php:16

actionwidgets_initincludes\widgets\class-envy-doc-search-widget.php:72

actionwidgets_initincludes\widgets\class-envy-kb-popular-widget.php:123

actionwidgets_initincludes\widgets\class-envy-kb-related-widget.php:104

filterthe_contentpublic\partials\doc\envy-doc-single-display.php:82

filterthe_contentpublic\partials\envy-doc-single-display.php:407

actionwp_enqueue_scriptspublic\partials\envy-doc-voting-display.php:22

filtermanage_posts_columnspublic\partials\envy-doc-voting-display.php:134

filtermanage_pages_columnspublic\partials\envy-doc-voting-display.php:135

actionmanage_posts_custom_columnpublic\partials\envy-doc-voting-display.php:158

actionmanage_pages_custom_columnpublic\partials\envy-doc-voting-display.php:159

actionadmin_initpublic\partials\envy-doc-voting-display.php:180

filterrequestpublic\partials\envy-doc-voting-display.php:189

filterthe_contentpublic\partials\kb\envy-kb-single-display.php:82

Maintenance & Trust

EnvyDoc – WordPress Plugin for Ultimate Online Documentation Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15

Last updatedMar 14, 2021

PHP min version

Downloads1K

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

EnvyDoc – WordPress Plugin for Ultimate Online Documentation Alternatives

BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor

betterdocs

A full-featured documentation plugin including AI writing assistance to create knowledge bases, docs, FAQs, wikis, and more with easy drag & drop UI.

40K 7 CVEs

WP Help

wp-help

Site operators can create detailed, hierarchical documentation for the site's authors, editors, and contributors, viewable in the WordPress admin …

10K No CVEs

weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot

wedocs

Build AI-powered documentation hub with knowledge base, docs, wiki tools and chatbot support with weDocs, built by weDevs with 13 years of innovation.

4K 5 CVEs

Knowledge Base documentation & wiki plugin – BasePress Docs

basepress

Easily create & manage documentation. Reduce support tickets & scale your customer support workload. This simple plugin works with any theme.

2K 4 CVEs

Organized Docs

organized-docs

Create organized documentation for multiple products, organized by product and by subsections within each product.

70 No CVEs

Developer Profile

EnvyDoc – WordPress Plugin for Ultimate Online Documentation Developer Profile

EnvyTheme.com

7 plugins · 60 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect EnvyDoc – WordPress Plugin for Ultimate Online Documentation

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/envydoc/css/font-awesome.min.css/wp-content/plugins/envydoc/css/envy-doc-admin.css/wp-content/plugins/envydoc/js/envy-doc-script.js/wp-content/plugins/envydoc/js/envy-doc-admin.js

Script Paths

/wp-content/plugins/envydoc/js/envy-doc-script.js/wp-content/plugins/envydoc/js/envy-doc-admin.js

Version Parameters

envy-doc-admin?ver=envy-doc-script?ver=

HTML / DOM Fingerprints

CSS Classes

envydoc

HTML Comments

Plugin Name: EnvyDocAuthor: EnvyTheme

Data Attributes

data-envydoc

JS Globals

envydocajax

FAQ