eRocket Security & Risk Analysis
wordpress.org/plugins/erocketSupercharge your WordPress themes with extra functionalities and modules.
Is eRocket Safe to Use in 2026?
Generally Safe
Score 85/100eRocket has a strong security track record. Known vulnerabilities have been patched promptly.
The 'erocket' plugin v1.2.5 exhibits a mixed security posture. On one hand, the static analysis shows a commendably small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, all SQL queries utilize prepared statements, which is a significant strength in preventing SQL injection vulnerabilities. The presence of a nonce check and file operations, while present, are not inherently problematic without further context.
However, the 57% proper output escaping rate is a notable concern. This indicates that a significant portion of data outputted by the plugin may be vulnerable to Cross-Site Scripting (XSS) attacks. While no critical or high severity taint flows were detected in the static analysis, the historical vulnerability data reveals a past medium severity XSS vulnerability. The recurring nature of XSS as a common vulnerability type, coupled with the imperfect output escaping, suggests a potential for similar issues to arise.
In conclusion, while 'erocket' v1.2.5 has strengths in its limited attack surface and secure SQL handling, the suboptimal output escaping and historical XSS vulnerability necessitate caution. The plugin needs to prioritize addressing the output escaping issues to mitigate the risk of XSS.
Key Concerns
- Improper output escaping rate is concerning
- History of XSS vulnerabilities
eRocket Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
eRocket <= 1.2.4 - Authenticated (Administrator+) Stored Cross-Site Scripting
eRocket Code Analysis
Output Escaping
eRocket Attack Surface
WordPress Hooks 8
Maintenance & Trust
eRocket Maintenance & Trust
Maintenance Signals
Community Trust
eRocket Alternatives
Hello Plus
hello-plus
Hello+ is a free WordPress plugin designed to work seamlessly with Elementor’s Hello suite of themes.
aThemes Addons for Elementor
athemes-addons-for-elementor-lite
A collection of 30+ essential Elementor addons that let you create galleries, sliders, calls to action, forms, pricing tables, animations, and more.
Everest Toolkit
everest-toolkit
A essential toolkit for themes made by everestthemes (everestthemes.com). Everest toolkit helps you to setup your website or blog faster.
Sky Addons – Elementor Addons with Widgets & Templates
sky-elementor-addons
Sky Addons is a powerful and essential Elementor addon plugin with 105 widgets and 2,000+ ready Elementor templates and a complete Theme Builder.
Ammu Demo Import
ammu-demo-import
A plugin to install demo content to themes developed by Ammuthemes.
eRocket Developer Profile
17 plugins · 85K total installs
How We Detect eRocket
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/erocket/admin/css/select2.min.css/wp-content/plugins/erocket/admin/css/select2-theme-bootstrap.min.css/wp-content/plugins/erocket/admin/js/select2.min.js/wp-content/plugins/erocket/admin/js/erocket-admin.js/wp-content/plugins/erocket/public/css/erocket-public.css/wp-content/plugins/erocket/public/js/erocket-public.js/wp-content/plugins/erocket/admin/js/select2.min.js/wp-content/plugins/erocket/admin/js/erocket-admin.js/wp-content/plugins/erocket/public/js/erocket-public.jsHTML / DOM Fingerprints
ecieci-infoeci-profileserperp-verticalerp-horizontalerp-body<!-- wp:social-links --><!-- /wp:social-links --><!-- wp:social-link /-->+26 moredata-erocket-searchERocket[erocket_subscribe_form][erocket_recent_posts][erocket_comments][erocket_about_widget]