Does FAQ Magic – AI powered FAQ generator have any unpatched vulnerabilities?

No. All known vulnerabilities in FAQ Magic – AI powered FAQ generator have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is FAQ Magic – AI powered FAQ generator compatible with WordPress 6.9.4?

According to WordPress.org data, FAQ Magic – AI powered FAQ generator 1.4.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is FAQ Magic – AI powered FAQ generator compatible with PHP 7.4+?

FAQ Magic – AI powered FAQ generator requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is FAQ Magic – AI powered FAQ generator updated?

FAQ Magic – AI powered FAQ generator was last updated on Jan 9, 2026. Frequent updates are generally a positive security signal.

What is FAQ Magic – AI powered FAQ generator's security score?

FAQ Magic – AI powered FAQ generator has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

FAQ Magic – AI powered FAQ generator Security & Risk Analysis

wordpress.org/plugins/faq-magic

FAQ Plugin with built-in AI powered FAQ generator to create SEO-friendly FAQs with schema markup, FAQ blocks, and flexible accordion layouts.

60 active installs v1.4.3 PHP 7.4+ WP 5.1+ Updated Jan 9, 2026

aifaq-accordionfaq-schemajson-ldschema

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is FAQ Magic – AI powered FAQ generator Safe to Use in 2026?

Generally Safe

Score 100/100

FAQ Magic – AI powered FAQ generator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The 'faq-magic' v1.4.3 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for SQL queries and ensuring almost all output is properly escaped. The absence of known CVEs and recorded vulnerabilities is a significant strength, suggesting a history of stable and secure code.

However, there are notable concerns regarding its attack surface. The plugin exposes six AJAX handlers without any authentication checks, creating a substantial entry point for potential attacks. While taint analysis shows no critical or high-severity unsanitized flows, the lack of authentication on these AJAX handlers means that any input processed by them could be exploited if vulnerabilities exist within their functionality. The presence of several nonce checks, while good, doesn't fully mitigate the risk of unauthenticated AJAX endpoints.

In conclusion, 'faq-magic' v1.4.3 has a strong foundation in secure coding practices like prepared statements and output escaping, and its vulnerability history is excellent. The primary weakness lies in its unprotected AJAX handlers, which present a significant and actionable risk. Addressing these unauthenticated entry points should be the priority for improving the plugin's overall security.

Key Concerns

Unprotected AJAX handlers

Vulnerabilities

None known

FAQ Magic – AI powered FAQ generator Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

FAQ Magic – AI powered FAQ generator Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

65 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

97% escaped67 total outputs

Attack Surface

6 unprotected

FAQ Magic – AI powered FAQ generator Attack Surface

Entry Points10

Unprotected6

AJAX Handlers 6

authwp_ajax_faqm_get_tab_outputclass.faq-magic.php:77

authwp_ajax_faqm_generate_mainclass.faq-magic.php:78

authwp_ajax_faqm_save_codeclass.faq-magic.php:79

authwp_ajax_faqm_reset_codeclass.faq-magic.php:80

authwp_ajax_faqm_load_faqsclass.faq-magic.php:81

authwp_ajax_faqm_save_faqsclass.faq-magic.php:82

Shortcodes 4

[faq_magic] inc\faq-magic-shortcodes.php:96

[faq-magic] inc\faq-magic-shortcodes.php:97

[all_magic_faqs] inc\faq-magic-shortcodes.php:202

[all-magic-faqs] inc\faq-magic-shortcodes.php:203

WordPress Hooks 17

actioninitclass.faq-magic.php:57

actionadmin_enqueue_scriptsclass.faq-magic.php:59

actionadmin_menuclass.faq-magic.php:60

actionwp_dashboard_setupclass.faq-magic.php:62

actionadd_meta_boxesclass.faq-magic.php:67

actionwp_enqueue_scriptsclass.faq-magic.php:85

actionplugins_loadedclass.faq-magic.php:87

filterwpseo_schema_graph_piecesclass.faq-magic.php:89

filterwpseo_debug_markersclass.faq-magic.php:103

filterwpseo_debug_markersclass.faq-magic.php:106

actionwp_headclass.faq-magic.php:374

filterwpseo_json_ld_outputclass.faq-magic.php:456

filterrank_math/json_ldclass.faq-magic.php:460

filteraioseo_schema_graphclass.faq-magic.php:464

filterseopress_output_json_ldclass.faq-magic.php:468

filterthe_seo_framework_ld_json_markupclass.faq-magic.php:472

actionplugins_loadedclass.faq-magic.php:475

Maintenance & Trust

FAQ Magic – AI powered FAQ generator Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 9, 2026

PHP min version7.4

Downloads941

Community Trust

Rating100/100

Number of ratings2

Active installs60

Alternatives

FAQ Magic – AI powered FAQ generator Alternatives

FAQSmith – AI-Powered FAQ Generator

faqsmith

100

Generate AI-powered FAQs from any WordPress post or page and automatically add Google-ready FAQ Schema.

10 No CVEs

SchemaGenius AI

schemagenius-ai

100

Add JSON-LD schema markup to WordPress with AI generation or manual input. Supports multiple schemas per page with automatic validation.

10 No CVEs

enhancely.ai

enhancely-ai

100

Make your WordPress site AI-ready in minutes with enhancely.ai.

0 No CVEs

LLMO Ready – Schema Markup for WooCommerce

llmo-schema-markup

100

Adds Schema.org markup to WooCommerce products for better visibility in generative AI search engines like ChatGPT, Google SGE, and Perplexity.

0 No CVEs

SEOPress – On-site SEO & Analytics

wp-seopress

SEOPress, a simple, fast and powerful all in one SEO plugin for WordPress. Rank higher in search engines, fully white label. Now with AI.

300K 14 CVEs

Developer Profile

FAQ Magic – AI powered FAQ generator Developer Profile

Hub5050

6 plugins · 2K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

991 days

View full developer profile

Detection Fingerprints

How We Detect FAQ Magic – AI powered FAQ generator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/faq-magic/css/faq-magic.css/wp-content/plugins/faq-magic/js/faq-magic.js/wp-content/plugins/faq-magic/css/faq-magic-admin.css/wp-content/plugins/faq-magic/js/faq-magic-admin.js

Script Paths

/wp-content/plugins/faq-magic/js/faq-magic.js/wp-content/plugins/faq-magic/js/faq-magic-admin.js

Version Parameters

faq-magic/css/faq-magic.css?ver=faq-magic/js/faq-magic.js?ver=faq-magic/css/faq-magic-admin.css?ver=faq-magic/js/faq-magic-admin.js?ver=

HTML / DOM Fingerprints

Data Attributes

data-faqm-id

JS Globals

faqm_varzfaqm_ajax

REST Endpoints

/wp-json/faqm/v1/get-faqs

Shortcode Output

[faq-magic]

FAQ