Does Generate Posts and Terms have any unpatched vulnerabilities?

No. All known vulnerabilities in Generate Posts and Terms have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Generate Posts and Terms compatible with WordPress 4.4.34?

According to WordPress.org data, Generate Posts and Terms 1.4 has been tested up to WordPress 4.4.34. Check the plugin's changelog for the latest compatibility information.

How often is Generate Posts and Terms updated?

Generate Posts and Terms was last updated on Mar 6, 2016. Frequent updates are generally a positive security signal.

What is Generate Posts and Terms's security score?

Generate Posts and Terms has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Generate Posts and Terms Security & Risk Analysis

wordpress.org/plugins/generate-posts-and-terms

This plugin will help you generate dummy new posts and terms.

10 active installs v1.4 PHP + WP 4.4+ Updated Mar 6, 2016

dummygeneratelorempoststerms

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Generate Posts and Terms Safe to Use in 2026?

Generally Safe

Score 85/100

Generate Posts and Terms has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The "generate-posts-and-terms" v1.4 plugin exhibits a mixed security posture. While it demonstrates good practices by avoiding dangerous functions, using prepared statements for all SQL queries, and having no recorded vulnerabilities, there are significant concerns stemming from its attack surface and output handling.

The plugin exposes one AJAX handler that lacks authentication checks, creating a potential entry point for unauthorized actions. Furthermore, the static analysis indicates that 100% of its output is not properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is incorporated into these outputs. The absence of taint analysis findings is positive but doesn't mitigate the direct risks identified in the static analysis.

Overall, the plugin's lack of past vulnerabilities is encouraging, suggesting a generally careful development approach. However, the identified unprotected AJAX endpoint and the pervasive lack of output escaping represent critical weaknesses that elevate the risk profile. Addressing these specific issues is paramount to improving the plugin's security.

Key Concerns

Unprotected AJAX handler
Unescaped output detected

Vulnerabilities

None known

Generate Posts and Terms Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Generate Posts and Terms Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped1 total outputs

Attack Surface

1 unprotected

Generate Posts and Terms Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_generate_posts_and_terms__generate_new_postsincludes\admin\actions.php:18

WordPress Hooks 5

actionadmin_enqueue_scriptsincludes\admin\actions.php:9

actionadmin_initincludes\admin\actions.php:12

actionadmin_menuincludes\admin\actions.php:15

filtergenerate_posts_and_terms__add_menu_page_settingsincludes\admin\menu-pages\actions.php:7

filtergenerate_posts_and_terms__filter_admin_menu_options_generate_posts_and_terms__admin_panel_settingsincludes\admin\menu-pages\actions.php:10

Maintenance & Trust

Generate Posts and Terms Maintenance & Trust

Maintenance Signals

WordPress version tested4.4.34

Last updatedMar 6, 2016

PHP min version

Downloads2K

Community Trust

Rating76/100

Number of ratings4

Active installs10

Alternatives

Generate Posts and Terms Alternatives

Easy Populate Posts

easy-populate-posts

100

Populate the sites with random content: title, type, terms, meta, images, status, date, parent, sticky, Gutenberg template, etc.

200 No CVEs

FakerPress

fakerpress

100

FakerPress is a clean way to generate fake and dummy content to your WordPress, great for developers who need testing

10K No CVEs

WP Dummy Content Generator

wp-dummy-content-generator

Generate realistic dummy content for WordPress quickly. Ideal for developers and designers to populate sites for testing and development.

7K 5 CVEs

Bulk Actions Select All

bulk-actions-select-all

Adds an option to the admin posts and terms overview pages to select all items (instead of just the ones on the current page) to apply bulk actions.

900 No CVEs

Hide products count

hide-products-count

Hide products count in category view in WooCommerce

300 No CVEs

Developer Profile

Generate Posts and Terms Developer Profile

Alexandru Vornicescu

10 plugins · 5K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Generate Posts and Terms

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/generate-posts-and-terms/css/style.css/wp-content/plugins/generate-posts-and-terms/js/admin.js

Script Paths

/wp-content/plugins/generate-posts-and-terms/js/admin.js

Version Parameters

generate-posts-and-terms/css/style.css?ver=generate-posts-and-terms/js/admin.js?ver=

HTML / DOM Fingerprints

JS Globals

generate_posts_and_termsgenerate_posts_and_terms__default_settings_valuesgenerate_posts_and_terms__is_plugin_activegenerate_posts_and_terms__is_plugin_active_for_network

FAQ