Does 果果推送 have any unpatched vulnerabilities?

No. All known vulnerabilities in 果果推送 have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is 果果推送 compatible with WordPress 6.9.4?

According to WordPress.org data, 果果推送 0.0.7 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is 果果推送 compatible with PHP 7.0+?

果果推送 requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is 果果推送 updated?

果果推送 was last updated on Nov 29, 2025. Frequent updates are generally a positive security signal.

What is 果果推送's security score?

果果推送 has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

果果推送 Security & Risk Analysis

wordpress.org/plugins/ggpush

支持百度搜索引擎的普通、快速抓取、微软Bing搜索引擎、以及IndexNow方式的Api提交链接功能，同时还支持定时提交链接功能。

1K active installs v0.0.7 PHP 7.0+ WP 5.3+ Updated Nov 29, 2025

%e7%99%be%e5%ba%a6%e6%8e%a8%e9%80%81indexnow%e6%8e%a8%e9%80%81%e5%ae%9a%e6%97%b6%e6%8e%a8%e9%80%81%e5%bf%85%e5%ba%94%e6%8e%a8%e9%80%81%e6%8f%90%e4%ba%a4%e9%93%be%e6%8e%a5

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is 果果推送 Safe to Use in 2026?

Generally Safe

Score 100/100

果果推送 has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The "ggpush" v0.0.7 plugin demonstrates a generally good security posture with several strengths. Notably, all output is properly escaped, and there are no critical or high severity taint flows identified. The plugin also boasts a clean vulnerability history with no known CVEs. This indicates developers are likely following secure coding practices in areas related to output handling and preventing common vulnerabilities.

However, a significant concern arises from the attack surface analysis. The plugin exposes one AJAX handler that lacks authentication checks. This is a critical oversight, as it allows any unauthenticated user to potentially trigger this AJAX action, opening the door to various attacks if the handler performs sensitive operations. While the overall number of entry points is low, the presence of an unprotected one significantly elevates the risk.

In conclusion, while the plugin exhibits positive security indicators like robust output escaping and no past vulnerabilities, the unprotected AJAX handler is a glaring weakness that requires immediate attention. It's a single point of failure that could be exploited to compromise the site. Addressing this specific vulnerability is paramount to improving the plugin's overall security.

Key Concerns

Unprotected AJAX handler present

Vulnerabilities

None known

果果推送 Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

果果推送 Code Analysis

Dangerous Functions

Raw SQL Queries

9 prepared

Unescaped Output

76 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

75% prepared12 total queries

Output Escaping

100% escaped76 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<class-ggpush-record> (includes\class-ggpush-record.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

果果推送 Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_ggpush_publishggpush.php:87

WordPress Hooks 8

actionadmin_initggpush.php:47

actionadmin_menuggpush.php:49

filtercron_schedulesggpush.php:53

actionggpush_run_baidu_cronggpush.php:57

actionggpush_run_baidu_fast_cronggpush.php:64

actionggpush_run_bing_cronggpush.php:71

actionggpush_run_indexnow_cronggpush.php:78

actionadmin_enqueue_scriptsggpush.php:85

Scheduled Events 4

ggpush_run_baidu_cron

ggpush_run_baidu_fast_cron

ggpush_run_bing_cron

ggpush_run_indexnow_cron

Maintenance & Trust

果果推送 Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedNov 29, 2025

PHP min version7.0

Downloads15K

Community Trust

Rating100/100

Number of ratings2

Active installs1K

Alternatives

果果推送 Alternatives

[凹凸曼]自动推送Bing自动推送IndexNow

apoyl-bingpush

100

这是一款解决把你文章内容推送到Bing必应搜索引擎里，也可以推送到IndexNow，让Bing第一时间抓取你的内容，加速Bing收录（必应收录）你的网站内容。IndexNow是让搜索引擎及时索引新技术，帮助更好实现网站SEO，让搜索引擎更快的收录。

10 No CVEs

[凹凸曼]百度推送百度收录SEO

apoyl-baidupush

100

百度推送百度收录SEO-Baidu Push是一款解决把你文章内容手动推送或者自动推送到百度里，让百度第一时间抓取你的内容.

90 No CVEs

[凹凸曼]生成死链接死链提交

apoyl-badurl

100

实现死链接生成集中链接，并提交到百度、360、头条搜索、谷歌google、Bing、神马等搜索引擎。如果网站存在大量死链，将影响网站的站点评级，建议存在死链内容的网站，使用本工具。

10 No CVEs

Developer Profile

果果推送 Developer Profile

果果开发

3 plugins · 1K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect 果果推送

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ggpush/assets/css/ggpush.css/wp-content/plugins/ggpush/assets/js/ggpush.js

Script Paths

/wp-content/plugins/ggpush/assets/js/ggpush.js

Version Parameters

ggpush/assets/css/ggpush.css?ver=ggpush/assets/js/ggpush.js?ver=

HTML / DOM Fingerprints

CSS Classes

ggpush-wrap

Data Attributes

data-ggpush-id

JS Globals

ggpush_config

REST Endpoints

/wp-json/ggpush/v1/publish

FAQ