GoodIT Auto Post AI Security & Risk Analysis
wordpress.org/plugins/goodit-auto-post-aiAI-powered automatic article generation and posting plugin for WordPress.
Is GoodIT Auto Post AI Safe to Use in 2026?
Generally Safe
Score 100/100GoodIT Auto Post AI has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'goodit-auto-post-ai' plugin v1.5 exhibits a generally good security posture with several strong practices in place. Notably, all SQL queries are executed using prepared statements, and all output is properly escaped, which significantly mitigates common vulnerabilities like SQL injection and cross-site scripting (XSS). The absence of known CVEs and a clean vulnerability history further contribute to a positive security impression.
However, a significant concern arises from the presence of one AJAX handler that lacks authentication checks. This creates a direct attack vector that could be exploited by unauthenticated users, potentially leading to unintended actions or information disclosure depending on the handler's functionality. While the taint analysis found no critical or high-severity issues, and file operations and shortcodes are absent, this single unprotected entry point represents a critical weakness.
In conclusion, while the plugin benefits from robust data handling and output sanitization, the unprotected AJAX endpoint is a glaring security flaw that requires immediate attention. The plugin demonstrates good coding practices in many areas, but this single lapse in access control leaves it vulnerable. Addressing the unprotected AJAX handler is paramount to improving its overall security.
Key Concerns
- Unprotected AJAX handler
GoodIT Auto Post AI Security Vulnerabilities
GoodIT Auto Post AI Code Analysis
Output Escaping
Data Flow Analysis
GoodIT Auto Post AI Attack Surface
AJAX Handlers 1
WordPress Hooks 2
Maintenance & Trust
GoodIT Auto Post AI Maintenance & Trust
Maintenance Signals
Community Trust
GoodIT Auto Post AI Alternatives
Angie – Agentic AI for WordPress (Beta)
angie
Angie Code: Your expert WordPress developer, powered by AI. Build anything you can imagine without writing a single line of code.
auto-post.io
auto-post-io
Connect auto-post.io to WordPress for seamless content automation.
Api.co.id GhostWriter
apicoid-ghostwriter
AI-powered content generation plugin that connects to Api.co.id to automatically create and rewrite articles with SEO optimization.
AI Marketing Expert
ai-marketing-expert
AI-powered SEO meta title and description generator using advanced Hugging Face models with smart content analysis and fallback templates.
Croton Autoblogger AI
croton-autoblogger-ai
Automatically generates WordPress posts with SEO optimizations using AI-powered backend. Integrates with Yoast SEO, RankMath, and All in One SEO.
GoodIT Auto Post AI Developer Profile
1 plugin · 0 total installs
How We Detect GoodIT Auto Post AI
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/goodit-auto-post-ai/assets/css/admin.css/wp-content/plugins/goodit-auto-post-ai/assets/css/autoposter.css/wp-content/plugins/goodit-auto-post-ai/assets/js/admin.js/wp-content/plugins/goodit-auto-post-ai/assets/js/autoposter.js/wp-content/plugins/goodit-auto-post-ai/assets/js/autoposter-admin.js/wp-content/plugins/goodit-auto-post-ai/assets/js/admin.js/wp-content/plugins/goodit-auto-post-ai/assets/js/autoposter.js/wp-content/plugins/goodit-auto-post-ai/assets/js/autoposter-admin.jsgoodit-auto-post-ai/assets/css/admin.css?ver=goodit-auto-post-ai/assets/css/autoposter.css?ver=goodit-auto-post-ai/assets/js/admin.js?ver=goodit-auto-post-ai/assets/js/autoposter.js?ver=goodit-auto-post-ai/assets/js/autoposter-admin.js?ver=HTML / DOM Fingerprints
autoposter_admin_paramsautoposter_ajax_object/wp-json/goodit-auto-post-ai/v1/settings