Does Haendlerbund API have any unpatched vulnerabilities?

No. All known vulnerabilities in Haendlerbund API have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Haendlerbund API compatible with WordPress 6.6.5?

According to WordPress.org data, Haendlerbund API 1.0 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is Haendlerbund API compatible with PHP 7.0+?

Haendlerbund API requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Haendlerbund API updated?

Haendlerbund API was last updated on Oct 24, 2024. Frequent updates are generally a positive security signal.

What is Haendlerbund API's security score?

Haendlerbund API has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Haendlerbund API Security & Risk Analysis

wordpress.org/plugins/haendlerbund-api

API Connector to Händlerbund HB legal - to get legal text from your account

200 active installs v1.0 PHP 7.0+ WP 5.7+ Updated Oct 24, 2024

handlerbundimpressumlegal-textrechtstexte

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Haendlerbund API Safe to Use in 2026?

Generally Safe

Score 92/100

Haendlerbund API has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "haendlerbund-api" plugin v1.0 demonstrates a generally strong security posture based on the provided static analysis. The plugin avoids dangerous functions, uses prepared statements exclusively for SQL queries, and incorporates a reasonable number of nonce and capability checks. The absence of any recorded vulnerabilities in its history is also a positive indicator. However, there are areas for improvement that prevent a perfect score. The output escaping is not entirely robust, with 26% of outputs not being properly escaped, which could lead to Cross-Site Scripting (XSS) vulnerabilities if untrusted data is involved in those outputs. Additionally, the presence of external HTTP requests without explicit mention of secure handling or validation warrants attention, as these can be vectors for various attacks if not carefully managed. The limited attack surface is a good sign, but the few existing entry points could still be targeted if security measures are not comprehensive.

Key Concerns

Outputs not properly escaped
External HTTP requests present

Vulnerabilities

None known

Haendlerbund API Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Haendlerbund API Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

37 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

74% escaped50 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

haendlerbund_api_render_settings_page (haendlerbund_api.php:31)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Haendlerbund API Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[hb_api_doc] haendlerbund_api.php:243

WordPress Hooks 5

actionadmin_menuhaendlerbund_api.php:18

actionadmin_menuhaendlerbund_api.php:63

actionadmin_enqueue_scriptshaendlerbund_api.php:269

actionhaendlerbund_cron_eventhaendlerbund_api.php:336

actionadmin_enqueue_scriptshaendlerbund_api.php:346

Scheduled Events 1

haendlerbund_cron_event

Maintenance & Trust

Haendlerbund API Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedOct 24, 2024

PHP min version7.0

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs200

Alternatives

Haendlerbund API Alternatives

Legal Text Connector of the IT-Recht Kanzlei

legal-texts-connector-it-recht-kanzlei

100

Ensures that your website is always provided with warning-proof legal texts from IT-Recht Kanzlei after booking the GTC service.

10K No CVEs

Janolaw AGB Hosting

janolaw-agb-hosting

100

This plugin gets legal documents provided by janolaw AG (commercial service) like General terms, Imprint etc. for Wordpress sites and WooCommerce shop …

1K No CVEs