Does IATI Project Data have any unpatched vulnerabilities?

No. All known vulnerabilities in IATI Project Data have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is IATI Project Data compatible with WordPress 5.7.15?

According to WordPress.org data, IATI Project Data 1.0 has been tested up to WordPress 5.7.15. Check the plugin's changelog for the latest compatibility information.

How often is IATI Project Data updated?

IATI Project Data was last updated on Apr 6, 2021. Frequent updates are generally a positive security signal.

What is IATI Project Data's security score?

IATI Project Data has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

IATI Project Data Security & Risk Analysis

wordpress.org/plugins/iati-project-data

Track a project from the d-portal website

0 active installs v1.0 PHP + WP 4.4+ Updated Apr 6, 2021

d-portaldataiatiopen-dataprojects

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is IATI Project Data Safe to Use in 2026?

Generally Safe

Score 85/100

IATI Project Data has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The iati-project-data plugin v1.0 exhibits a generally good security posture with no known vulnerabilities in its history and a low attack surface. The code analysis indicates good practices in terms of output escaping and the absence of dangerous functions or file operations. The lack of critical or high-severity taint flows is also a positive sign. However, there are significant areas of concern that prevent a "good" rating. The plugin makes 10 SQL queries, none of which utilize prepared statements, presenting a substantial risk of SQL injection. Additionally, there are no capability checks on any entry points, meaning any user, regardless of their role, could potentially trigger plugin functionalities. While there is a nonce check, its presence alone doesn't mitigate the risk of raw SQL queries or the complete lack of authorization checks.

Key Concerns

Raw SQL queries without prepared statements
No capability checks on entry points

Vulnerabilities

None known

IATI Project Data Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

IATI Project Data Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

27 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared10 total queries

Output Escaping

84% escaped32 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

iati_fetch_project_data (inc\fetch-project-data.php:2)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

IATI Project Data Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[iati-project-data] iati-project-data.php:43

WordPress Hooks 5

actionadmin_menuiati-project-data.php:36

actionwp_enqueue_scriptsiati-project-data.php:37

actionadmin_enqueue_scriptsiati-project-data.php:38

actionadmin_post_iati_fetch_project_dataiati-project-data.php:39

actionplugins_loadediati-project-data.php:40

Maintenance & Trust

IATI Project Data Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15

Last updatedApr 6, 2021

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

IATI Project Data Alternatives

Attributes Table

attributes-table

100

Adds attributes or features table for posts, pages or other selected post type. Fully integrated with Catalog X.

200 No CVEs

UpdraftPlus: WP Backup & Migration Plugin

updraftplus

Backup, restore or migrate your WordPress website to another host or domain. Schedule backups or run manually. Migrate in minutes.

3.0M 14 CVEs

Better Search Replace

better-search-replace

A simple plugin to update URLs or other text in a database.

1.0M 2 CVEs

Duplicator – Backups & Migration Plugin – Cloud Backups, Scheduled Backups, & More

duplicator

The best WordPress backup and migration plugin. Quickly and easily backup ,migrate, copy, move, or clone your site from one location to another.

1.0M 15 CVEs

Backuply – Backup, Restore, Migrate and Clone

backuply

Backup, restores, and migration with Backuply are fairly simple with a wide range of storage options from Local Backups, FTP to cloud options like AWS …

600K 5 CVEs

Developer Profile

IATI Project Data Developer Profile

Fotso Fonkam

4 plugins · 20 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect IATI Project Data

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/iati-project-data/assets/css/front-style.css/wp-content/plugins/iati-project-data/assets/css/admin-style.css

Version Parameters

iati-front-styleiati-admin-style

HTML / DOM Fingerprints

CSS Classes

iati-project-data-output

Shortcode Output

[iati-project-data

FAQ