Does Iknow Extra have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Iknow Extra compatible with WordPress 6.3.8?

According to WordPress.org data, Iknow Extra 1.2 has been tested up to WordPress 6.3.8. Check the plugin's changelog for the latest compatibility information.

Is Iknow Extra compatible with PHP 5.3+?

Iknow Extra requires PHP 5.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Iknow Extra updated?

Iknow Extra was last updated on Aug 7, 2023. Frequent updates are generally a positive security signal.

What is Iknow Extra's security score?

Iknow Extra has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Iknow Extra Security & Risk Analysis

wordpress.org/plugins/iknow-extra

This plugin helps you to add extra options to WordPress theme Iknow.

400 active installs v1.2 PHP 5.3+ WP 4.5+ Updated Aug 7, 2023

iknowiknow-additioniknow-extra

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Iknow Extra Safe to Use in 2026?

Generally Safe

Score 85/100

Iknow Extra has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The iknow-extra plugin version 1.2 exhibits a strong security posture based on the provided static analysis. The absence of direct SQL queries, a high percentage of properly escaped output, and no identified dangerous functions or file operations are significant strengths. Furthermore, the plugin has no known past vulnerabilities, including no critical or high severity CVEs, which is a positive indicator of its development practices and ongoing maintenance.

While the static analysis reveals no critical or high severity taint flows and a clean vulnerability history, there are areas for improvement. The plugin has 4 AJAX handlers, but only 2 nonce checks are present, leaving a potential gap in securing all entry points. Additionally, there are no capability checks implemented, which could be a concern if the AJAX actions perform sensitive operations. The overall attack surface is relatively small and appears to be well-controlled, but the lack of comprehensive capability checks on all AJAX endpoints could present a minor risk if not mitigated by other WordPress security layers or if the AJAX actions themselves are not inherently sensitive.

Key Concerns

Missing capability checks on AJAX handlers
Partial nonce checks on AJAX handlers

Vulnerabilities

None known

Iknow Extra Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Iknow Extra Release Timeline

v1.2Current

v1.1

Code Analysis

Analyzed Mar 16, 2026

Iknow Extra Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

47 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

98% escaped48 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

1 flows

<voting> (inc\voting.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Iknow Extra Attack Surface

Entry Points4

Unprotected0

AJAX Handlers 4

noprivwp_ajax_iknow_votinginc\voting.php:4

authwp_ajax_iknow_votinginc\voting.php:5

noprivwp_ajax_iknow_comment_votinginc\voting.php:87

authwp_ajax_iknow_comment_votinginc\voting.php:88

WordPress Hooks 10

actionadmin_noticesiknow-extra.php:21

actionplugins_loadediknow-extra.php:32

actionwp_enqueue_scriptsiknow-extra.php:37

filteriknow_category_iconinc\class-category-extra-fields.php:33

actioniknow_category_descriptioninc\class-category-extra-fields.php:36

filterthe_contentinc\voting.php:294

filtermanage_posts_columnsinc\voting.php:306

actionmanage_post_posts_custom_columninc\voting.php:322

filtermanage_edit-comments_columnsinc\voting.php:341

filtermanage_comments_custom_columninc\voting.php:357

Maintenance & Trust

Iknow Extra Maintenance & Trust

Maintenance Signals

WordPress version tested6.3.8

Last updatedAug 7, 2023

PHP min version5.3

Downloads13K

Community Trust

Rating0/100

Number of ratings0

Active installs400

Alternatives

Iknow Extra Alternatives

No alternatives data available yet.

Developer Profile

Iknow Extra Developer Profile

Wow-Company

26 plugins · 98K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

236 days

View full developer profile

Detection Fingerprints

How We Detect Iknow Extra

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/iknow-extra/assets/script.js/wp-content/plugins/iknow-extra/assets/script.min.js

Script Paths

/wp-content/plugins/iknow-extra/assets/script.js/wp-content/plugins/iknow-extra/assets/script.min.js

Version Parameters

iknow-extra/assets/script.js?ver=iknow-extra/assets/script.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

cat_extra[cat_icon]cat_extra[cat_desc]

HTML Comments

Data Attributes

cat_extra[cat_desc]cat_extra[cat_icon]

JS Globals

iknow_ajax

FAQ