Does iNET Webkit have any unpatched vulnerabilities?

Yes — iNET Webkit currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is iNET Webkit compatible with WordPress 6.6.5?

According to WordPress.org data, iNET Webkit 1.2.4 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

How often is iNET Webkit updated?

iNET Webkit was last updated on Jan 3, 2025. Frequent updates are generally a positive security signal.

What is iNET Webkit's security score?

iNET Webkit has a WP-Safety security score of 68/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

iNET Webkit Security & Risk Analysis

wordpress.org/plugins/inet-webkit

iNET Webkit được xây dựng theo tiêu chí gọn nhẹ, tinh giản tối đa việc tìm hiểu và công cụ cài đặt hỗ trợ vận hành website Wordpress.

1K active installs v1.2.4 PHP + WP 5.5+ Updated Jan 3, 2025

inet-webkit-pluginoptimizewp-all-in-onewp-helperwp-inet-webkit

C · Use Caution

CVEs total2

Unpatched1

Last CVEJan 21, 2026

Plugin page Download

Safety Verdict

Is iNET Webkit Safe to Use in 2026?

Use With Caution

Score 68/100

iNET Webkit has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

2 known CVEs 1 unpatched Last CVE: Jan 21, 2026Updated 1yr ago

Risk Assessment

The "inet-webkit" plugin v1.2.4 exhibits a mixed security posture. While it demonstrates good practices in areas like SQL prepared statements and output escaping, significant concerns arise from its attack surface and vulnerability history. The presence of 10 AJAX handlers, with 3 lacking authentication checks, presents a considerable risk for unauthorized actions. Furthermore, the plugin has a history of known vulnerabilities, including one that is currently unpatched, indicating potential recurring security weaknesses. The common vulnerability type being "Missing Authorization" reinforces the findings from the static analysis. Despite efforts in code sanitization as shown by the taint analysis, the unpatched CVE and unprotected entry points are critical issues that detract from the plugin's overall security. Users should exercise caution with this plugin until the unpatched vulnerability is addressed.

Key Concerns

Unprotected AJAX handlers
Unpatched CVE
Medium severity historical CVEs (x2)
Limited capability checks observed

Vulnerabilities

iNET Webkit Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

1 CVE in 2026 · unpatched

2026

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2026-24566medium · 4.3Missing Authorization

iNET Webkit <= 1.2.4 - Missing Authorization

Jan 21, 2026Unpatched

CVE-2025-22629medium · 5.3Missing Authorization

iNET Webkit <= 1.2.2 - Missing Authorization

Feb 11, 2025 Patched in 1.2.3 (8d)

Code Analysis

Analyzed Mar 16, 2026

iNET Webkit Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

212

562 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

75% prepared4 total queries

Output Escaping

73% escaped774 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

csf_export (inc\core\codestar-framework\functions\actions.php:62)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

iNET Webkit Attack Surface

Entry Points10

Unprotected3

AJAX Handlers 10

authwp_ajax_csf-get-iconsinc\core\codestar-framework\functions\actions.php:50

authwp_ajax_csf-exportinc\core\codestar-framework\functions\actions.php:87

authwp_ajax_csf-importinc\core\codestar-framework\functions\actions.php:123

authwp_ajax_csf-resetinc\core\codestar-framework\functions\actions.php:150

authwp_ajax_csf-choseninc\core\codestar-framework\functions\actions.php:189

authwp_ajax_inetwk_duplicate_menu_makerinc\frontend\inet-webkit-extensions.php:124

authwp_ajax_inet_wk_send_mailinc\frontend\inet-webkit-smtp-custom.php:48

noprivwp_ajax_inet_wk_send_mailinc\frontend\inet-webkit-smtp-custom.php:49

authwp_ajax_inet_wk_send_mailinc\functions\function-ultility.php:28

noprivwp_ajax_inet_wk_send_mailinc\functions\function-ultility.php:29

WordPress Hooks 71

actionadmin_enqueue_scriptsinc\class-inet-webkit.php:35

actionwp_enqueue_scriptsinc\core\codestar-framework\classes\abstract.class.php:20

actionadmin_menuinc\core\codestar-framework\classes\admin-options.class.php:107

actionadmin_bar_menuinc\core\codestar-framework\classes\admin-options.class.php:108

actionnetwork_admin_menuinc\core\codestar-framework\classes\admin-options.class.php:112

filteradmin_footer_textinc\core\codestar-framework\classes\admin-options.class.php:493

actionafter_setup_themeinc\core\codestar-framework\classes\setup.class.php:73

actioninitinc\core\codestar-framework\classes\setup.class.php:74

actionswitch_themeinc\core\codestar-framework\classes\setup.class.php:75

actionadmin_enqueue_scriptsinc\core\codestar-framework\classes\setup.class.php:76

actionwp_enqueue_scriptsinc\core\codestar-framework\classes\setup.class.php:77

actionwp_headinc\core\codestar-framework\classes\setup.class.php:78

filteradmin_body_classinc\core\codestar-framework\classes\setup.class.php:79

actionadmin_footerinc\core\codestar-framework\fields\icon\icon.php:41

actioncustomize_controls_print_footer_scriptsinc\core\codestar-framework\fields\icon\icon.php:42

actionadmin_print_footer_scriptsinc\core\codestar-framework\fields\link\link.php:65

actionprint_default_editor_scriptsinc\core\codestar-framework\fields\wp_editor\wp_editor.php:62

actionadmin_menuinc\core\codestar-framework\views\welcome.php:19

filterplugin_action_linksinc\core\codestar-framework\views\welcome.php:20

filterplugin_row_metainc\core\codestar-framework\views\welcome.php:21

filterwp_handle_upload_prefilterinc\frontend\inet-auto-resize-image.php:4

actionwp_handle_uploadinc\frontend\inet-auto-resize-image.php:26

filterwp_insert_post_datainc\frontend\inet-auto-save-images.php:8

actionpost_updatedinc\frontend\inet-auto-save-images.php:68

actionwp_enqueue_scriptsinc\frontend\inet-webkit-customer-care-channel.php:16

actionwp_footerinc\frontend\inet-webkit-customer-care-channel.php:311

actionwp_footerinc\frontend\inet-webkit-customer-care-channel.php:312

filteruse_block_editor_for_post_typeinc\frontend\inet-webkit-extensions.php:7

actionwpinc\frontend\inet-webkit-extensions.php:19

actionlogin_enqueue_scriptsinc\frontend\inet-webkit-extensions.php:29

actionlogin_headinc\frontend\inet-webkit-extensions.php:30

filterlogin_headerurlinc\frontend\inet-webkit-extensions.php:44

filterpost_row_actionsinc\frontend\inet-webkit-extensions.php:56

filterpage_row_actionsinc\frontend\inet-webkit-extensions.php:57

actionadmin_action_inet_wk_duplicate_post_as_draftinc\frontend\inet-webkit-extensions.php:67

actionadmin_enqueue_scriptsinc\frontend\inet-webkit-extensions.php:177

filtertiny_mce_pluginsinc\frontend\inet-webkit-extensions.php:205

filterwp_resource_hintsinc\frontend\inet-webkit-extensions.php:213

actioninitinc\frontend\inet-webkit-extensions.php:226

actioninitinc\frontend\inet-webkit-extensions.php:230

filterembed_oembed_discoverinc\frontend\inet-webkit-extensions.php:237

filtertiny_mce_pluginsinc\frontend\inet-webkit-extensions.php:247

filterrewrite_rules_arrayinc\frontend\inet-webkit-extensions.php:252

filterscript_loader_srcinc\frontend\inet-webkit-extensions.php:268

filterstyle_loader_srcinc\frontend\inet-webkit-extensions.php:269

actioninitinc\frontend\inet-webkit-extensions.php:279

actionwp_loadedinc\frontend\inet-webkit-extensions.php:284

actionwp_enqueue_scriptsinc\frontend\inet-webkit-extensions.php:302

actionwp_headinc\frontend\inet-webkit-header-footer.php:15

actionwp_footerinc\frontend\inet-webkit-header-footer.php:25

actionwp_body_openinc\frontend\inet-webkit-header-footer.php:35

filterxmlrpc_enabledinc\frontend\inet-webkit-security.php:7

actionwp_enqueue_scriptsinc\frontend\inet-webkit-security.php:11

filterthe_generatorinc\frontend\inet-webkit-security.php:75

filteradmin_footer_textinc\frontend\inet-webkit-security.php:81

filterupdate_footerinc\frontend\inet-webkit-security.php:87

filterauto_update_coreinc\frontend\inet-webkit-security.php:93

filterauto_update_translationinc\frontend\inet-webkit-security.php:94

actionadmin_menuinc\frontend\inet-webkit-security.php:95

actionlogin_initinc\frontend\inet-webkit-security.php:122

actionlogin_forminc\frontend\inet-webkit-security.php:123

actiontemplate_redirectinc\frontend\inet-webkit-security.php:124

actioninitinc\frontend\inet-webkit-security.php:125

filterlostpassword_urlinc\frontend\inet-webkit-security.php:126

actionlostpassword_forminc\frontend\inet-webkit-security.php:127

filterlostpassword_redirectinc\frontend\inet-webkit-security.php:128

actionphpmailer_initinc\frontend\inet-webkit-smtp-custom.php:24

actionwp_mail_failedinc\frontend\inet-webkit-smtp-custom.php:33

actionadmin_enqueue_scriptsinc\frontend\inet-webkit-smtp-custom.php:46

filterwp_mail_content_typeinc\frontend\inet-webkit-smtp-custom.php:77

actionplugins_loadedinet-webkit.php:36

Maintenance & Trust

iNET Webkit Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedJan 3, 2025

PHP min version

Downloads11K

Community Trust

Rating96/100

Number of ratings5

Active installs1K

Alternatives

iNET Webkit Alternatives

LiteSpeed Cache

litespeed-cache

All-in-one unbeatable acceleration & PageSpeed improvement: caching, image/CSS/JS optimization...

7.0M 18 CVEs

Imagify Image Optimization – Optimize Images | Compress Images | Convert WebP | Convert AVIF

imagify

100

Optimize images in 1-click: compress images, convert to WebP & AVIF, resize, and boost your site with the easiest WordPress image optimization plugin!

1.0M No CVEs

WP Fastest Cache – WordPress Cache Plugin

wp-fastest-cache

The simplest and fastest WP Cache system

1.0M 35 CVEs

Smush Image Optimization – Optimize Images | Compress & Lazy Load Images | Convert WebP & AVIF | Image CDN

wp-smushit

Optimize and compress images with lossless and lossy compression, lazy load, WebP & AVIF conversion, and global image CDN.

1.0M 6 CVEs

Autoptimize

autoptimize

Autoptimize speeds up your website by optimizing JS, CSS, images (incl. lazy-load), HTML and Google Fonts, asyncing JS, removing emoji cruft and more.

900K 12 CVEs

Developer Profile

iNET Webkit Developer Profile

iNET

1 plugin · 1K total installs

trust score

Avg Security Score

68/100

Avg Patch Time

8 days

View full developer profile

Detection Fingerprints

How We Detect iNET Webkit

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/inet-webkit/assets/css/admin/inet-webkit-admin.css/wp-content/plugins/inet-webkit/assets/js/admin.js

Version Parameters

inet-webkit/style.css?ver=

HTML / DOM Fingerprints

FAQ