Does Dataverse Integration have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Dataverse Integration compatible with WordPress 6.8.5?

According to WordPress.org data, Dataverse Integration 2.84 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Dataverse Integration compatible with PHP 8.2+?

Dataverse Integration requires PHP 8.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Dataverse Integration updated?

Dataverse Integration was last updated on Sep 29, 2025. Frequent updates are generally a positive security signal.

What is Dataverse Integration's security score?

Dataverse Integration has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Dataverse Integration Security & Risk Analysis

wordpress.org/plugins/integration-cds

The easiest way to integrate WordPress with Dynamics 365, Dataverse, Power Apps, or Dynamics CRM.

100 active installs v2.84 PHP 8.2+ WP 6.1+ Updated Sep 29, 2025

dataversedynamics-365dynamics-crmpower-platformtwig

A · Safe

CVEs total1

Unpatched0

Last CVEJul 23, 2025

Plugin page Download

Safety Verdict

Is Dataverse Integration Safe to Use in 2026?

Generally Safe

Score 98/100

Dataverse Integration has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Jul 23, 2025Updated 7mo ago

Risk Assessment

The "integration-cds" plugin v2.84 presents a moderate security risk due to a combination of concerning static analysis findings and a history of vulnerabilities. While the plugin demonstrates good practices in its handling of SQL queries, utilizing prepared statements exclusively, and includes a reasonable number of capability checks and nonce checks, several significant weaknesses are evident. The presence of two AJAX handlers without authentication checks, coupled with the use of the dangerous `unserialize` function, creates a substantial attack surface that could be exploited by unauthenticated users. The low percentage of properly escaped output further exacerbates this risk, potentially leading to cross-site scripting (XSS) vulnerabilities.

The plugin's vulnerability history, though currently showing no unpatched issues, reveals a past high-severity vulnerability related to Missing Authorization. This pattern, combined with the current lack of authorization checks on its AJAX endpoints, suggests a recurring weakness in how the plugin handles user permissions and input validation. The presence of bundled libraries like Guzzle, while not inherently problematic, requires vigilance to ensure it is kept up-to-date and free from known vulnerabilities.

In conclusion, "integration-cds" v2.84 exhibits a mixed security posture. Its strengths lie in its SQL query practices. However, the unauthenticated AJAX endpoints, the `unserialize` function, and the historical pattern of authorization issues represent critical areas of concern that require immediate attention to mitigate potential exploitation.

Key Concerns

Unprotected AJAX handlers
Use of dangerous function (unserialize)
Low percentage of properly escaped output
History of high-severity vulnerability (Missing Authorization)
Bundled library (Guzzle) may require updates

Vulnerabilities

1 published

Dataverse Integration Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

High

1 total CVE

CVE-2025-7695high · 8.8Missing Authorization

Dataverse Integration 2.77 - 2.81 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via reset_password_link REST Route

Jul 23, 2025 Patched in 2.81.1 (1d)

Version History

Dataverse Integration Release Timeline

v2.801 CVE

v2.791 CVE

v2.78.11 CVE

v2.781 CVE

v2.771 CVE

Code Analysis

Analyzed Mar 16, 2026

Dataverse Integration Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

7 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$items = unserialize( $serialized, [src\EncryptedDbCachePool.php:138

Bundled Libraries

Guzzle

Output Escaping

23% escaped30 total outputs

Attack Surface

2 unprotected

Dataverse Integration Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

noprivwp_ajax_icds_script_source_mapcore.php:1248

authwp_ajax_icds_script_source_mapcore.php:1249

WordPress Hooks 48

actionadmin_initcore.php:56

actionadmin_menucore.php:79

actionload-toplevel_page_integration-cdscore.php:96

actionadmin_menucore.php:102

actionload-toplevel_page_icds-sandboxcore.php:113

filterno_texturize_shortcodescore.php:119

filterintegration-cds/settings/advancedcore.php:128

filterintegration-cds/settings/mapcore.php:255

actionrest_api_initcore.php:292

actionadmin_enqueue_scriptscore.php:679

actionadmin_enqueue_scriptscore.php:680

actionadmin_enqueue_scriptscore.php:685

actionwp_enqueue_scriptscore.php:692

actionwp_enqueue_scriptscore.php:693

filterintegration-cds/admin/settingscore.php:698

actionintegration-cds/settings/updatedcore.php:749

actionintegration-cds/cache/warmupcore.php:765

filterintegration-cds/admin/js-variablescore.php:804

actionenqueue_block_editor_assetscore.php:892

filterstyle_loader_tagcore.php:926

filterrender_blockcore.php:960

actionintegration-cds/initializedcore.php:973

actionadmin_noticescore.php:978

filterplugins_apicore.php:1033

actionactivated_plugincore.php:1083

actionintegration-cds/initializedcore.php:1096

actionadmin_noticescore.php:1098

actionload-plugins.phpcore.php:1114

actioninitcore.php:1127

filtercron_schedulescore.php:1136

actioninitcore.php:1152

actionintegration-cds/schedule/report-errorscore.php:1171

actionadmin_initcore.php:1212

filterwp_insert_post_empty_contentcore.php:1222

filterscript_loader_tagcore.php:1287

actionadmin_noticesintegration-cds.php:80

actionadmin_noticesintegration-cds.php:110

actionwp_footersrc\Forms\CustomFormRenderer.php:132

filterqm/trace/ignore_classsrc\LoggerProvider.php:84

filterintegration-cds/admin/gutenberg-noticesrc\Twig\DebugExceptionTrap.php:73

filterthe_contentsrc\TwigPageRenderer.php:44

filterthe_titlesrc\TwigPageRenderer.php:45

filterdocument_titlesrc\TwigPageRenderer.php:46

actiontemplate_redirectsrc\TwigPageRenderer.php:47

actionshutdownsrc\TwigPageRenderer.php:48

actionadd_meta_boxessrc\TwigPageRenderer.php:49

actionsave_postsrc\TwigPageRenderer.php:50

actionadmin_noticessrc\WpServices.php:64

Scheduled Events 3

integration-cds/cache/warmup

Maintenance & Trust

Dataverse Integration Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedSep 29, 2025

PHP min version8.2

Downloads17K

Community Trust

Rating100/100

Number of ratings5

Active installs100

Alternatives

Dataverse Integration Alternatives

Dynamics 365 Integration

integration-dynamics

The easiest way to connect Dynamics 365 or Dynamics CRM with WordPress.

600 6 CVEs

Integrate Dynamics 365 CRM

integrate-dynamics-365-crm

Sync form data to create leads, contacts in Dynamics 365. Bi-directional sync WooCommerce orders, products, refunds with Dynamics 365 CRM & Busine …

80 2 CVEs

Timber

timber-library

Helps you create themes faster with sustainable code. With Timber, you write HTML using Twig Templates http://www.upstatement.com/timber/

20K 2 CVEs

Timber Debug Bar

debug-bar-timber

Adds a Panel to the Debug Bar for Timber information

600 No CVEs

Clear cache for Timber

clear-cache-for-timber

Small Wordpress plugin for flushing cache of Timber (Twig Template Plugin for Wordpress)

500 No CVEs

Developer Profile

Dataverse Integration Developer Profile

alexacrm

2 plugins · 700 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

178 days

View full developer profile

Detection Fingerprints

How We Detect Dataverse Integration

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/integration-cds/front/admin/css/style.css/wp-content/plugins/integration-cds/front/admin/css/fields.css/wp-content/plugins/integration-cds/front/admin/css/advanced-settings.css/wp-content/plugins/integration-cds/front/admin/css/dataverse-settings.css/wp-content/plugins/integration-cds/front/admin/css/sync-settings.css/wp-content/plugins/integration-cds/front/admin/css/admin.css/wp-content/plugins/integration-cds/front/admin/js/fields.js/wp-content/plugins/integration-cds/front/admin/js/advanced-settings.js+15 more

Script Paths

/wp-content/plugins/integration-cds/front/admin/js/fields.js/wp-content/plugins/integration-cds/front/admin/js/advanced-settings.js/wp-content/plugins/integration-cds/front/admin/js/dataverse-settings.js/wp-content/plugins/integration-cds/front/admin/js/sync-settings.js/wp-content/plugins/integration-cds/front/admin/js/admin.js/wp-content/plugins/integration-cds/front/js/bootstrap.js+11 more

Version Parameters

integration-cds/front/admin/css/style.css?ver=integration-cds/front/admin/css/fields.css?ver=integration-cds/front/admin/css/advanced-settings.css?ver=integration-cds/front/admin/css/dataverse-settings.css?ver=integration-cds/front/admin/css/sync-settings.css?ver=integration-cds/front/admin/css/admin.css?ver=integration-cds/front/admin/js/fields.js?ver=integration-cds/front/admin/js/advanced-settings.js?ver=integration-cds/front/admin/js/dataverse-settings.js?ver=integration-cds/front/admin/js/sync-settings.js?ver=integration-cds/front/admin/js/admin.js?ver=integration-cds/front/js/bootstrap.js?ver=integration-cds/front/js/dataverse-integration.js?ver=integration-cds/front/js/dataverse-tables.js?ver=integration-cds/front/js/dataverse-columns.js?ver=integration-cds/front/js/dataverse-forms.js?ver=integration-cds/front/js/dataverse-view.js?ver=integration-cds/front/js/dataverse-connections.js?ver=integration-cds/front/js/dataverse-connection-manager.js?ver=integration-cds/front/js/dataverse-audit.js?ver=integration-cds/front/js/dataverse-records.js?ver=integration-cds/front/js/dataverse-record-manager.js?ver=integration-cds/front/js/dataverse-logs.js?ver=

HTML / DOM Fingerprints

CSS Classes

integration-cds-admin-wrapintegration-cds-dataverse-wrapintegration-cds-advanced-settings-wrapintegration-cds-dataverse-settings-wrapintegration-cds-sync-settings-wrapintegration-cds-admin-fields-wrapintegration-cds-dataverse-fields-wrapintegration-cds-dataverse-connection-fields-wrap+6 more

HTML Comments

ATTENTION. Keep PHP code in this file as much backwards-compatible with previous PHP versions as possible.It allows to fail gracefully and show user a proper warning.Entry point of the plugin.Basename of the plugin.+19 more

Data Attributes

data-integration-cds-slugdata-integration-cds-iddata-integration-cds-namedata-integration-cds-typedata-integration-cds-valuedata-integration-cds-required+6 more

JS Globals

ICDS_URLICDS_FILEICDS_BASENAMEICDS_VERSIONICDS_PHP_MIN_VERSIONICDS_SANDBOX+1 more

FAQ

Dataverse Integration Security & Risk Analysis

Is Dataverse Integration Safe to Use in 2026?

Generally Safe

Key Concerns

Dataverse Integration Security Vulnerabilities

CVEs by Year

Severity Breakdown

Dataverse Integration Release Timeline

Dataverse Integration Code Analysis

Dangerous Functions Found

Bundled Libraries

Output Escaping

Dataverse Integration Attack Surface

AJAX Handlers 2

Scheduled Events 3

Dataverse Integration Maintenance & Trust

Maintenance Signals

Community Trust

Dataverse Integration Alternatives

Dynamics 365 Integration

Integrate Dynamics 365 CRM

Timber

Timber Debug Bar

Clear cache for Timber

Dataverse Integration Developer Profile

How We Detect Dataverse Integration

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Dataverse Integration