Does Get Use APIs – JSON Content Importer have any unpatched vulnerabilities?

No. All known vulnerabilities in Get Use APIs – JSON Content Importer have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Get Use APIs – JSON Content Importer compatible with WordPress 6.9.4?

According to WordPress.org data, Get Use APIs – JSON Content Importer 2.0.10 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Get Use APIs – JSON Content Importer compatible with PHP 7.0+?

Get Use APIs – JSON Content Importer requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Get Use APIs – JSON Content Importer updated?

Get Use APIs – JSON Content Importer was last updated on Feb 20, 2026. Frequent updates are generally a positive security signal.

What is Get Use APIs – JSON Content Importer's security score?

Get Use APIs – JSON Content Importer has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Get Use APIs – JSON Content Importer Security & Risk Analysis

wordpress.org/plugins/json-content-importer

Connects an API to WordPress: Get API-data (JSON, XML, CSV...), show it with a Shortcode, a JCI Block or PHP. Generate a template with the JCI Block

6K active installs v2.0.10 PHP 7.0+ WP 5.3+ Updated Feb 20, 2026

apicsvdatajsonxml

A · Safe

CVEs total3

Unpatched0

Last CVEJul 11, 2024

Plugin page Download

Safety Verdict

Is Get Use APIs – JSON Content Importer Safe to Use in 2026?

Generally Safe

Score 98/100

Get Use APIs – JSON Content Importer has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: Jul 11, 2024Updated 1mo ago

Risk Assessment

The "json-content-importer" plugin v2.0.10 demonstrates a generally strong security posture based on the provided static analysis. The absence of dangerous functions, the exclusive use of prepared statements for SQL queries, and a high percentage of properly escaped output are all positive indicators. Furthermore, all identified entry points (AJAX handlers, REST API routes, and shortcodes) appear to have appropriate authentication or permission checks, which is excellent.

However, the plugin's vulnerability history presents a notable concern. With three known medium-severity CVEs, two of which are historically significant (SSRF and XSS), it suggests past issues that, while currently patched, point to potential complexities in handling external data or user input securely. The fact that the last vulnerability was very recent also warrants attention, indicating that ongoing vigilance and potentially more rigorous security testing might be beneficial.

Overall, the plugin exhibits good development practices in its current version, particularly regarding input handling and SQL. The primary weakness lies in its past, suggesting a need for continued monitoring and potentially a more thorough review of how it interacts with external resources or user-provided data to mitigate the recurrence of past vulnerability types.

Key Concerns

Recent medium-severity CVEs
Historical SSRF and XSS vulnerabilities
Significant number of file operations
Multiple external HTTP requests

Vulnerabilities

Get Use APIs – JSON Content Importer Security Vulnerabilities

CVEs by Year

2 CVEs in 2023

2023

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

3 total CVEs

CVE-2024-38723medium · 6.4Server-Side Request Forgery (SSRF)

JSON Content Importer <= 1.5.6 - Authenticated (Contributor+) Server-Side Request Forgery

Jul 11, 2024 Patched in 1.6.0 (7d)

CVE-2023-6268medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Get Use APIs – JSON Content Importer <= 1.5.3 - Reflected Cross-Site Scripting

Dec 4, 2023 Patched in 1.5.4 (65d)

CVE-2023-25485medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

JSON Content Importer <= 1.3.15 - Authenticated (Admin+) Cross Site Scripting

Feb 15, 2023 Patched in 1.3.16 (342d)

Code Analysis

Analyzed Mar 16, 2026

Get Use APIs – JSON Content Importer Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

182 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

91% escaped200 total outputs

Attack Surface

Get Use APIs – JSON Content Importer Attack Surface

Entry Points3

Unprotected0

REST API Routes 2

GET/wp-json/wp/jcifree/v1/get/crte/json-content-importer.php:282

POST/wp-json/wp/jcifree/v1/post/block-renderer/json-content-importer.php:350

Shortcodes 1

[jsoncontentimporter] class-json-content-importer.php:51

WordPress Hooks 11

actioninitblock\index.php:7

actionenqueue_block_editor_assetsblock\index.php:9

actionload_jsontreescriptgetlib.php:931

filtercontent_save_prejson-content-importer.php:136

actionadmin_print_footer_scriptsjson-content-importer.php:234

filterplugin_row_metajson-content-importer.php:265

actionrest_api_initjson-content-importer.php:345

actionrest_api_initjson-content-importer.php:362

actionadmin_menuoptions.php:4

actionadmin_initoptions.php:9

actionwpcf7_before_send_mailotherplugins\cf7.php:5

Maintenance & Trust

Get Use APIs – JSON Content Importer Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 20, 2026

PHP min version7.0

Downloads390K

Community Trust

Rating98/100

Number of ratings78

Active installs6K

Alternatives

Get Use APIs – JSON Content Importer Alternatives

WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets

wp-all-import

Easily import any file of any size into any plugin, post type, custom field, or taxonomy. Supports WooCommerce, ACF, images, galleries, users, real es …

100K 22 CVEs

Import WP – Export and Import CSV and XML files to WordPress

jc-importer

Import WP, a simple, fast and powerful XML and CSV import solution, Making it easy to import posts, pages, categories, tags, users and attachments.

5K 5 CVEs

REST XML-RPC Data Checker

rest-xmlrpc-data-checker

REST XML-RPC Data Checker allow to check JSON REST and XML-RPC API requests and grant access permissions.

1K No CVEs

WP Data Sync

wp-data-sync

100

Sync data from almost any data source to your WordPress or WooCommerce website.

100 No CVEs

JSON Dashboard Infos

json-dashboard-infos

Expose informations from your Wordpress, in JSON format, to allow you to create centralized dashboards (not included ...)

10 No CVEs

Developer Profile

Get Use APIs – JSON Content Importer Developer Profile

berkux

5 plugins · 17K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

220 days

View full developer profile

Detection Fingerprints

How We Detect Get Use APIs – JSON Content Importer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/json-content-importer/class-fileload-cache-v2.php/wp-content/plugins/json-content-importer/getlib.php/wp-content/plugins/json-content-importer/lib/lib_request.php

Version Parameters

json-content-importer/style.css?ver=

HTML / DOM Fingerprints

HTML Comments

<!-- Blocked: You have added the jsoncontentimporter shortcode. This is not allowed with your current WordPress permissions. -->

JS Globals

JCIFREE_VERSIONJCIFREE_UO_AUTOLOADJCI_GUTENBERG_PLUGIN_MESSAGEJCI_FREE_BLOCK_VERSION

Shortcode Output

[jsoncontentimporter

FAQ