Does 简数采集器 have any unpatched vulnerabilities?

No. All known vulnerabilities in 简数采集器 have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is 简数采集器 compatible with WordPress 6.8.5?

According to WordPress.org data, 简数采集器 2.6.4 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is 简数采集器 compatible with PHP 5.2+?

简数采集器 requires PHP 5.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is 简数采集器 updated?

简数采集器 was last updated on Nov 21, 2025. Frequent updates are generally a positive security signal.

What is 简数采集器's security score?

简数采集器 has a WP-Safety security score of 93/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

简数采集器 Security & Risk Analysis

wordpress.org/plugins/keydatas

简数采集器不仅提供网页文章全自动采集、定时采集等基本功能，还创新实现了智能识别和鼠标可视化点选生成采集规则(不用手写规则)、书签一键采集等特色功能，大幅提升了采集配置效率。

1K active installs v2.6.4 PHP 5.2+ WP 4.1+ Updated Nov 21, 2025

%e7%ae%80%e6%95%b0%e9%87%87%e9%9b%86%e6%95%b0%e6%8d%ae%e9%87%87%e9%9b%86%e6%96%87%e7%ab%a0%e9%87%87%e9%9b%86

A · Safe

CVEs total2

Unpatched0

Last CVENov 20, 2025

Plugin page Download

Safety Verdict

Is 简数采集器 Safe to Use in 2026?

Generally Safe

Score 93/100

简数采集器 has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Nov 20, 2025Updated 4mo ago

Risk Assessment

The plugin "keydatas" v2.6.4 exhibits a mixed security posture. On the positive side, the static analysis shows excellent adherence to secure coding practices. There are no identified dangerous functions, all SQL queries are properly prepared, and all output is correctly escaped. Furthermore, the absence of external HTTP requests and no identified unsanitized paths in taint analysis are strong indicators of good development hygiene regarding common web vulnerabilities. The presence of nonce and capability checks also suggests an attempt to secure critical operations.

However, the plugin's vulnerability history presents a significant concern. With two known CVEs, including one critical and one medium, it indicates a past history of exploitable flaws. The nature of these past vulnerabilities, "External Control of File Name or Path" and "Unrestricted Upload of File with Dangerous Type," is particularly worrying as they can lead to remote code execution or complete site compromise. The fact that a critical vulnerability was documented as recently as November 2025, even if currently unpatched, suggests that the development team may have struggled with comprehensively addressing security issues in the past.

In conclusion, while the current version of "keydatas" appears to have a robust codebase in terms of static security measures, the historical vulnerability data cannot be ignored. The previous critical and medium severity vulnerabilities, especially those related to file handling, warrant caution. Users should ensure that all historical vulnerabilities have been addressed, and the plugin should be continuously monitored for any new security advisories.

Key Concerns

Previously unpatched critical CVE
Previously unpatched medium CVE

Vulnerabilities

简数采集器 Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Critical

Medium

2 total CVEs

CVE-2025-11973medium · 4.9External Control of File Name or Path

简数采集器 <= 2.6.3 - Authenticated (Admin+) Arbitrary File Read

Nov 20, 2025 Patched in 2.6.4 (5d)

CVE-2024-6220critical · 9.8Unrestricted Upload of File with Dangerous Type

简数采集器 (Keydatas) <= 2.5.2 - Unauthenticated Arbitrary File Upload

Jul 16, 2024 Patched in 2.6.1 (14d)

Code Analysis

Analyzed Mar 16, 2026

简数采集器 Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

19 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared4 total queries

Output Escaping

100% escaped19 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<publish-setting> (publish-setting.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

简数采集器 Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actionadmin_menukeydatas.php:49

actioninitkeydatas.php:59

Maintenance & Trust

简数采集器 Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedNov 21, 2025

PHP min version5.2

Downloads89K

Community Trust

Rating86/100

Number of ratings6

Active installs1K

Alternatives

简数采集器 Alternatives

WxSync-标准云微信公众号文章免费采集-任意公众号自动采集付费购买

wxsync

标准云微信公众号文章采集与自动同步插件,手动采集永久免费,自动同步采集可按月收费

500 1 CVE

胖鼠采集(Fat Rat Collect)

fat-rat-collect

胖鼠采集(Fat Rat Collect) 是一款能够帮助你网站自动化的采集工具. 支持采集、微信、简书、知乎、自定义列表页、自定义详情页面、还有许多特色功能、还可一键采集历史文章, 一键设置自动采集, 自动发布, 为您节省精力, 快来体验一下吧!

1K 2 CVEs

快兔兔AI采集器(站群版)

kuaitutu-crawler

基于深度学习技术的AI采集器，能主动搜索文章并智能解析出标题和正文，通过NLP提取关键词进行比对，最后投递到正确的分类中。

40 No CVEs

爱采集数据采集和发布插件

icollect

爱采集(http://icollect.net.cn)是一个超易用，强大的网页数据采集和发布软件

20 No CVEs

导入微信文章 (Import Articles from WeChat)

import-articles-from-wechat

100

A simple yet powerful tool to import articles from WeChat Official Accounts into your WordPress site, including all content and images.

100 No CVEs

Developer Profile

简数采集器 Developer Profile

zhengdon

1 plugin · 1K total installs

trust score

Avg Security Score

93/100

Avg Patch Time

10 days

View full developer profile

Detection Fingerprints

How We Detect 简数采集器

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/keydatas/images/icon.png

HTML / DOM Fingerprints

Data Attributes

__kds_flagkds_passwordpost_titlepost_contentpost_excerptpost_type+8 more

FAQ