Does KeyWord Collector have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is KeyWord Collector compatible with WordPress 4.7.33?

According to WordPress.org data, KeyWord Collector 1.4 has been tested up to WordPress 4.7.33. Check the plugin's changelog for the latest compatibility information.

How often is KeyWord Collector updated?

KeyWord Collector was last updated on Aug 18, 2017. Frequent updates are generally a positive security signal.

What is KeyWord Collector's security score?

KeyWord Collector has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

KeyWord Collector Security & Risk Analysis

wordpress.org/plugins/keyword-collector

Collects keywords for single URLs via SISTRIX API (API key needed) and displays them in a flexible manner on the very same single URL

10 active installs v1.4 PHP + WP 4.6+ Updated Aug 18, 2017

autoinsertkeywordshortcodetag

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is KeyWord Collector Safe to Use in 2026?

Generally Safe

Score 85/100

KeyWord Collector has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The "keyword-collector" plugin v1.4 presents a mixed security posture. While it demonstrates good practices in its handling of SQL queries, all of which utilize prepared statements, and a clean vulnerability history with no recorded CVEs, several concerning aspects were identified in the static analysis. The presence of a dangerous function like `unserialize` without evident sanitization or capability checks raises significant concerns regarding potential arbitrary code execution or object injection vulnerabilities. Furthermore, the plugin exposes an unprotected AJAX handler, which is a direct entry point for attackers to potentially exploit other weaknesses. The low percentage of properly escaped output also suggests a risk of Cross-Site Scripting (XSS) vulnerabilities.

Key Concerns

Unprotected AJAX handler
Dangerous function: unserialize
Low output escaping percentage
No nonce checks
No capability checks

Vulnerabilities

None known

KeyWord Collector Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

KeyWord Collector Release Timeline

vv1.4

vv1.3.5

vv1.3.4

vv1.3.3

vv1.3.2

vv1.3.1.1

vv1.3.1

vv1.3

vv1.2.3

vv1.2.1

vv1.2

vv1.1

vv1.0

Code Analysis

Analyzed Apr 16, 2026

KeyWord Collector Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserializeif (!unserialize(get_post_meta($post_id, 'key_words',true))) {wp_keyword.php:102

unserialize$post_keywords = unserialize(get_post_meta($post_id, 'key_words',true));wp_keyword.php:112

unserialize$post_keywords = unserialize(get_post_meta($post_id, 'key_words',true));wp_keyword.php:128

unserialize$post_keywords = unserialize($post_keywords);wp_keyword.php:132

unserialize$key_words = unserialize(get_post_meta($post_id, "key_words", true));wp_keyword.php:243

unserialize$key_words = unserialize(get_post_meta($post_id, "key_words", true));wp_keyword.php:288

SQL Query Safety

100% prepared4 total queries

Output Escaping

17% escaped6 total outputs

Attack Surface

1 unprotected

KeyWord Collector Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 1

authwp_ajax_WPKeyWordCronTestwp_keyword.php:80

Shortcodes 1

[keywords_collector] wp_keyword.php:77

WordPress Hooks 5

filterwidget_textwp_keyword.php:76

actioninitwp_keyword.php:154

actionwake_up_eventwp_keyword.php:162

actionsave_postwp_keyword.php:310

filterthe_contentwp_keyword.php:391

Scheduled Events 1

wake_up_event

Maintenance & Trust

KeyWord Collector Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.33

Last updatedAug 18, 2017

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

KeyWord Collector Alternatives

Automatic Post Tagger

automatic-post-tagger

Adds relevant taxonomy terms to posts using a keyword list provided by the user.

2K No CVEs

Stag Custom Sidebars

stag-custom-sidebars

Create custom dynamic sidebars and use anywhere with shortcodes.

2K No CVEs

Add Meta Tag Keywords

add-meta-tag-keywords

The plugin allows you to add Meta Tag keywords for posts, pages or basically any custom post type. The Meta Keywords are important words or phrases th …

1K No CVEs

Remove Orphan Shortcodes

remove-orphan-shortcodes

Quickly remove unused (orphan) shortcode tags from your content.

1K No CVEs

xili-tidy-tags

xili-tidy-tags is a tool for grouping tags by semantic groups or by language and for creating tidy tag clouds.

1K 2 unpatched

Developer Profile

KeyWord Collector Developer Profile

AdSimple

5 plugins · 630 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect KeyWord Collector

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/keyword-collector/lib/WPKeyWordJS.js/wp-content/plugins/keyword-collector/lib/WPKeyWordCSS.css

Script Paths

/wp-content/plugins/keyword-collector/lib/WPKeyWordJS.js

HTML / DOM Fingerprints

CSS Classes

keywordcollector

Shortcode Output

<div class='keywordcollector'><h2>Schlagwörter zu dieser Firma</h2><div></div><br><br>

FAQ