WP-Safety

KI Twitter Analytics Security & Risk Analysis

wordpress.org/plugins/ki-twitter-analytics

KI Twitter Analytics provides users with free analysis of their twitter account inbox, incoming messages, outgoing messages, mentions and other statis …

0 active installs v1.0.4 PHP 5.6.0+ WP 4.7.0+ Updated Jul 27, 2020
tweepsmaptwitter-analyticstwitter-audiencetwitter-listening
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is KI Twitter Analytics Safe to Use in 2026?

Generally Safe

Score 85/100

KI Twitter Analytics has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The 'ki-twitter-analytics' v1.0.4 plugin presents a significant security risk due to a large number of unprotected AJAX endpoints. While the plugin demonstrates good practices in its use of prepared statements for SQL queries and proper output escaping, the complete absence of authentication and capability checks on all identified AJAX handlers leaves these entry points vulnerable to unauthorized access and potential abuse. The taint analysis further highlights this concern, revealing multiple flows with unsanitized paths, including three of high severity. This suggests that user-supplied data may be processed in ways that could lead to exploitation, even without direct SQL injection vulnerabilities. The plugin's history of zero known vulnerabilities is a positive sign, indicating a lack of previously discovered critical flaws and potentially suggesting careful development. However, this clean history should not overshadow the current, evident weaknesses identified in the static analysis. The overall security posture is concerning due to the direct exposure of AJAX endpoints, and immediate attention is required to implement proper authentication and authorization mechanisms.

Key Concerns

  • Unprotected AJAX handlers
  • High severity unsanitized taint flows
  • Missing nonce checks on AJAX
  • Missing capability checks
Vulnerabilities
None known

KI Twitter Analytics Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

KI Twitter Analytics Code Analysis

Dangerous Functions
0
Raw SQL Queries
7
23 prepared
Unescaped Output
63
317 escaped
Nonce Checks
0
Capability Checks
0
File Operations
3
External Requests
1
Bundled Libraries
0

SQL Query Safety

77% prepared30 total queries

Output Escaping

83% escaped380 total outputs
Data Flows
6 unsanitized

Data Flow Analysis

8 flows6 with unsanitized paths
ki_include_menu (admin\class-ki_inbox-admin.php:135)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
6 unprotected

KI Twitter Analytics Attack Surface

Entry Points6
Unprotected6

AJAX Handlers 6

authwp_ajax_ki_twitter_analytics_loginincludes\class-ki_inbox.php:165
noprivwp_ajax_ki_twitter_analytics_loginincludes\class-ki_inbox.php:166
authwp_ajax_ki_twitter_analytics_get_twitter_dataincludes\class-ki_inbox.php:167
noprivwp_ajax_ki_twitter_analytics_get_twitter_dataincludes\class-ki_inbox.php:168
authwp_ajax_ki_twitter_analytics_followincludes\class-ki_inbox.php:169
noprivwp_ajax_ki_twitter_analytics_followincludes\class-ki_inbox.php:170
WordPress Hooks 6
actionplugins_loadedincludes\class-ki_inbox.php:141
actionadmin_enqueue_scriptsincludes\class-ki_inbox.php:160
actionadmin_enqueue_scriptsincludes\class-ki_inbox.php:161
actioninitincludes\class-ki_inbox.php:162
actionadmin_initincludes\class-ki_inbox.php:163
actionadmin_menuincludes\class-ki_inbox.php:164
Maintenance & Trust

KI Twitter Analytics Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21
Last updatedJul 27, 2020
PHP min version5.6.0
Downloads1K

Community Trust

Rating100/100
Number of ratings2
Active installs0
Alternatives

KI Twitter Analytics Alternatives

No alternatives data available yet.

Developer Profile

KI Twitter Analytics Developer Profile

whassan

1 plugin · 0 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect KI Twitter Analytics

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ki-twitter-analytics/admin/css/ki_inbox-admin.css/wp-content/plugins/ki-twitter-analytics/admin/css/font-awesome.min.css/wp-content/plugins/ki-twitter-analytics/admin/css/bootstrap.min.css
Script Paths
/wp-content/plugins/ki-twitter-analytics/admin/js/Chart.min.js
Version Parameters
ki-twitter-analytics/admin/css/ki_inbox-admin.css?ver=ki-twitter-analytics/admin/css/font-awesome.min.css?ver=ki-twitter-analytics/admin/css/bootstrap.min.css?ver=ki-twitter-analytics/admin/js/Chart.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
bootstrap-twitter
Data Attributes
data-twitter-screen-namedata-twitter-iddata-twitter-namedata-twitter-urldata-twitter-profile-image-url
JS Globals
ki
Shortcode Output
[ki_twitter_analytics][ki_twitter_analytics_followers][ki_twitter_analytics_following][ki_twitter_analytics_user]
FAQ

Frequently Asked Questions about KI Twitter Analytics