Does Kommiku have any unpatched vulnerabilities?

No. All known vulnerabilities in Kommiku have been patched as of the latest data update. Always keep the plugin updated to the latest version.

How often is Kommiku updated?

Kommiku was last updated on Jul 24, 2012. Frequent updates are generally a positive security signal.

What is Kommiku's security score?

Kommiku has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Kommiku Security & Risk Analysis

wordpress.org/plugins/kommiku

A Online Media viewer. A plug-in that creates pages that can be used as a Manga, Comic, Movie, or Novel Viewer or a Portfolio.

10 active installs v2.3 PHP + WP 2.5+ Updated Jul 24, 2012

comicsillustrationsmangaone-mangastories

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Kommiku Safe to Use in 2026?

Generally Safe

Score 85/100

Kommiku has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago

Risk Assessment

The 'kommiku' v2.3 plugin exhibits a mixed security posture. On the positive side, the plugin has no recorded vulnerabilities (CVEs) and a seemingly small attack surface with no unprotected entry points identified. The absence of external HTTP requests and bundled libraries is also a good sign. However, the static analysis reveals significant concerns. A staggering 50% of SQL queries are not using prepared statements, and only a mere 6% of output is properly escaped. Furthermore, all 18 analyzed taint flows contain unsanitized paths, with 15 flagged as high severity. This combination of insecure SQL handling, widespread unescaped output, and a high number of high-severity unsanitized path flows presents a substantial risk, despite the lack of historical CVEs.

Key Concerns

High severity unsanitized path flows
Low percentage of properly escaped output
50% of SQL queries not using prepared statements
Zero nonce checks
Zero capability checks

Vulnerabilities

None known

Kommiku Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Kommiku Code Analysis

Dangerous Functions

Raw SQL Queries

52 prepared

Unescaped Output

265

16 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

50% prepared104 total queries

Output Escaping

6% escaped281 total outputs

Data Flows

18 unsanitized

Data Flow Analysis

18 flows18 with unsanitized paths

kommiku_fancy_url (kommiku.php:42)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Kommiku Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[kommiku_series_list] kommiku.php:1800

[kommiku_chapter_update_list] kommiku.php:1814

WordPress Hooks 4

actionadmin_menukommiku.php:39

actioninitkommiku.php:201

actioninitkommiku.php:202

actionwidgets_initkommiku.php:1228

Maintenance & Trust

Kommiku Maintenance & Trust

Maintenance Signals

WordPress version tested

Last updatedJul 24, 2012

PHP min version

Downloads12K

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

Kommiku Alternatives

Web Stories

web-stories

Web Stories are a visual storytelling format for the open web which immerses your readers in fast-loading, full-screen, and visually rich experiences.

70K 3 CVEs

Web Stories Widgets For Elementor

shortcodes-for-amp-web-stories-and-elementor-widget

This addon will helps you to easily represent Google Web stories in the Page/Post using Elementor Widget and shortcodes.

1K 1 CVE

Toocheke Companion

toocheke-companion

Transform your WordPress theme into a platform for publishing your webcomics.

1K 1 CVE

WP Story

wp-story

Create your own custom Instagram style stories. Show them on any part of your site by adding custom links, text and images.

1K No CVEs

MakeStories (for Google Web Stories)

makestories-helper

MakeStories helper plugin to publish stories for your WordPress site

700 1 unpatched

Developer Profile

Kommiku Developer Profile

Anraiki

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Kommiku

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/kommiku/js/kommiku.js/wp-content/plugins/kommiku/css/kommiku.css

Script Paths

/wp-content/plugins/kommiku/js/kommiku.js

Version Parameters

kommiku/style.css?ver=kommiku/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

kommiku-viewerkommiku-contentkommiku-reader

Data Attributes

data-kommiku-comicdata-kommiku-chapterdata-kommiku-page

JS Globals

KommikuViewerkommiku_globals

Shortcode Output

<div class="kommiku-viewer"><div class="kommiku-content">

FAQ