WP-Safety

Laiser Tag Insights Security & Risk Analysis

wordpress.org/plugins/laiser-tag-insights

Laiser Tag Insights is extended plugin that visualizes structured content performance through Google Webmaster data. (Re quires the Laiser Tag automat …

10 active installs v1.1.0 PHP + WP 4.6+ Updated Mar 9, 2019
content-optimizationopen-calaissemantic-datataggingtaxonomy
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Laiser Tag Insights Safe to Use in 2026?

Generally Safe

Score 85/100

Laiser Tag Insights has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago
Risk Assessment

The laiser-tag-insights plugin version 1.1.0 exhibits a concerning security posture due to a significant number of unprotected AJAX handlers. While the code does not appear to contain critical vulnerabilities like unsanitized paths in taint analysis or raw SQL queries, the absence of authentication checks on 8 AJAX entry points presents a substantial attack surface. This means any unauthenticated user could potentially interact with these handlers, leading to unintended actions or information disclosure if the functionality within these handlers is not inherently secure.

The plugin's static analysis shows strengths in its use of prepared statements for SQL queries and a lack of recorded vulnerabilities in its history. This suggests a developer who might be mindful of common pitfalls. However, the complete lack of nonce checks on AJAX handlers and the fact that none of the 13 output operations are properly escaped are significant weaknesses. Unescaped output can lead to Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the user's browser. The vulnerability history being clean is positive, but it does not mitigate the risks identified in the current static analysis.

Key Concerns

  • AJAX handlers without auth checks
  • Output not properly escaped
  • AJAX handlers without nonce checks
Vulnerabilities
None known

Laiser Tag Insights Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Laiser Tag Insights Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
13
0 escaped
Nonce Checks
0
Capability Checks
1
File Operations
0
External Requests
12
Bundled Libraries
1

Bundled Libraries

jQuery

SQL Query Safety

100% prepared2 total queries

Output Escaping

0% escaped13 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
setupGraphPage (include\LTInsight.php:86)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
8 unprotected

Laiser Tag Insights Attack Surface

Entry Points8
Unprotected8

AJAX Handlers 8

authwp_ajax_lti_ltbb_get_tags_by_viewsinclude\LTInsight.php:34
authwp_ajax_lti_ltbb_get_tags_by_clicksinclude\LTInsight.php:35
authwp_ajax_lti_ltbb_get_aggregate_metricsinclude\LTInsight.php:36
authwp_ajax_lti_ltbb_get_pages_at_positioninclude\LTInsight.php:37
authwp_ajax_lti_ltbb_get_tag_pages_at_positioninclude\LTInsight.php:38
authwp_ajax_lti_ltbb_get_tag_view_percentageinclude\LTInsight.php:39
authwp_ajax_lti_ltbb_get_tag_click_percentageinclude\LTInsight.php:40
authwp_ajax_lti_ltbb_get_article_metricsinclude\LTInsight.php:41
WordPress Hooks 5
actionadmin_initinclude\LTInsight.php:13
actionadmin_menuinclude\LTInsight.php:19
actionadmin_enqueue_scriptsinclude\LTInsight.php:20
actionlti_post_analysisinclude\LTInsight.php:55
actionadmin_noticesinclude\LTInsight.php:249

Scheduled Events 1

lti_post_analysis
Maintenance & Trust

Laiser Tag Insights Maintenance & Trust

Maintenance Signals

WordPress version tested5.0.25
Last updatedMar 9, 2019
PHP min version
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Laiser Tag Insights Alternatives

Laiser Tag

Laiser Tag

laiser-tag

A
85

Laiser Tag is an automated tagging plugin that uses the Open Calais API to generate tags for created content within a WordPress Site.

20 No CVEs
Laiser Tag Plus

Laiser Tag Plus

laiser-tag-plus

A
85

Use Laiser Tag Plus to get semantic data to use as tags and photo for your posts.

10 No CVEs
TagPages

TagPages

tagpages

A
85

Adds post-tags functionality for pages.

1K No CVEs
Author: António Andrade

Author: António Andrade

wp-tag-this

A
85

Enables your blog readers to suggest new post tags or upvote/downvote existing ones.

10 No CVEs
Custom Post Type UI

Custom Post Type UI

custom-post-type-ui

A
93

Admin UI for creating custom content types like post types and taxonomies

1.0M 4 CVEs
Developer Profile

Laiser Tag Insights Developer Profile

Pacific Coast Information Systems

5 plugins · 40 total installs

86
trust score
Avg Security Score
88/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Laiser Tag Insights

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/laiser-tag-insights/assets/css/lti-style.css
Script Paths
/wp-content/plugins/laiser-tag-insights/assets/flot/jquery.flot.js/wp-content/plugins/laiser-tag-insights/assets/flot/jquery.flot.stack.js/wp-content/plugins/laiser-tag-insights/assets/flot/jquery.flot.time.js/wp-content/plugins/laiser-tag-insights/assets/flot/jquery.flot.tooltip.js

HTML / DOM Fingerprints

JS Globals
LaiserTagLTInsight
REST Endpoints
/wp-json/wp/v2/lti-tag-insights
FAQ

Frequently Asked Questions about Laiser Tag Insights