Landing sites Security & Risk Analysis
wordpress.org/plugins/landing-sitesWhen visitors is referred to your site from a search engine, the plugin is showing them related posts to their search on your blog.
Is Landing sites Safe to Use in 2026?
Generally Safe
Score 85/100Landing sites has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "landing-sites" plugin v1.5.2 presents a mixed security picture. On one hand, the lack of known CVEs and a generally small attack surface (zero AJAX, REST API, shortcodes, or cron events) are positive indicators. The plugin also avoids common pitfalls like bundled libraries or external HTTP requests. However, significant concerns arise from the static analysis. A concerning 100% of output is not properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if any data displayed to users originates from an untrusted source. Furthermore, the taint analysis reveals a high severity flow with unsanitized paths, indicating a potential risk of code injection or other vulnerabilities that could be exploited.
The vulnerability history is clean, which is a strength, but it doesn't negate the immediate risks identified in the code. The lack of nonces and capability checks across all entry points (though there are none currently) suggests a potential weakness if new entry points are introduced without proper security considerations. While the plugin has strengths in its limited attack surface and clean vulnerability history, the unescaped output and high-severity taint flow are critical areas that require immediate attention to mitigate potential security risks.
Key Concerns
- High severity taint flow with unsanitized paths
- 0% of output properly escaped
- SQL queries not fully using prepared statements
- 0 capability checks across all entry points
- 0 nonce checks across all entry points
Landing sites Security Vulnerabilities
Landing sites Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Landing sites Attack Surface
WordPress Hooks 1
Maintenance & Trust
Landing sites Maintenance & Trust
Maintenance Signals
Community Trust
Landing sites Alternatives
All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic
all-in-one-seo-pack
AIOSEO is the most powerful WordPress SEO plugin. Improve SEO rankings and traffic with comprehensive SEO tools and smart AI SEO optimizations!
Rank Math SEO – AI SEO Tools to Dominate SEO Rankings
seo-by-rank-math
Rank Math SEO is the best WordPress SEO plugin with the features of many SEO and AI SEO tools in a single package to help multiply your SEO traffic.
SureRank SEO – Smart Assistant with Meta Tags, Social Preview, XML Sitemap, and Schema
surerank
SureRank – SEO Assistant with Meta Tags, Social Preview, XML Sitemap, and Schema
SEOPress – On-site SEO & Analytics
wp-seopress
SEOPress, a simple, fast and powerful all in one SEO plugin for WordPress. Rank higher in search engines, fully white label. Now with AI.
The SEO Framework – Fast, Automated, Effortless.
autodescription
The fastest feature-complete SEO plugin for professional WordPress websites. Secure, fast, unbranded, and automated SEO. Do less; get better results.
Landing sites Developer Profile
1 plugin · 100 total installs
How We Detect Landing sites
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
HTML / DOM Fingerprints
[ls_related][ls_search_engines][ls_getinfo]