Does LLMs.txt Curator have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is LLMs.txt Curator compatible with WordPress 6.9.4?

According to WordPress.org data, LLMs.txt Curator 1.4.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is LLMs.txt Curator compatible with PHP 7.4+?

LLMs.txt Curator requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is LLMs.txt Curator updated?

LLMs.txt Curator was last updated on Apr 5, 2026. Frequent updates are generally a positive security signal.

What is LLMs.txt Curator's security score?

LLMs.txt Curator has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

LLMs.txt Curator Security & Risk Analysis

wordpress.org/plugins/llms-txt-curator

Curate, score, and maintain your llms.txt with quality scoring, description suggestions, change detection, and AI crawler analytics.

0 active installs v1.4.6 PHP 7.4+ WP 6.0+ Updated Apr 5, 2026

ai-seoai-visibilitychatgptllmllms-txt

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is LLMs.txt Curator Safe to Use in 2026?

Generally Safe

Score 100/100

LLMs.txt Curator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "llms-txt-curator" plugin v1.4.6 demonstrates several positive security practices, including the exclusive use of prepared statements for all SQL queries and proper output escaping for all identified outputs. The absence of known vulnerabilities and a clean vulnerability history further suggest a generally well-maintained codebase. However, there are notable security concerns that detract from its overall security posture. Specifically, the plugin exposes two AJAX handlers that lack authentication checks, creating a potential attack vector for unauthorized actions. While the REST API routes are protected by permission callbacks, these unprotected AJAX endpoints represent a direct risk. The taint analysis, though limited in scope, identified flows with unsanitized paths, which, even without critical or high severity ratings in this analysis, warrant attention as they could be exploited under different conditions or with more complex inputs.

In conclusion, "llms-txt-curator" v1.4.6 exhibits strengths in its secure handling of database queries and output rendering. The lack of past vulnerabilities is a positive indicator. Nevertheless, the presence of unprotected AJAX endpoints introduces a significant security weakness that could be exploited. The identified unsanitized paths, even if currently low risk, highlight a potential area for improvement. These factors, combined, suggest a moderately secure plugin with specific, addressable vulnerabilities that require immediate attention to mitigate potential risks.

Key Concerns

Unprotected AJAX handlers
Taint flow with unsanitized paths

Vulnerabilities

None known

LLMs.txt Curator Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

LLMs.txt Curator Release Timeline

v1.4.6Current

Code Analysis

Analyzed Apr 16, 2026

LLMs.txt Curator Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

366 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared4 total queries

Output Escaping

100% escaped367 total outputs

Data Flows · Security

3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths

ajax_save_settings (includes/class-llms-txt-admin.php:111)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

LLMs.txt Curator Attack Surface

Entry Points6

Unprotected2

AJAX Handlers 2

authwp_ajax_llmscu_network_regen_siteincludes/class-llms-txt-network.php:34

authwp_ajax_llmscu_network_regen_allincludes/class-llms-txt-network.php:35

REST API Routes 4

POST/wp-json/llms-txt/v1/regeneratellms-txt-curator.php:556

GET/wp-json/llms-txt/v1/statusllms-txt-curator.php:562

GET/wp-json/llms-txt/v1/crawler-statsllms-txt-curator.php:568

GET/wp-json/llms-txt/v1/pagesllms-txt-curator.php:574

WordPress Hooks 17

actionadmin_menuincludes/class-llms-txt-admin.php:33

actionadmin_enqueue_scriptsincludes/class-llms-txt-admin.php:34

actionnetwork_admin_menuincludes/class-llms-txt-network.php:30

actionnetwork_admin_enqueue_scriptsincludes/class-llms-txt-network.php:31

actiontransition_post_statusllms-txt-curator.php:232

actionllmscu_do_regeneratellms-txt-curator.php:233

actionllmscu_do_regenerate_recurringllms-txt-curator.php:234

actionpermalink_structure_changedllms-txt-curator.php:235

actioninitllms-txt-curator.php:236

actiontemplate_redirectllms-txt-curator.php:237

filterquery_varsllms-txt-curator.php:238

filterrobots_txtllms-txt-curator.php:239

actionrest_api_initllms-txt-curator.php:240

filtercron_schedulesllms-txt-curator.php:243

actioninitllms-txt-curator.php:244

actionplugins_loadedllms-txt-curator.php:1075

actionplugins_loadedllms-txt-curator.php:1085

Scheduled Events 1

llmscu_do_regenerate

Maintenance & Trust

LLMs.txt Curator Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 5, 2026

PHP min version7.4

Downloads17

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

LLMs.txt Curator Alternatives

GEO Pilot – AI Search Optimization & llms.txt

geo-pilot

100

Prepare your WordPress site for the AI Search era. Auto-generate a dynamic llms.txt file, optimize content for tokens, and rank in AI Overviews.

20 No CVEs

citelayer® – AI SEO & Visibility | llms.txt, Bot Analytics, Schema.org

citelayer

100

Get found by ChatGPT, Perplexity & AI search. AI Visibility, llms.txt, Schema.org — make your site the answer AI recommends.

10 No CVEs

LLMs.txt Generator – AI Visibility

aiready-llms-txt-generator

100

Generate and publish llms.txt for AI assistants like ChatGPT, Claude and Perplexity. Free standalone mode; Pro API mode adds WooCommerce drill-down.

0 No CVEs

GetCited — AI Visibility

getcited

100

Optimize for AI search. The AI visibility plugin — manage crawlers, generate llms.txt, track citability.

0 No CVEs

IA SEO Generator

ia-seo-generator

100

Make your site visible to AI: serve an AI-ready /llms.txt (no root). Appear in answers on ChatGPT, Perplexity, Claude, Gemini, Copilot, Comet.

100 No CVEs

Developer Profile

LLMs.txt Curator Developer Profile

Sean Mullins

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect LLMs.txt Curator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/llms-txt-curator/assets/css/llms-txt-curator.css/wp-content/plugins/llms-txt-curator/assets/js/llms-txt-curator.js/wp-content/plugins/llms-txt-curator/assets/js/llms-txt-curator-admin.js/wp-content/plugins/llms-txt-curator/assets/css/llms-txt-curator-admin.css

Generator Patterns

# Generated by LLMs.txt Curator for WordPress

Version Parameters

llms-txt-curator/assets/css/llms-txt-curator.css?ver=llms-txt-curator/assets/js/llms-txt-curator.js?ver=llms-txt-curator/assets/js/llms-txt-curator-admin.js?ver=llms-txt-curator/assets/css/llms-txt-curator-admin.css?ver=

HTML / DOM Fingerprints

CSS Classes

llms-txt-curator-admin-wrap

HTML Comments

Data Attributes

data-llmscu-actiondata-llmscu-page-iddata-llmscu-post-id

JS Globals

llmscu_admin_paramsllmscu_generator_settings

FAQ