WP-Safety

Loderi Virtual Keyboard Security & Risk Analysis

wordpress.org/plugins/loderi-virtual-keayboard

If your site visitors type in it's national language and there is even a small chance that your visitors do not have the

10 active installs v1.2 PHP + WP 3.0.1+ Updated Aug 21, 2015
commentsinputkeyboardunicodevirtual
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Loderi Virtual Keyboard Safe to Use in 2026?

Generally Safe

Score 85/100

Loderi Virtual Keyboard has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago
Risk Assessment

The "loderi-virtual-keyboard" v1.2 plugin exhibits a generally strong security posture based on the static analysis. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events with unprotected entry points indicates a minimal attack surface. Furthermore, the code signals show good practices like 100% prepared statements for SQL queries, a single nonce check, and two capability checks, suggesting an effort to secure its limited functionalities.

However, a significant concern arises from the low rate of properly escaped output. With 12 total outputs and only 33% properly escaped, this leaves a considerable portion vulnerable to Cross-Site Scripting (XSS) attacks. While the taint analysis shows no unsanitized paths, the lack of output escaping could still lead to vulnerabilities if user-controlled data is ever introduced into these unescaped output contexts. The plugin's history of zero vulnerabilities further suggests it may be relatively new or has had limited scrutiny, but the current code analysis highlights a specific area that requires attention.

In conclusion, the plugin is well-structured with a small attack surface and secure database interactions. The primary weakness lies in insufficient output escaping, which is a common vector for XSS vulnerabilities. Addressing this would significantly improve its overall security. Given the lack of historical issues, the current concern is focused on the identified code quality rather than known exploits.

Key Concerns

  • Insufficient output escaping
Vulnerabilities
None known

Loderi Virtual Keyboard Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Loderi Virtual Keyboard Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
8
4 escaped
Nonce Checks
1
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

33% escaped12 total outputs
Attack Surface

Loderi Virtual Keyboard Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 7
actionadd_meta_boxesloderi-virtual-keyboard.php:28
actionsave_postloderi-virtual-keyboard.php:704
filtercomment_form_field_commentloderi-virtual-keyboard.php:735
actionwp_headloderi-virtual-keyboard.php:768
actionwp_footerloderi-virtual-keyboard.php:787
actionwidgets_initloderi-virtual-keyboard.php:864
actionplugins_loadedloderi-virtual-keyboard.php:871
Maintenance & Trust

Loderi Virtual Keyboard Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39
Last updatedAug 21, 2015
PHP min version
Downloads4K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

Loderi Virtual Keyboard Alternatives

WP Arabic Virtual Keyboard

WP Arabic Virtual Keyboard

wp-arabic-virtual-keyboard

A
100

Make it very easy to type using this virtual keyboard without any 3rd party Software or Web sites.Really easy to type in Arabic language.

20 No CVEs
GF Hebrew Virtual Keyboard Add-On

GF Hebrew Virtual Keyboard Add-On

gf-hebrew-virtual-keyboard-add-on

A
92

GF Hebrew Virtual Keyboard Add-On that adds an on-screen virtual Keyboard to your project, which will popup when a specified entry field is focused.

10 No CVEs
Comments Extra Fields For Post,Pages and CPT

Comments Extra Fields For Post,Pages and CPT

wp-comment-fields

B
84

This plugin allow admin to add extra fields in comment area. These fields are saved as comment meta and is displayed under comment text.

600 3 CVEs
Cool Virtual Keyboard

Cool Virtual Keyboard

cool-virtual-keyboard

A
85

This plugin adds virtual keyboard for all text inputs and textareas on your site.

70 No CVEs
KeymanWeb

KeymanWeb

keymanweb

A
85

Enable custom keyboard input methodology in various input fields using your free Tavultesoft KeymanWeb Subscription

10 No CVEs
Developer Profile

Loderi Virtual Keyboard Developer Profile

jj1981ua

2 plugins · 80 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Loderi Virtual Keyboard

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/loderi-virtual-keayboard/css/virtual-keyboard.css/wp-content/plugins/loderi-virtual-keayboard/js/virtual-keyboard.js
Generator Patterns
Loderi Virtual Keyboard 1.2
Script Paths
/wp-content/plugins/loderi-virtual-keayboard/js/virtual-keyboard.js
Version Parameters
loderi-virtual-keayboard/css/virtual-keyboard.css?ver=loderi-virtual-keayboard/js/virtual-keyboard.js?ver=

HTML / DOM Fingerprints

CSS Classes
ui-keyboard
Data Attributes
data-loderikbrd-id
JS Globals
loderikbrd_layouts
FAQ

Frequently Asked Questions about Loderi Virtual Keyboard