Loyae Security & Risk Analysis
wordpress.org/plugins/loyaeAI-generated HTML metadata and alt text in bulk for SEO; automatically inserts into select pages.
Is Loyae Safe to Use in 2026?
Generally Safe
Score 100/100Loyae has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'loyae' plugin v1.0.5 exhibits a generally strong security posture based on the provided static analysis. The absence of any detected dangerous functions, unsanitized taint flows, and raw SQL queries is commendable. The plugin also demonstrates a good practice of utilizing prepared statements for all its SQL queries, mitigating the risk of SQL injection. Furthermore, the presence of numerous capability checks suggests a conscious effort to control access to its features. However, a significant concern arises from the 0 nonce checks across all identified entry points, particularly in conjunction with 0 AJAX handlers that lack authentication checks. While the REST API routes have permission callbacks, the complete absence of nonce validation on any entry point is a considerable weakness. The vulnerability history being entirely clean is a positive indicator, suggesting the developers have a good track record or the plugin is relatively new/less targeted. Overall, the plugin's strengths lie in its secure handling of database interactions and access control, but the lack of nonce validation presents a potential avenue for Cross-Site Request Forgery (CSRF) attacks.
Key Concerns
- Missing nonce checks on AJAX handlers
- Output escaping is only 56% proper
- No nonce checks on any entry point
Loyae Security Vulnerabilities
Loyae Code Analysis
SQL Query Safety
Output Escaping
Loyae Attack Surface
REST API Routes 8
WordPress Hooks 13
Scheduled Events 1
Maintenance & Trust
Loyae Maintenance & Trust
Maintenance Signals
Community Trust
Loyae Alternatives
Meta Tag Manager
meta-tag-manager
Easily add and manage custom meta tags to various parts of your site or on individual posts, such as Yahoo and Google verification tags.
Image Alt Text Manager – Bulk & Dynamic Alt Tags For image SEO Optimization + AI
alt-manager
Automatically bulk change images alt text to dynamic alt tags values related to content or media and also generate empty values.
Auto Alt Text
auto-alt-text
This plugin allows you to automatically generate an Alt Text for images uploaded into the media library via AI.
SOOZ – AI for SEO – Bulk Generate Focus Keyphrases, Metadata, Alt Text (SEO Autopilot)
ai-for-seo
Lightweight SEO Autopilot that works with Yoast SEO, Rank Math, SEOPress, WooCommerce etc. to bulk-generate keyphrases, meta tags, alt text and more.
AI SEO Tools
ai-seo-tools
AI SEO Tools uses AI to automatically improve your site's SEO, including generating image alt text, content refresh and auto tagging.
Loyae Developer Profile
1 plugin · 10 total installs
How We Detect Loyae
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/loyae/assets/css/loyae-admin.css/wp-content/plugins/loyae/assets/css/loyae-frontend.css/wp-content/plugins/loyae/assets/js/loyae-admin.js/wp-content/plugins/loyae/assets/js/loyae-frontend.js/wp-content/plugins/loyae/assets/js/loyae-admin.js/wp-content/plugins/loyae/assets/js/loyae-frontend.jsloyae-admin.css?ver=loyae-frontend.css?ver=loyae-admin.js?ver=loyae-frontend.js?ver=HTML / DOM Fingerprints
loyae-admin-wraployae-dashboard-wraployae-analyzer-wraployae-config-wrap<!-- Loyae Admin Wrap Start --><!-- Loyae Dashboard Wrap Start --><!-- Loyae Analyzer Wrap Start --><!-- Loyae Configuration Wrap Start -->+4 moredata-loyae-site-iddata-loyae-api-base-urlloyaeAdminloyaeFrontend/wp-json/loyae/v1/sync-data/wp-json/loyae/v1/get-site-analyses[loyae_analytics][loyae_traffic_sources]