Does Bulk Page Generator – LPagery have any unpatched vulnerabilities?

No. All known vulnerabilities in Bulk Page Generator – LPagery have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Bulk Page Generator – LPagery compatible with WordPress 6.9.4?

According to WordPress.org data, Bulk Page Generator – LPagery 2.5.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Bulk Page Generator – LPagery compatible with PHP 7.4+?

Bulk Page Generator – LPagery requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Bulk Page Generator – LPagery updated?

Bulk Page Generator – LPagery was last updated on Feb 13, 2026. Frequent updates are generally a positive security signal.

What is Bulk Page Generator – LPagery's security score?

Bulk Page Generator – LPagery has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Bulk Page Generator – LPagery Security & Risk Analysis

wordpress.org/plugins/lpagery

Effortlessly mass generate unlimited SEO-optimized pages in bulk with LPagery. Boost traffic, save time, and grow your business in just 5 minutes!

3K active installs v2.5.2 PHP 7.4+ WP 6.2+ Updated Feb 13, 2026

bulk-pagelocal-seomass-pageprogrammatic-seoseo

A · Safe

CVEs total1

Unpatched0

Last CVEJan 7, 2026

Plugin page Download

Safety Verdict

Is Bulk Page Generator – LPagery Safe to Use in 2026?

Generally Safe

Score 99/100

Bulk Page Generator – LPagery has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 7, 2026Updated 1mo ago

Risk Assessment

The "lpagery" v2.5.4 plugin exhibits a concerning security posture due to a significant number of unprotected entry points, particularly AJAX handlers. While the plugin demonstrates good practices in SQL query preparation and output escaping, the sheer volume of AJAX endpoints lacking authorization checks presents a substantial attack surface that could be exploited by unauthenticated users to trigger unintended actions. The presence of unsanitized path flows in the taint analysis, although not reaching critical severity, is also a red flag that warrants attention. The plugin's vulnerability history, with a single medium-severity CVE, suggests a past issue but the absence of currently unpatched vulnerabilities is a positive sign. However, the common vulnerability type of 'Missing Authorization' in its history directly correlates with the findings in the static analysis, indicating a recurring weakness that needs to be addressed to improve the plugin's overall security.

Key Concerns

Unprotected AJAX handlers
Unprotected REST API routes
Unsanitized path flows (High severity taint)
Bundled outdated library (Freemius v1.0)
Medium severity vulnerability in history

Vulnerabilities

Bulk Page Generator – LPagery Security Vulnerabilities

CVEs by Year

1 CVE in 2026

2026

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2026-22490medium · 4.3Missing Authorization

Bulk Landing Page Creator for WordPress LPagery <= 2.4.9 - Missing Authorization

Jan 7, 2026 Patched in 2.4.10 (8d)

Code Analysis

Analyzed Mar 16, 2026

Bulk Page Generator – LPagery Code Analysis

Dangerous Functions

Raw SQL Queries

141 prepared

Unescaped Output

82 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Freemius1.0

SQL Query Safety

73% prepared193 total queries

Output Escaping

92% escaped89 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

6 flows4 with unsanitized paths

lpagery_setup_menu (lpagery.php:81)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

31 unprotected

Bulk Page Generator – LPagery Attack Surface

Entry Points50

Unprotected31

AJAX Handlers 30

authwp_ajax_lpagery_sanitize_slugsrc\io\AjaxActions.php:34

authwp_ajax_lpagery_custom_sanitize_titlesrc\io\AjaxActions.php:49

authwp_ajax_lpagery_create_postssrc\io\AjaxActions.php:62

authwp_ajax_lpagery_get_settingssrc\io\AjaxActions.php:152

authwp_ajax_lpagery_get_batch_sizesrc\io\AjaxActions.php:160

authwp_ajax_lpagery_get_pagessrc\io\AjaxActions.php:168

authwp_ajax_lpagery_get_taxonomy_termssrc\io\AjaxActions.php:189

authwp_ajax_lpagery_get_taxonomiessrc\io\AjaxActions.php:200

authwp_ajax_lpagery_search_processessrc\io\AjaxActions.php:213

authwp_ajax_lpagery_get_ram_usagesrc\io\AjaxActions.php:228

authwp_ajax_lpagery_get_post_title_as_slugsrc\io\AjaxActions.php:240

authwp_ajax_lpagery_get_userssrc\io\AjaxActions.php:253

authwp_ajax_lpagery_get_template_postssrc\io\AjaxActions.php:264

authwp_ajax_lpagery_upsert_processsrc\io\AjaxActions.php:275

authwp_ajax_lpagery_get_duplicated_slugssrc\io\AjaxActions.php:292

authwp_ajax_lpagery_download_post_jsonsrc\io\AjaxActions.php:317

authwp_ajax_lpagery_get_users_for_settingssrc\io\AjaxActions.php:330

authwp_ajax_lpagery_get_process_detailssrc\io\AjaxActions.php:342

authwp_ajax_lpagery_get_postsrc\io\AjaxActions.php:356

authwp_ajax_lpagery_get_google_sheet_scheduled_datasrc\io\AjaxActions.php:369

authwp_ajax_lpagery_create_onboarding_template_pagesrc\io\AjaxActions.php:381

authwp_ajax_lpagery_assign_page_set_to_mesrc\io\AjaxActions.php:393

authwp_ajax_lpagery_reset_datasrc\io\AjaxActions.php:414

authwp_ajax_lpagery_update_process_managing_systemsrc\io\AjaxActions.php:429

authwp_ajax_lpagery_get_fresh_noncesrc\io\AjaxActions.php:451

authwp_ajax_lpagery_fetch_app_tokenssrc\io\AjaxActions.php:463

authwp_ajax_lpagery_revoke_app_tokensrc\io\AjaxActions.php:483

authwp_ajax_lpagery_trigger_look_syncsrc\io\AjaxActions.php:516

authwp_ajax_repair_database_schemasrc\io\AjaxActions.php:557

authwp_ajax_delete_lpagery_revisionssrc\io\AjaxActions.php:576

REST API Routes 18

POST/wp-json/lpagery/app/v1/tokensrc\suite\SuiteRestApi.php:27

POST/wp-json/lpagery/app/v1/get_postsrc\suite\SuiteRestApi.php:32

POST/wp-json/lpagery/app/v1/get_pagessrc\suite\SuiteRestApi.php:36

POST/wp-json/lpagery/app/v1/upsert_processsrc\suite\SuiteRestApi.php:40

POST/wp-json/lpagery/app/v1/sanitize_slugsrc\suite\SuiteRestApi.php:45

POST/wp-json/lpagery/app/v1/get_post_title_as_slugsrc\suite\SuiteRestApi.php:50

POST/wp-json/lpagery/app/v1/get_taxonomiessrc\suite\SuiteRestApi.php:55

POST/wp-json/lpagery/app/v1/get_taxonomy_termssrc\suite\SuiteRestApi.php:60

POST/wp-json/lpagery/app/v1/get_processsrc\suite\SuiteRestApi.php:65

POST/wp-json/lpagery/app/v1/create_pagesrc\suite\SuiteRestApi.php:70

POST/wp-json/lpagery/app/v1/disconnect_page_setsrc\suite\SuiteRestApi.php:75

POST/wp-json/lpagery/app/v1/connect_page_setsrc\suite\SuiteRestApi.php:81

POST/wp-json/lpagery/app/v1/search_processessrc\suite\SuiteRestApi.php:87

POST/wp-json/lpagery/app/v1/check_duplicated_slugssrc\suite\SuiteRestApi.php:92

POST/wp-json/lpagery/app/v1/delete_pagessrc\suite\SuiteRestApi.php:97

POST/wp-json/lpagery/app/v1/get_pages_for_updatesrc\suite\SuiteRestApi.php:102

POST/wp-json/lpagery/app/v1/get_pages_for_deletesrc\suite\SuiteRestApi.php:107

POST/wp-json/lpagery/app/v1/get_process_datasrc\suite\SuiteRestApi.php:112

Shortcodes 2

[lpagery_urls] lpagery.php:639

[lpagery_link] lpagery.php:657

WordPress Hooks 34

actionadmin_menulpagery.php:80

filterparent_filelpagery.php:133

actionadmin_footerlpagery.php:200

actionadmin_footerlpagery.php:241

filterpermission_listlpagery.php:261

actionadmin_enqueue_scriptslpagery.php:299

actionadmin_initlpagery.php:342

actionadmin_headlpagery.php:355

filterposts_wherelpagery.php:356

actionrestrict_manage_postslpagery.php:388

filterposts_wherelpagery.php:397

filterwp_count_postslpagery.php:429

actionadmin_footerlpagery.php:464

actionadmin_footerlpagery.php:465

filterthe_postslpagery.php:543

filterpost_row_actionslpagery.php:597

filterpage_row_actionslpagery.php:603

filterattachment_fields_to_editlpagery.php:722

filterwp_generate_attachment_metadatalpagery.php:731

filterwp_update_attachment_metadatalpagery.php:746

actionadded_post_metalpagery.php:761

actionupdated_post_metalpagery.php:779

actionedit_attachmentlpagery.php:797

actionattachment_updatedlpagery.php:806

actionrest_after_insert_attachmentlpagery.php:820

actiondelete_attachmentlpagery.php:834

actionlpagery_backfill_attachment_basenamelpagery.php:840

filterattachment_fields_to_savelpagery.php:862

actionsave_postlpagery.php:873

filterpricing_urllpagery.php:910

filterplugin_iconlpagery.php:913

actionadmin_footerlpagery.php:917

actionallsrc\io\CreatePageDebugger.php:103

actionrest_api_initsrc\suite\SuiteRestApi.php:21

Scheduled Events 3

lpagery_backfill_attachment_basename

lpagery_start_sync_for_process

Maintenance & Trust

Bulk Page Generator – LPagery Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 13, 2026

PHP min version7.4

Downloads86K

Community Trust

Rating100/100

Number of ratings31

Active installs3K

Alternatives

Bulk Page Generator – LPagery Alternatives

Bulk Page Generator and Mass Page Builder – Page Generator

page-generator

Bulk generate multiple Pages using dynamic content.

3K 3 CVEs

PageForge – AI-Powered Programmatic & Local SEO Page Generator

pageforge

100

PageForge is an AI SEO page generator that helps you create thousands of optimized pages instantly.

0 No CVEs

Post to Google My Business (Google Business Profile)

post-to-google-my-business

100

Auto-publish posts, pages & CPTs, plus manage Google Business Profile posts. All from your WordPress dashboard!

10K 1 CVE

Five Star Business Profile and Schema

business-profile

100

Add structured data to any page or post type. Create an SEO friendly contact card with your business info and associated schema.

8K 1 CVE

Local Business Schema (JSON-LD) Lite

wpspeed-localbusiness-schema

100

Boost Local SEO with Smart Local Business Schema JSON-LD

3K No CVEs

Developer Profile

Bulk Page Generator – LPagery Developer Profile

niklaslindemann

1 plugin · 3K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

8 days

View full developer profile

Detection Fingerprints

How We Detect Bulk Page Generator – LPagery

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/lpagery/css/lpagery-app.css/wp-content/plugins/lpagery/css/lpagery-common.css/wp-content/plugins/lpagery/js/lpagery-app.js/wp-content/plugins/lpagery/js/lpagery-common.js

Script Paths

/wp-content/plugins/lpagery/js/lpagery-app.js/wp-content/plugins/lpagery/js/lpagery-common.js

Version Parameters

lpagery-app.css?ver=lpagery-common.css?ver=lpagery-app.js?ver=lpagery-common.js?ver=

HTML / DOM Fingerprints

CSS Classes

lpagery-app-wrapperlpagery-editor-wrapperlpagery-page-list-item

HTML Comments

LPagery authorization iframe

Data Attributes

data-lpagery-iddata-lpagery-type

JS Globals

lpagery_settingslpagery_ajax_object

REST Endpoints

/wp-json/lpagery/v1/pages/wp-json/lpagery/v1/settings

Shortcode Output

[lpagery-page id="

FAQ