WP-Safety

Magnet Genius Security & Risk Analysis

wordpress.org/plugins/magnet-genius

Create magnet genius with customizable forms to collect email addresses before providing downloads to your visitors.

10 active installs v1.1.0 PHP 7.2+ WP 5.0+ Updated Oct 9, 2025
content-upgradeemail-marketingleadlead-generationmagnet-genius
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Magnet Genius Safe to Use in 2026?

Generally Safe

Score 100/100

Magnet Genius has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The magnet-genius plugin v1.1.0 exhibits a generally positive security posture with no recorded vulnerabilities in its history. The static analysis shows good practices such as the absence of dangerous functions and file operations, and a moderate level of SQL prepared statement usage and output escaping. Nonce and capability checks are present on some entry points, which is a good sign. However, the plugin does have external HTTP requests and a notable number of flows with unsanitized paths, indicating potential for unexpected behavior or information leakage if not handled carefully. While these are flagged as high severity taint flows, the absence of reported CVEs suggests these may not be exploitable in practice or are mitigated by other factors. The plugin's attack surface is relatively small, and importantly, all identified entry points appear to have authentication checks, which is a significant strength. Despite the identified taint flow concerns, the lack of historical vulnerabilities and the presence of basic security checks paint a picture of a plugin that, while not flawless, has a reasonably secure foundation. Developers should, however, investigate and sanitize the identified unsanitized paths to further improve its security.

Key Concerns

  • High severity unsanitized taint flows
  • Moderate SQL prepared statement usage
  • Moderate output escaping
  • External HTTP requests
Vulnerabilities
None known

Magnet Genius Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Magnet Genius Code Analysis

Dangerous Functions
0
Raw SQL Queries
16
24 prepared
Unescaped Output
82
164 escaped
Nonce Checks
4
Capability Checks
3
File Operations
0
External Requests
6
Bundled Libraries
0

SQL Query Safety

60% prepared40 total queries

Output Escaping

67% escaped246 total outputs
Data Flows
4 unsanitized

Data Flow Analysis

8 flows4 with unsanitized paths
<admin> (includes\admin.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Magnet Genius Attack Surface

Entry Points6
Unprotected0

AJAX Handlers 2

authwp_ajax_Magnet_Genius_form_submitincludes\shortcode.php:21
noprivwp_ajax_Magnet_Genius_form_submitincludes\shortcode.php:22

Shortcodes 4

[magnet-genius] includes\shortcode.php:7
[name] includes\shortcode.php:8
[file_url] includes\shortcode.php:9
[product_url] includes\shortcode.php:12
WordPress Hooks 16
actionadmin_menuincludes\admin.php:7
actionadmin_initincludes\admin.php:8
actionadmin_enqueue_scriptsincludes\admin.php:9
actionadmin_initincludes\admin.php:10
actionadmin_post_save_Magnet_Geniusincludes\form-handler.php:7
filtermanage_edit-product_columnsincludes\shortcode.php:13
actionmanage_product_posts_custom_columnincludes\shortcode.php:14
actionadmin_headincludes\shortcode.php:15
actionwp_enqueue_scriptsincludes\shortcode.php:17
actionwp_footerincludes\shortcode.php:18
actionlm_magnet_genius_cronincludes\shortcode.php:19
actionplugins_loadedmagnet-genius.php:38
actionplugins_loadedmagnet-genius.php:49
filtercron_schedulesmagnet-genius.php:102
actionadmin_noticesmagnet-genius.php:121
actionadmin_initmagnet-genius.php:131

Scheduled Events 1

lm_magnet_genius_cron
Maintenance & Trust

Magnet Genius Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 9, 2025
PHP min version7.2
Downloads652

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Magnet Genius Alternatives

Hostinger Reach – AI-Powered Email Marketing for WordPress

Hostinger Reach – AI-Powered Email Marketing for WordPress

hostinger-reach

A
100

Launch and grow your email marketing effortlessly with Hostinger Reach. Collect contacts, sync subscribers, and send emails – all in one, AI powered.

1.0M No CVEs
Leadfox for WordPress

Leadfox for WordPress

leadfox

A
99

Integrate Leadfox tracking code to enable contact synchronisation with a contact lists, forms and enable pop-ups on your WordPress site.

200 1 CVE
Email Marketing by SendX

Email Marketing by SendX

email-marketing-by-sendx

A
85

SendX is a lead-generation and marketing automation platform to grow your web business. In simple words it is marketing for non-marketers.

100 No CVEs
WPMktgEngine

WPMktgEngine

wpmktgengine

A
100

WPMktgEngine turns your WordPress site into a marketing engine for your business. A comprehensive online marketing platform.

30 No CVEs
Content Upgrade

Content Upgrade

content-upgrade

A
100

Note: Please refer the screenshot images to understand the complete working of the content upgrade plugin.

10 No CVEs
Developer Profile

Magnet Genius Developer Profile

Best WP Developer

11 plugins · 720 total installs

95
trust score
Avg Security Score
93/100
Avg Patch Time
1 days
View full developer profile
Detection Fingerprints

How We Detect Magnet Genius

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/magnet-genius/assets/css/admin.css/wp-content/plugins/magnet-genius/assets/js/main.js
Script Paths
/wp-content/plugins/magnet-genius/assets/js/main.js
Version Parameters
magnet-genius/assets/css/admin.css?ver=magnet-genius/assets/js/main.js?ver=

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Magnet Genius