WP-Safety

Mizan Demo Importer Security & Risk Analysis

wordpress.org/plugins/mizan-demo-importer

Easily import demo data for Mizan Themes with one click. Fully Elementor compatible, it sets up plugins, images, content, and settings seamlessly!

1K active installs v0.1.6 PHP 7.2+ WP 5.2+ Updated Feb 10, 2026
one-click-demo-importtemplateswebsite-builder
99
A · Safe
CVEs total1
Unpatched0
Last CVEJan 30, 2026
Download
Safety Verdict

Is Mizan Demo Importer Safe to Use in 2026?

Generally Safe

Score 99/100

Mizan Demo Importer has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 30, 2026Updated 1mo ago
Risk Assessment

The 'mizan-demo-importer' plugin exhibits a mixed security posture. While it demonstrates good practices by utilizing prepared statements for all SQL queries and properly escaping a high percentage of output, significant concerns arise from its attack surface. A notable portion of its AJAX handlers lack authentication checks, presenting a clear entry point for unauthorized actions. The presence of a past medium-severity vulnerability, specifically related to missing authorization, further amplifies these concerns, suggesting a recurring pattern of oversight in access control mechanisms. Although no critical or high-severity issues were found in the static analysis, the combination of unprotected entry points and a history of authorization flaws indicates a moderate to high risk, particularly for installations where administrative access might be compromised or the plugin is exposed to untrusted user interactions.

Key Concerns

  • Unprotected AJAX handlers
  • Past medium severity vulnerability (Missing Authorization)
  • Flow with unsanitized paths
Vulnerabilities
1

Mizan Demo Importer Security Vulnerabilities

CVEs by Year

1 CVE in 2026
2026
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2026-25021medium · 4.3Missing Authorization

Mizan Demo Importer <= 0.1.3 - Missing Authorization

Jan 30, 2026 Patched in 0.1.4 (12d)
Code Analysis
Analyzed Mar 16, 2026

Mizan Demo Importer Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
12
231 escaped
Nonce Checks
9
Capability Checks
19
File Operations
5
External Requests
7
Bundled Libraries
0

Output Escaping

95% escaped243 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths
mizan_importer_pro_free_themes (theme-wizard\mizan_exporter_whizzie.php:328)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

Mizan Demo Importer Attack Surface

Entry Points8
Unprotected4

AJAX Handlers 8

authwp_ajax_setup_pluginstheme-wizard\mizan_exporter_whizzie.php:133
authwp_ajax_setup_widgetstheme-wizard\mizan_exporter_whizzie.php:134
authwp_ajax_mizan_importer_setup_themestheme-wizard\mizan_exporter_whizzie.php:135
authwp_ajax_wz_activate_mizan_importer_protheme-wizard\mizan_exporter_whizzie.php:136
authwp_ajax_mizan_importer_setup_elementortheme-wizard\mizan_exporter_whizzie.php:137
authwp_ajax_templates_api_category_wisetheme-wizard\mizan_exporter_whizzie.php:138
authwp_ajax_mizan_importer_install_free_themetheme-wizard\mizan_exporter_whizzie.php:139
authwp_ajax_pagination_load_contenttheme-wizard\mizan_exporter_whizzie.php:140
WordPress Hooks 43
actionadmin_initplugin.php:17
actionadmin_headplugin.php:63
actionactivated_plugintheme-wizard\mizan-setup-wizard-skip.php:5
actionadmin_inittheme-wizard\mizan-setup-wizard-skip.php:12
actionactivated_plugintheme-wizard\mizan-setup-wizard-skip.php:19
actionadmin_menutheme-wizard\mizan-setup-wizard-skip.php:30
actionadmin_inittheme-wizard\mizan-setup-wizard-skip.php:35
actionadmin_menutheme-wizard\mizan-setup-wizard-skip.php:44
actionadmin_inittheme-wizard\mizan-setup-wizard-skip.php:51
actionactivated_plugintheme-wizard\mizan-setup-wizard-skip.php:58
actionadmin_inittheme-wizard\mizan-setup-wizard-skip.php:66
filterwoocommerce_prevent_automatic_wizard_redirecttheme-wizard\mizan-setup-wizard-skip.php:73
actionactivated_plugintheme-wizard\mizan_exporter_whizzie.php:123
actioninittheme-wizard\mizan_exporter_whizzie.php:125
actioninittheme-wizard\mizan_exporter_whizzie.php:126
actionadmin_enqueue_scriptstheme-wizard\mizan_exporter_whizzie.php:128
actionadmin_menutheme-wizard\mizan_exporter_whizzie.php:129
actionadmin_inittheme-wizard\mizan_exporter_whizzie.php:130
actionadmin_inittheme-wizard\mizan_exporter_whizzie.php:131
filtermizan_importer_tgmpa_loadtheme-wizard\mizan_exporter_whizzie.php:132
actionadmin_enqueue_scriptstheme-wizard\mizan_exporter_whizzie.php:141
actioninittheme-wizard\tgm\class-tgm-plugin-activation.php:265
actionadmin_menutheme-wizard\tgm\class-tgm-plugin-activation.php:414
actionadmin_headtheme-wizard\tgm\class-tgm-plugin-activation.php:415
filterinstall_plugin_complete_actionstheme-wizard\tgm\class-tgm-plugin-activation.php:418
filterupdate_plugin_complete_actionstheme-wizard\tgm\class-tgm-plugin-activation.php:419
actionadmin_noticestheme-wizard\tgm\class-tgm-plugin-activation.php:422
actionadmin_inittheme-wizard\tgm\class-tgm-plugin-activation.php:423
actionadmin_enqueue_scriptstheme-wizard\tgm\class-tgm-plugin-activation.php:424
actionload-plugins.phptheme-wizard\tgm\class-tgm-plugin-activation.php:429
actionswitch_themetheme-wizard\tgm\class-tgm-plugin-activation.php:432
actionswitch_themetheme-wizard\tgm\class-tgm-plugin-activation.php:435
actionadmin_inittheme-wizard\tgm\class-tgm-plugin-activation.php:440
actionswitch_themetheme-wizard\tgm\class-tgm-plugin-activation.php:445
filterupgrader_source_selectiontheme-wizard\tgm\class-tgm-plugin-activation.php:792
actionplugins_loadedtheme-wizard\tgm\class-tgm-plugin-activation.php:2015
filtertgmpa_table_data_itemstheme-wizard\tgm\class-tgm-plugin-activation.php:2139
filterupgrader_source_selectiontheme-wizard\tgm\class-tgm-plugin-activation.php:2880
actionadmin_inittheme-wizard\tgm\class-tgm-plugin-activation.php:3050
actionupgrader_process_completetheme-wizard\tgm\class-tgm-plugin-activation.php:3145
filterupgrader_post_installtheme-wizard\tgm\class-tgm-plugin-activation.php:3204
filterupgrader_post_installtheme-wizard\tgm\class-tgm-plugin-activation.php:3349
actionmizan_importer_tgmpa_registertheme-wizard\tgm\tgm.php:36
Maintenance & Trust

Mizan Demo Importer Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedFeb 10, 2026
PHP min version7.2
Downloads41K

Community Trust

Rating0/100
Number of ratings0
Active installs1K
Alternatives

Mizan Demo Importer Alternatives

Ibtana – WordPress Website Builder

Ibtana – WordPress Website Builder

ibtana-visual-editor

B
74

Build your dream WordPress website with Ibtana, a powerful website builder with customizable templates and drag-and-drop elements for customization.

20K 1 unpatched
WPElemento Importer

WPElemento Importer

wpelemento-importer

A
99

Effortlessly set up WordPress themes with WPelemento Importer. One-click demo imports, Elementor compatibility, and support for diverse themes.

10K 1 CVE
ST Demo Importer

ST Demo Importer

st-demo-importer

A
100

ST Demo Importer is a WordPress plugin for Elementor, enabling fast import of pre-designed themes and templates, saving time in website creation.

700 No CVEs
Easy Demo Import for Omega Themes

Easy Demo Import for Omega Themes

easy-demo-import-for-omega-themes

A
100

A lightweight One-Click Demo Import plugin built specifically for Omega Themes. Easily import demo content, widgets, and settings with a single click.

300 No CVEs
Sirat Demo Importer

Sirat Demo Importer

sirat-demo-importer

A
100

Sirat Demo Importer

10 No CVEs
Developer Profile

Mizan Demo Importer Developer Profile

Mizan Themes

27 plugins · 3K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
12 days
View full developer profile
Detection Fingerprints

How We Detect Mizan Demo Importer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/mizan-demo-importer/assets/css/styles.css/wp-content/plugins/mizan-demo-importer/assets/css/theme-setup-wizard.css/wp-content/plugins/mizan-demo-importer/assets/js/mizan-importer-scripts.js/wp-content/plugins/mizan-demo-importer/assets/js/theme-setup-wizard.js/wp-content/plugins/mizan-demo-importer/assets/js/setup-wizard.js
Script Paths
/wp-content/plugins/mizan-demo-importer/assets/js/mizan-importer-scripts.js/wp-content/plugins/mizan-demo-importer/assets/js/theme-setup-wizard.js/wp-content/plugins/mizan-demo-importer/assets/js/setup-wizard.js
Version Parameters
mizan-demo-importer/assets/css/styles.css?ver=mizan-demo-importer/assets/css/theme-setup-wizard.css?ver=mizan-demo-importer/assets/js/mizan-importer-scripts.js?ver=mizan-demo-importer/assets/js/theme-setup-wizard.js?ver=mizan-demo-importer/assets/js/setup-wizard.js?ver=

HTML / DOM Fingerprints

CSS Classes
mizan-importer-wrappermizan-demo-importer-container
HTML Comments
<!-- THIS IS THE MIZAN DEMO IMPORTER CONTENT -->
Data Attributes
data-mizan-importer-stepdata-mizan-importer-demo-id
JS Globals
mizanImportermizanDemoData
REST Endpoints
/wp-json/mizan-demo-importer/v1/import-demo/wp-json/mizan-demo-importer/v1/get-demos
Shortcode Output
[mizan_demo_importer_import_button]
FAQ

Frequently Asked Questions about Mizan Demo Importer