WP-Safety

Moradam SEO Security & Risk Analysis

wordpress.org/plugins/moradam-seo

Moradam SEO – Hepsi bir arada SEO eklentisi arama sonuçları sayfasında üst sıralarda yer almak istiyorsanız, web sitenizin metriklerini izlemeli ve ra …

20 active installs v1.0.7 PHP 7.2+ WP 5.1+ Updated Jan 4, 2022
google-siralamasiseoserpserp-trackersira-takip
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Moradam SEO Safe to Use in 2026?

Generally Safe

Score 85/100

Moradam SEO has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago
Risk Assessment

The "moradam-seo" plugin v1.0.7 presents a mixed security posture. On the positive side, the plugin demonstrates good practices by utilizing prepared statements for all SQL queries and properly escaping all output. There are no recorded vulnerabilities or CVEs for this plugin, suggesting a history of stable and secure development. The absence of file operations and external HTTP requests also reduces potential attack vectors.

However, a significant concern arises from the presence of three AJAX handlers, all of which lack authentication checks. This creates a substantial attack surface that is directly exposed to unauthenticated users. While no critical or high severity taint flows were identified in the static analysis, and dangerous functions are absent, the unprotected AJAX endpoints could potentially be exploited to perform unintended actions or lead to denial-of-service conditions if they handle user-supplied input without proper validation or authorization. The complete absence of nonce checks on these AJAX handlers further exacerbates this risk.

In conclusion, while the plugin benefits from secure data handling practices and a clean vulnerability history, the unprotected AJAX endpoints are a critical security weakness. Remediation of these endpoints by implementing appropriate authentication and authorization checks is strongly recommended to secure the plugin effectively.

Key Concerns

  • Unprotected AJAX handlers
  • Missing nonce checks on AJAX handlers
Vulnerabilities
None known

Moradam SEO Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Moradam SEO Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
30 escaped
Nonce Checks
0
Capability Checks
3
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped30 total outputs
Attack Surface
3 unprotected

Moradam SEO Attack Surface

Entry Points3
Unprotected3

AJAX Handlers 3

authwp_ajax_moradam_kw_actionincludes\class-moradam-seo.php:150
authwp_ajax_moradam_kw_chartsincludes\class-moradam-seo.php:151
authwp_ajax_moradam_kw_keywords_topincludes\class-moradam-seo.php:152
WordPress Hooks 6
actionadmin_enqueue_scriptsincludes\class-moradam-seo.php:144
actionadmin_enqueue_scriptsincludes\class-moradam-seo.php:145
actionadmin_menuincludes\class-moradam-seo.php:146
actionadmin_menuincludes\class-moradam-seo.php:147
actionwp_enqueue_scriptsincludes\class-moradam-seo.php:166
actionwp_enqueue_scriptsincludes\class-moradam-seo.php:167
Maintenance & Trust

Moradam SEO Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13
Last updatedJan 4, 2022
PHP min version7.2
Downloads2K

Community Trust

Rating100/100
Number of ratings1
Active installs20
Alternatives

Moradam SEO Alternatives

Wincher Rank Tracker

Wincher Rank Tracker

wincher-rank-tracker

A
85

Wincher is a Google search engine rank tracking plugin which enables you to keep an eye on your keywords.

3K No CVEs
RankMetric – SERP Rank Tracker

RankMetric – SERP Rank Tracker

rankmetric-serp-rank-tracker

A
100

A powerful and easy-to-use rank tracker and checker that uses the SerpApi to monitor your keyword rankings on Google.

20 No CVEs
IndexMeNow

IndexMeNow

indexmenow

A
100

Push your URLs to IndexMeNow for fast Google indexation. Supports manual push, bulk push, auto-push on publish/update, sitemap push, and more.

2K No CVEs
People Also Ask

People Also Ask

people-also-ask

A
92

Automatically generate content-rich articles in your WordPress site by scraping and organizing questions from Google's "People Also Ask" section.

40 No CVEs
Hub5050 Ranking and Competitor Tracking

Hub5050 Ranking and Competitor Tracking

ranking-and-competitor-tracking

A
92

Website ranking and competitor rank tracking

30 No CVEs
Developer Profile

Moradam SEO Developer Profile

Moradam 360° Dijital Ajans

1 plugin · 20 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Moradam SEO

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/moradam-seo/css/moradam-seo-admin.css/wp-content/plugins/moradam-seo/css/libs/daterangepicker.css/wp-content/plugins/moradam-seo/js/libs/date-fns.js/wp-content/plugins/moradam-seo/js/moradam-seo-admin.js/wp-content/plugins/moradam-seo/js/libs/chart.min.js/wp-content/plugins/moradam-seo/js/libs/daterangepicker.min.js/wp-content/plugins/moradam-seo/js/moradam-seo-ajax-kw-on-top.js/wp-content/plugins/moradam-seo/js/moradam-seo-competitors.js+2 more
Script Paths
https://use.fontawesome.com/releases/v5.7.1/css/all.css
Version Parameters
moradam-seo/css/moradam-seo-admin.css?ver=moradam-seo/css/libs/daterangepicker.css?ver=moradam-seo/js/libs/date-fns.js?ver=moradam-seo/js/moradam-seo-admin.js?ver=moradam-seo/js/libs/daterangepicker.min.js?ver=moradam-seo/js/moradam-seo-ajax-kw-on-top.js?ver=moradam-seo/js/moradam-seo-competitors.js?ver=moradam-seo/js/moradam-seo-best-pages.js?ver=moradam-seo/js/moradam-seo-main.js?ver=

HTML / DOM Fingerprints

JS Globals
moradam_ajax_kw_objectmoradam_competitors_objectmoradam_best_pages_object
FAQ

Frequently Asked Questions about Moradam SEO