WP-Safety

Necrologi Italia NICV Security & Risk Analysis

wordpress.org/plugins/necrologi-italia-nicv

Online in 4 semplici passaggi, permette di pubblicare annunci funebri e commemorazioni che inserisci sul portale Necrologi Italia e di generare leads

10 active installs v3.0.8 PHP + WP 4.9+ Updated May 23, 2025
annunci-funebrimanifesti-funebrinecrologinecrologi-italiaonoranze-funebri
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Necrologi Italia NICV Safe to Use in 2026?

Generally Safe

Score 100/100

Necrologi Italia NICV has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago
Risk Assessment

The necrologi-italia-nicv v3.0.8 plugin exhibits a mixed security posture. While it demonstrates good practices in SQL query handling and output escaping, significant concerns arise from the attack surface. The presence of 6 unprotected AJAX handlers represents a notable risk, as these could potentially be exploited by unauthenticated users. The complete absence of nonce checks and capability checks on these AJAX endpoints further exacerbates this risk, making them prime targets for various attacks such as Cross-Site Request Forgery (CSRF) or unauthorized data manipulation. The plugin's history of zero known vulnerabilities is a positive indicator, suggesting a generally secure development process or perhaps a lack of deep security analysis in the past. However, this absence of historical issues does not negate the current risks identified in the static analysis, particularly the unprotected AJAX endpoints. A balanced conclusion is that the plugin has strong foundations in some areas but requires immediate attention to secure its exposed AJAX functionality to mitigate potential vulnerabilities.

Key Concerns

  • AJAX handlers without auth checks
  • No nonce checks on AJAX handlers
  • No capability checks on AJAX handlers
Vulnerabilities
None known

Necrologi Italia NICV Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Necrologi Italia NICV Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
6 prepared
Unescaped Output
17
180 escaped
Nonce Checks
0
Capability Checks
0
File Operations
11
External Requests
10
Bundled Libraries
0

SQL Query Safety

100% prepared6 total queries

Output Escaping

91% escaped197 total outputs
Attack Surface
6 unprotected

Necrologi Italia NICV Attack Surface

Entry Points13
Unprotected6

AJAX Handlers 6

authwp_ajax_condoglianzefunctions.php:89
noprivwp_ajax_condoglianzefunctions.php:90
authwp_ajax_nicv_policyfunctions.php:124
noprivwp_ajax_nicv_policyfunctions.php:125
authwp_ajax_nicv_memoriaefunctions.php:148
noprivwp_ajax_nicv_memoriaefunctions.php:149

Shortcodes 7

[nicv_servizio_necrologi] functions.php:2550
[nicv_scheda_defunto] functions.php:2551
[nicv_ultimi_defunti] functions.php:2552
[nicv_ultime_commemorazioni] functions.php:2553
[nicv_scheda_commemorazione] functions.php:2554
[nicv_manifesti_funebri] functions.php:2555
[nicv_ultimi_manifesti] functions.php:2556
WordPress Hooks 22
actionwp_headfunctions.php:4
actionwp_enqueue_scriptsfunctions.php:34
actiontemplate_redirectfunctions.php:1093
actiontemplate_redirectfunctions.php:1290
actiontemplate_redirectfunctions.php:1770
actiontemplate_redirectfunctions.php:1775
actiontemplate_redirectfunctions.php:2229
actioninitfunctions.php:2572
actioninitfunctions.php:2596
filterdocument_title_partsfunctions.php:2660
filterwp_headfunctions.php:3244
filterwp_headfunctions.php:3248
filterwp_headfunctions.php:3251
filterwpseo_canonicalfunctions.php:3256
actioninitnicv.php:21
actioninitnicv.php:22
actioninitnicv.php:23
actioninitnicv.php:24
actioninitnicv.php:25
actionadmin_menunicv.php:30
actionadmin_initnicv.php:129
actionadmin_noticesnicv.php:148
Maintenance & Trust

Necrologi Italia NICV Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedMay 23, 2025
PHP min version
Downloads2K

Community Trust

Rating100/100
Number of ratings2
Active installs10
Alternatives

Necrologi Italia NICV Alternatives

Karma Memorials

Karma Memorials

karma-memorials

A
100

Complete system for managing online obituaries and memorials with messages, search, notifications and customizable templates.

0 No CVEs
Developer Profile

Necrologi Italia NICV Developer Profile

Methodo Digital Media

1 plugin · 10 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Necrologi Italia NICV

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/necrologi-italia-nicv/css/font-awesome.min.css/wp-content/plugins/necrologi-italia-nicv/css/nicv-main.css/wp-content/plugins/necrologi-italia-nicv/css/nicv-plugin-style.css/wp-content/plugins/necrologi-italia-nicv/js/nicv-main.js/wp-content/plugins/necrologi-italia-nicv/js/nicv-plugin.js
Script Paths
/wp-content/plugins/necrologi-italia-nicv/js/nicv-main.js/wp-content/plugins/necrologi-italia-nicv/js/nicv-plugin.js
Version Parameters
necrologi-italia-nicv/css/font-awesome.min.css?ver=necrologi-italia-nicv/css/nicv-main.css?ver=necrologi-italia-nicv/css/nicv-plugin-style.css?ver=necrologi-italia-nicv/js/nicv-main.js?ver=necrologi-italia-nicv/js/nicv-plugin.js?ver=

HTML / DOM Fingerprints

CSS Classes
nicv
Data Attributes
nicv_id_aziendanicv_apikeynicv_id_policynicv_id_grupponicv_dittanicv_citta+61 more
JS Globals
NICV_PLUGIN_URLNICV_IMGNICV_VERSION
Shortcode Output
[nicv_servizio_necrologi][nicv_scheda_defunto][nicv_scheda_commemorazione][nicv_manifesti_funebri]
FAQ

Frequently Asked Questions about Necrologi Italia NICV