WP-Safety

Contentlockr Security & Risk Analysis

wordpress.org/plugins/newsroomie

Unlock more subscribers and traffic.

0 active installs v1.0.21 PHP + WP + Updated Unknown
membershipmetered-paywallpaywallsubscribersubscriptions
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Contentlockr Safe to Use in 2026?

Generally Safe

Score 100/100

Contentlockr has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The newsroomie plugin v1.0.21 exhibits several concerning security weaknesses, primarily stemming from its attack surface. A significant portion of its entry points, specifically 7 out of 8, lack proper authentication checks, creating a broad vulnerability landscape. While the static analysis did not reveal dangerous functions or critical taint flows, the presence of unsanitized paths in 2 out of 4 analyzed flows is a notable concern. This suggests potential for input manipulation that could lead to unintended behavior or data exposure, even if not immediately exploitable as a critical vulnerability.

The plugin's SQL query handling is also a weakness, with 100% of its single SQL query not using prepared statements. This significantly increases the risk of SQL injection vulnerabilities. Furthermore, while the plugin demonstrates good practices in output escaping (92% properly escaped) and has a clean vulnerability history with no recorded CVEs, these strengths are overshadowed by the fundamental security flaws in its entry point handling and database interaction.

In conclusion, while the absence of known vulnerabilities and robust output escaping are positive signs, the high number of unprotected AJAX handlers and the raw SQL query represent immediate and substantial risks. The lack of comprehensive authorization on its AJAX endpoints is the most critical area requiring immediate attention to mitigate potential exploitation.

Key Concerns

  • Unprotected AJAX handlers
  • Raw SQL query without prepared statements
  • Unsanitized paths in taint analysis
Vulnerabilities
None known

Contentlockr Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Contentlockr Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
0 prepared
Unescaped Output
16
173 escaped
Nonce Checks
8
Capability Checks
16
File Operations
0
External Requests
3
Bundled Libraries
2

Bundled Libraries

Select2TinyMCE

SQL Query Safety

0% prepared1 total queries

Output Escaping

92% escaped189 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
newsroomie_google_handle_callback (public\class-newsroomie-public.php:273)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
7 unprotected

Contentlockr Attack Surface

Entry Points8
Unprotected7

AJAX Handlers 7

authwp_ajax_newsroomie_sync_usersincludes\class-newsroomie.php:184
authwp_ajax_newsroomie_profile_tagsincludes\class-newsroomie.php:188
noprivwp_ajax_newsroomie_lead_loginincludes\class-newsroomie.php:276
authwp_ajax_newsroomie_password_resetincludes\class-newsroomie.php:278
noprivwp_ajax_newsroomie_password_resetincludes\class-newsroomie.php:279
authwp_ajax_newsroomie_get_nonceincludes\class-newsroomie.php:281
noprivwp_ajax_newsroomie_get_nonceincludes\class-newsroomie.php:282

Shortcodes 1

[newsroomie-marketing-zone] includes\class-newsroomie.php:191
WordPress Hooks 45
actionadmin_initadmin\pages\newsroomie-page-ctas.php:4
actionadmin_initadmin\pages\newsroomie-page-email.php:4
actionadmin_initadmin\pages\newsroomie-page-options.php:23
actionadmin_initadmin\pages\newsroomie-page-push.php:13
actionadmin_initadmin\pages\newsroomie-page-subscriber-settings.php:4
actionadmin_initadmin\pages\newsroomie-page-tagging.php:4
actionplugins_loadedincludes\class-newsroomie.php:162
actionuser_registerincludes\class-newsroomie.php:178
actiondelete_userincludes\class-newsroomie.php:179
actionprofile_updateincludes\class-newsroomie.php:180
actionafter_password_resetincludes\class-newsroomie.php:181
actionbsa_plg_registration_table_after_update_successincludes\class-newsroomie.php:195
actionadmin_menuincludes\class-newsroomie.php:212
actionadmin_enqueue_scriptsincludes\class-newsroomie.php:215
actionadmin_enqueue_scriptsincludes\class-newsroomie.php:216
actionadd_meta_boxesincludes\class-newsroomie.php:219
actionsave_postincludes\class-newsroomie.php:220
actionmce_external_pluginsincludes\class-newsroomie.php:221
filtermce_buttons_2includes\class-newsroomie.php:222
actionshow_user_profileincludes\class-newsroomie.php:226
actionedit_user_profileincludes\class-newsroomie.php:227
filtermanage_users_columnsincludes\class-newsroomie.php:229
filtermanage_users_custom_columnincludes\class-newsroomie.php:230
actionupdate_option_newsroomie_tenantincludes\class-newsroomie.php:232
actionupdate_option_newsroomie_api_tokenincludes\class-newsroomie.php:233
actionadmin_noticesincludes\class-newsroomie.php:234
actionuser_registerincludes\class-newsroomie.php:237
actionpersonal_options_updateincludes\class-newsroomie.php:239
actionedit_user_profile_updateincludes\class-newsroomie.php:240
actionshow_user_profileincludes\class-newsroomie.php:242
actionedit_user_profileincludes\class-newsroomie.php:243
actionpersonal_options_updateincludes\class-newsroomie.php:244
actionedit_user_profile_updateincludes\class-newsroomie.php:245
actioninitincludes\class-newsroomie.php:247
actionwp_enqueue_scriptsincludes\class-newsroomie.php:262
actionwp_enqueue_scriptsincludes\class-newsroomie.php:263
actionlogin_enqueue_scriptsincludes\class-newsroomie.php:264
actionlogin_enqueue_scriptsincludes\class-newsroomie.php:265
actioninitincludes\class-newsroomie.php:267
actioninitincludes\class-newsroomie.php:268
actionget_headerincludes\class-newsroomie.php:269
actionset_current_userincludes\class-newsroomie.php:271
actioninitincludes\class-newsroomie.php:272
filterthe_contentincludes\class-newsroomie.php:274
actionwp_logoutincludes\class-newsroomie.php:284
Maintenance & Trust

Contentlockr Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedUnknown
PHP min version
Downloads992

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

Contentlockr Alternatives

Memberful – Membership Plugin

Memberful – Membership Plugin

memberful-wp

A
97

Sell memberships and restrict access to content with WordPress and Memberful.

1K 3 CVEs
Leaky Paywall

Leaky Paywall

leaky-paywall

A
95

The subscription engine for news & niche publishers.

800 5 CVEs
ITERAS

ITERAS

iteras

A
99

Integration with ITERAS, a cloud-based state-of-the-art system for managing subscriptions and payments for magazines.

30 1 CVE
Wallkit Subscriptions & Paywall Plugin for WordPress

Wallkit Subscriptions & Paywall Plugin for WordPress

wallkit

A
92

A Plug & Play paid-content system to manage subscribers, gather fees and drive additional content sales.

20 No CVEs
AccessType

AccessType

accesstype

A
85

Accesstype manages subscriptions, adds metered and hard paywall, with onetime and recurring subscription plans for continuous content monetization.

0 No CVEs
Developer Profile

Contentlockr Developer Profile

WebConcern

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Contentlockr

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/newsroomie/css/newsroomie-admin.css/wp-content/plugins/newsroomie/css/select2.min.css/wp-content/plugins/newsroomie/js/newsroomie-admin.js/wp-content/plugins/newsroomie/js/select2.min.js
Version Parameters
newsroomie-admin.css?ver=newsroomie-admin.js?ver=

HTML / DOM Fingerprints

HTML Comments
<!-- This function is provided for demonstration purposes only. --><!-- An instance of this class should be passed to the run() function --><!-- defined in Newsroomie_Loader as all of the hooks are defined --><!-- in that particular class. -->+6 more
Data Attributes
name="newsroomie_meta_box_nonce"
FAQ

Frequently Asked Questions about Contentlockr