Does NS Cloner – Site Copier have any unpatched vulnerabilities?

No. All known vulnerabilities in NS Cloner – Site Copier have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is NS Cloner – Site Copier compatible with WordPress 6.9.4?

According to WordPress.org data, NS Cloner – Site Copier 4.4.9.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is NS Cloner – Site Copier compatible with PHP 7.0+?

NS Cloner – Site Copier requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is NS Cloner – Site Copier updated?

NS Cloner – Site Copier was last updated on Dec 4, 2025. Frequent updates are generally a positive security signal.

What is NS Cloner – Site Copier's security score?

NS Cloner – Site Copier has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

NS Cloner – Site Copier Security & Risk Analysis

wordpress.org/plugins/ns-cloner-site-copier

The NS Cloner saves TONS of time by cloning existing sites in a multisite network to a completely new site in a few seconds.

7K active installs v4.4.9.1 PHP 7.0+ WP 5.0+ Updated Dec 4, 2025

automateclonecopiercopyduplicate

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is NS Cloner – Site Copier Safe to Use in 2026?

Generally Safe

Score 100/100

NS Cloner – Site Copier has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The plugin "ns-cloner-site-copier" v4.4.9.1 exhibits a generally good security posture with a strong emphasis on secure coding practices, particularly regarding output escaping and the use of prepared statements for SQL queries. The vast majority of output is properly escaped, and a significant percentage of SQL queries are secured. The absence of known CVEs and recorded vulnerability history further suggests a history of responsible development and maintenance.

However, a significant concern arises from the substantial attack surface presented by its AJAX handlers. A high number of AJAX endpoints (9 out of 10) lack authentication checks, creating a potential entry point for unauthorized actions if these handlers are not inherently protected by WordPress's user role and capability system. While taint analysis shows no critical or high-severity flows, the lack of robust authentication on numerous AJAX endpoints remains a primary risk factor that could be exploited in conjunction with other potential weaknesses or social engineering tactics.

In conclusion, the plugin demonstrates a strong foundation in secure coding, particularly with output and database interactions. The main area for improvement and heightened vigilance lies in securing its AJAX endpoints to mitigate the risk posed by the large, unprotected attack surface. Addressing these unprotected entry points would significantly bolster the plugin's overall security.

Key Concerns

9 unprotected AJAX handlers
Only 2 capability checks present
Only 3 nonce checks present

Vulnerabilities

None known

NS Cloner – Site Copier Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

NS Cloner – Site Copier Code Analysis

Dangerous Functions

Raw SQL Queries

23 prepared

Unescaped Output

147 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

jQuery

SQL Query Safety

68% prepared34 total queries

Output Escaping

99% escaped149 total outputs

Attack Surface

9 unprotected

NS Cloner – Site Copier Attack Surface

Entry Points10

Unprotected9

AJAX Handlers 10

authwp_ajax_ns_cloner_search_sitesclass-ns-cloner-ajax.php:23

authwp_ajax_ns_cloner_validate_sectionclass-ns-cloner-ajax.php:24

authwp_ajax_ns_cloner_process_initclass-ns-cloner-ajax.php:25

authwp_ajax_ns_cloner_get_progressclass-ns-cloner-ajax.php:26

authwp_ajax_ns_cloner_process_finishclass-ns-cloner-ajax.php:27

authwp_ajax_ns_cloner_process_exitclass-ns-cloner-ajax.php:28

authwp_ajax_ns_cloner_delete_scheduleclass-ns-cloner-ajax.php:29

authwp_ajax_ns_cloner_delete_optionsclass-ns-cloner-ajax.php:30

authwp_ajax_ns_cloner_maybe_submit_reviewclass-ns-cloner-ajax.php:31

authwp_ajax_ns_cloner_save_analytics_modefeatures\class-ns-cloner-analytics.php:110

WordPress Hooks 29

actionns_cloner_initabstracts\class-ns-cloner-addon.php:55

actionns_cloner_enqueue_scriptsabstracts\class-ns-cloner-addon.php:56

actionns_cloner_render_sectionsabstracts\class-ns-cloner-section.php:59

actionallclass-ns-cloner-log.php:162

actionallclass-ns-cloner-log.php:286

actionwp_loadedclass-ns-cloner-schedule.php:39

filtercron_schedulesclass-ns-cloner-schedule.php:44

actionadmin_enqueue_scriptsclass-ns-cloner.php:164

actionnetwork_admin_menuclass-ns-cloner.php:167

actionadmin_menuclass-ns-cloner.php:168

actionadmin_bar_menuclass-ns-cloner.php:169

actionmanage_sites_action_linksclass-ns-cloner.php:172

actionns_cloner_initclass-ns-cloner.php:175

actioninitclass-ns-cloner.php:177

actionplugins_loadedclass-ns-cloner.php:183

filteradmin_body_classclass-ns-cloner.php:334

actionns_cloner_before_render_mainfeatures\class-ns-cloner-analytics.php:109

filterns_cloner_site_tablesfeatures\class-ns-cloner-analytics.php:111

filterns_cloner_global_table_patternsns-compatibility.php:17

filterns_cloner_do_drop_target_tablens-compatibility.php:33

filterns_cloner_do_copy_rowns-compatibility.php:49

filterns_cloner_do_search_replacens-compatibility.php:88

actionns_cloner_process_finishns-compatibility.php:110

actionns_cloner_process_initns-compatibility.php:127

actionns_cloner_tables_process_completeprocesses\class-ns-cloner-rows-process.php:82

filterns_cloner_rows_per_querysections\class-ns-cloner-section-additional-settings.php:44

filterns_cloner_progress_update_intervalsections\class-ns-cloner-section-additional-settings.php:45

filterns_cloner_skip_viewssections\class-ns-cloner-section-additional-settings.php:46

filterns_cloner_skip_constraintssections\class-ns-cloner-section-additional-settings.php:47

Maintenance & Trust

NS Cloner – Site Copier Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 4, 2025

PHP min version7.0

Downloads1.0M

Community Trust

Rating94/100

Number of ratings278

Active installs7K

Alternatives

NS Cloner – Site Copier Alternatives

Yoast Duplicate Post

duplicate-post

The go-to tool for cloning posts and pages, including the powerful Rewrite & Republish feature.

4.0M 3 CVEs

Duplicate Menu

duplicate-menu

100

Easily duplicate your WordPress menus with one click.

100K No CVEs

WP Duplicate Page

wp-duplicate-page

Clone WordPress page, post, custom post types

60K 3 CVEs

Clone Posts

clone-posts

100

Easily clone (duplicate) Posts, Pages and Custom Post Types, including their custom fields (post_meta)

10K No CVEs

Duplicate Post Page Menu & Custom Post Type

duplicate-post-page-menu-custom-post-type

The best plugin to duplicate post, page, menu and custom post type multiple times in a single click.

10K 2 CVEs

Developer Profile

NS Cloner – Site Copier Developer Profile

Never Settle

1 plugin · 7K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect NS Cloner – Site Copier

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ns-cloner-site-copier/css/ns-cloner-admin.css/wp-content/plugins/ns-cloner-site-copier/css/ns-cloner-modal.css/wp-content/plugins/ns-cloner-site-copier/js/ns-cloner-admin.js/wp-content/plugins/ns-cloner-site-copier/js/ns-cloner-modal.js/wp-content/plugins/ns-cloner-site-copier/js/ns-cloner-report.js/wp-content/plugins/ns-cloner-site-copier/js/ns-cloner-dashboard.js

Script Paths

/wp-content/plugins/ns-cloner-site-copier/js/ns-cloner-admin.js/wp-content/plugins/ns-cloner-site-copier/js/ns-cloner-modal.js/wp-content/plugins/ns-cloner-site-copier/js/ns-cloner-report.js/wp-content/plugins/ns-cloner-site-copier/js/ns-cloner-dashboard.js

Version Parameters

ns-cloner-site-copier/css/ns-cloner-admin.css?ver=ns-cloner-site-copier/css/ns-cloner-modal.css?ver=ns-cloner-site-copier/js/ns-cloner-admin.js?ver=ns-cloner-site-copier/js/ns-cloner-modal.js?ver=ns-cloner-site-copier/js/ns-cloner-report.js?ver=ns-cloner-site-copier/js/ns-cloner-dashboard.js?ver=

HTML / DOM Fingerprints

CSS Classes

ns-cloner-wrapns-cloner-buttonns-cloner-modal-contentns-cloner-modal-closens-cloner-modal-headerns-cloner-modal-bodyns-cloner-modal-footerns-cloner-report-table+1 more

HTML Comments

Data Attributes

data-ns-cloner-modal-iddata-ns-cloner-targetdata-ns-cloner-action

JS Globals

NSClonerAdminNSClonerModalNSClonerReportNSClonerDashboard

REST Endpoints

/wp-json/ns-cloner/v1/process/wp-json/ns-cloner/v1/logs/wp-json/ns-cloner/v1/settings

FAQ