Does OneClickAI Site Optimizer have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is OneClickAI Site Optimizer compatible with WordPress 6.9.4?

According to WordPress.org data, OneClickAI Site Optimizer 1.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is OneClickAI Site Optimizer compatible with PHP 7.4+?

OneClickAI Site Optimizer requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is OneClickAI Site Optimizer updated?

OneClickAI Site Optimizer was last updated on Feb 25, 2026. Frequent updates are generally a positive security signal.

What is OneClickAI Site Optimizer's security score?

OneClickAI Site Optimizer has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

OneClickAI Site Optimizer Security & Risk Analysis

wordpress.org/plugins/oneclickai-site-optimizer

You no longer need to spend a lot of time on SEO for WordPress — just one click, and our tool will generate meta-tags for all URLs and fix parameters

10 active installs v1.0 PHP 7.4+ WP 6.3+ Updated Feb 25, 2026

ai-seoseoseo-optimizationwordpress-seo

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is OneClickAI Site Optimizer Safe to Use in 2026?

Generally Safe

Score 100/100

OneClickAI Site Optimizer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The 'oneclickai-site-optimizer' plugin v1.0 exhibits a generally strong security posture, adhering to many WordPress security best practices. The static analysis reveals a robust implementation with 100% of SQL queries using prepared statements, and 97% of outputs being properly escaped, indicating a low risk of common injection and cross-site scripting vulnerabilities. Furthermore, all 16 identified AJAX handlers have associated nonce and capability checks, and there are no REST API routes, shortcodes, or cron events that could represent additional attack vectors. The plugin's vulnerability history is clean, with zero recorded CVEs, suggesting a well-maintained and secure codebase to date.

However, there are a couple of areas that warrant attention. The taint analysis identified two flows with unsanitized paths, which, while not classified as critical or high severity in this analysis, represent potential vulnerabilities if user-supplied data is not handled with extreme care. These unsanitized paths could, in certain contexts, lead to directory traversal or unauthorized file access. Additionally, the plugin performs 12 external HTTP requests, which, while not inherently a vulnerability, increases the external dependency surface. If any of these external services are compromised, it could indirectly affect the security of the WordPress site. Overall, the plugin is well-protected against common WordPress vulnerabilities, but the identified unsanitized paths require careful review and mitigation.

Key Concerns

Unsanitized paths in taint analysis
Multiple external HTTP requests

Vulnerabilities

None known

OneClickAI Site Optimizer Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

OneClickAI Site Optimizer Release Timeline

v1.0Current

Code Analysis

Analyzed Apr 16, 2026

OneClickAI Site Optimizer Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

71 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared4 total queries

Output Escaping

97% escaped73 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths

handle_get_page_text (one-click-ai-seo.php:932)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

OneClickAI Site Optimizer Attack Surface

Entry Points16

Unprotected0

AJAX Handlers 16

authwp_ajax_ocai_connect_apione-click-ai-seo.php:82

authwp_ajax_ocai_refresh_subscriptionone-click-ai-seo.php:83

authwp_ajax_ocai_start_analysisone-click-ai-seo.php:84

authwp_ajax_ocai_continue_analysisone-click-ai-seo.php:85

authwp_ajax_ocai_get_batch_statusone-click-ai-seo.php:86

authwp_ajax_ocai_get_analysisone-click-ai-seo.php:87

authwp_ajax_ocai_get_analysis_progressone-click-ai-seo.php:88

authwp_ajax_ocai_clear_analysisone-click-ai-seo.php:89

authwp_ajax_ocai_save_titleone-click-ai-seo.php:90

authwp_ajax_ocai_save_descriptionone-click-ai-seo.php:91

authwp_ajax_ocai_reset_tagsone-click-ai-seo.php:92

authwp_ajax_ocai_create_robotsone-click-ai-seo.php:93

authwp_ajax_ocai_get_robots_contentone-click-ai-seo.php:94

authwp_ajax_ocai_create_sitemapone-click-ai-seo.php:95

authwp_ajax_ocai_get_page_textone-click-ai-seo.php:96

authwp_ajax_ocai_generate_ai_tagone-click-ai-seo.php:97

WordPress Hooks 10

actionadmin_menuone-click-ai-seo.php:56

actionadmin_enqueue_scriptsone-click-ai-seo.php:59

actionadmin_footerone-click-ai-seo.php:62

filterpre_get_document_titleone-click-ai-seo.php:65

filterwpseo_metadescone-click-ai-seo.php:68

filterwpseo_opengraph_descone-click-ai-seo.php:69

filterwpseo_twitter_descriptionone-click-ai-seo.php:70

filterrank_math/frontend/descriptionone-click-ai-seo.php:73

filteraioseop_descriptionone-click-ai-seo.php:76

actionwp_headone-click-ai-seo.php:79

Maintenance & Trust

OneClickAI Site Optimizer Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 25, 2026

PHP min version7.4

Downloads177

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

OneClickAI Site Optimizer Alternatives

RepublishAI – WordPress SEO Plugin that Grows Organic Traffic on Autopilot

ai-agent-for-seo-content-republish-ai

100

The WordPress SEO plugin that grows organic traffic on autopilot. AI Agents research, write, and publish SEO content automatically.

60 No CVEs

ContextLift

contextlift

100

AI Internal Linking Plugin for WordPress – Automatically build internal links, reduce click depth, and boost SEO rankings without manual work.

10 No CVEs

$Rank Math SEO – AI SEO Tools to Dominate SEO Rankings$

Rank Math SEO – AI SEO Tools to Dominate SEO Rankings

seo-by-rank-math

Rank Math SEO is the best WordPress SEO plugin with the features of many SEO and AI SEO tools in a single package to help multiply your SEO traffic.

4.0M 20 CVEs

SureRank SEO – Smart Assistant with Meta Tags, Social Preview, XML Sitemap, and Schema

surerank

SureRank – SEO Assistant with Meta Tags, Social Preview, XML Sitemap, and Schema

300K 1 CVE

Schema – All In One Schema Rich Snippets

all-in-one-schemaorg-rich-snippets

Improve SEO, elevate rankings and Boost CTR. Supports different types of content and works well with Google, Bing, Yahoo, and Facebook.

30K 2 CVEs

Developer Profile

OneClickAI Site Optimizer Developer Profile

oneclickseo

1 plugin · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect OneClickAI Site Optimizer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/oneclickai-site-optimizer/assets/css/admin.css/wp-content/plugins/oneclickai-site-optimizer/assets/js/admin.js

Script Paths

/wp-content/plugins/oneclickai-site-optimizer/assets/js/admin.js

Version Parameters

oneclickai-site-optimizer/assets/css/admin.css?ver=oneclickai-site-optimizer/assets/js/admin.js?ver=

HTML / DOM Fingerprints

JS Globals

window.ocaiAjax

REST Endpoints

/wp-json/oneclickai-site-optimizer/v1

FAQ