WP-Safety

OneClickContent – Titles Security & Risk Analysis

wordpress.org/plugins/oneclickcontent-titles

OneClickContent - Titles: Generate SEO-Optimized Titles with OpenAI and Google Gemini. Bring your own API keys.

0 active installs v1.1.0 PHP 7.2+ WP 5.0+ Updated Mar 22, 2025
aicontent-enhancementcontent-optimizationseotitles
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is OneClickContent – Titles Safe to Use in 2026?

Generally Safe

Score 92/100

OneClickContent – Titles has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "oneclickcontent-titles" v1.1.0 plugin presents a mixed security posture. On the positive side, it demonstrates good practices in handling SQL queries using prepared statements and does not appear to have any recorded vulnerabilities or known CVEs. The absence of raw SQL queries and no reported critical or high severity taint flows are significant strengths. However, there are notable concerns regarding its attack surface and authentication mechanisms. A substantial portion of its entry points, specifically all four AJAX handlers, lack proper authorization checks. While there are nonce checks present, their effectiveness is diminished if the underlying AJAX actions are not properly permissioned. Furthermore, only 56% of output escaping is considered proper, indicating a potential for cross-site scripting (XSS) vulnerabilities, especially in conjunction with unprotected AJAX handlers.

Key Concerns

  • AJAX handlers without auth checks
  • Improper output escaping
Vulnerabilities
None known

OneClickContent – Titles Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

OneClickContent – Titles Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
11
14 escaped
Nonce Checks
4
Capability Checks
1
File Operations
0
External Requests
4
Bundled Libraries
0

Output Escaping

56% escaped25 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
occ_titles_auto_save (admin\class-occ-titles-settings.php:292)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

OneClickContent – Titles Attack Surface

Entry Points4
Unprotected4

AJAX Handlers 4

authwp_ajax_occ_titles_generate_titlesincludes\class-occ-titles.php:149
authwp_ajax_occ_titles_auto_saveincludes\class-occ-titles.php:150
authwp_ajax_occ_titles_ajax_validate_openai_api_keyincludes\class-occ-titles.php:151
authwp_ajax_occ_titles_ajax_validate_google_api_keyincludes\class-occ-titles.php:152
WordPress Hooks 8
actionplugins_loadedincludes\class-occ-titles.php:128
actionadmin_enqueue_scriptsincludes\class-occ-titles.php:142
actionadmin_enqueue_scriptsincludes\class-occ-titles.php:143
actionenqueue_block_editor_assetsincludes\class-occ-titles.php:144
actionadd_meta_boxesincludes\class-occ-titles.php:145
actionadmin_menuincludes\class-occ-titles.php:147
actionadmin_initincludes\class-occ-titles.php:148
actionadmin_noticesincludes\class-occ-titles.php:153
Maintenance & Trust

OneClickContent – Titles Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5
Last updatedMar 22, 2025
PHP min version7.2
Downloads954

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

OneClickContent – Titles Alternatives

LLMs.txt Generator

LLMs.txt Generator

llms-txt-generator

A
92

Optimize your WordPress content for AI discovery and interaction through the llms.txt file, the robots.txt for AI engines.

1K No CVEs
Advanced LLMs.txt Generator

Advanced LLMs.txt Generator

advanced-llms-txt-generator

A
92

Optimize your WordPress content for AI discovery and interaction with the LLMS.txt file, the AI equivalent of robots.txt.

100 No CVEs
RankJet AI-Powered SEO & Ranking Growth

RankJet AI-Powered SEO & Ranking Growth

rankjet-ai

A
100

Supercharge your organic growth. Seamlessly connect WordPress to RankJet AI for automated content intelligence, real-time SEO scoring, and cloud-based …

90 No CVEs
SEMUST

SEMUST

semust

A
100

Connect your WordPress site to SEMUST - the all-in-one SEO platform for content optimization, internal linking, and more.

20 No CVEs
Teaser Post Title

Teaser Post Title

wp-alternative-post-title

A
100

🌟 Skyrocket clicks with irresistible homepage headlines while keeping SEO intact!

10 No CVEs
Developer Profile

OneClickContent – Titles Developer Profile

James Wilson

3 plugins · 50 total installs

92
trust score
Avg Security Score
97/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect OneClickContent – Titles

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/oneclickcontent-titles/admin/css/occ-titles-admin.css/wp-content/plugins/oneclickcontent-titles/admin/js/occ-titles-settings.js/wp-content/plugins/oneclickcontent-titles/admin/js/occ-titles-admin.js
Script Paths
/wp-content/plugins/oneclickcontent-titles/admin/js/occ-titles-settings.js/wp-content/plugins/oneclickcontent-titles/admin/js/occ-titles-admin.js
Version Parameters
oneclickcontent-titles/admin/css/occ-titles-admin.css?ver=oneclickcontent-titles/admin/js/occ-titles-settings.js?ver=oneclickcontent-titles/admin/js/occ-titles-admin.js?ver=

HTML / DOM Fingerprints

Data Attributes
data-nonce="occ_titles_ajax_nonce"
JS Globals
window.occ_titles_admin_vars
FAQ

Frequently Asked Questions about OneClickContent – Titles