WP-Safety

Outranking Plugin Options Security & Risk Analysis

wordpress.org/plugins/outranking

A simple plugin to extend functionalities of Outranking.io content writing tool.

100 active installs v1.1.3 PHP 5.6+ WP 5.0+ Updated Oct 25, 2023
contentcontent-editingcontent-writingseoseo-content
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Outranking Plugin Options Safe to Use in 2026?

Generally Safe

Score 85/100

Outranking Plugin Options has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago
Risk Assessment

The "outranking" v1.1.3 plugin exhibits a mixed security posture. While it demonstrates good practices in areas like SQL query sanitization and output escaping, significant concerns arise from its unprotected entry points. The plugin exposes a considerable attack surface with 11 total entry points, 7 of which lack proper authentication or permission checks. This presents a substantial risk, as unauthenticated access to these handlers and routes could potentially lead to unauthorized actions or information disclosure. The taint analysis, while limited in scope, found two flows with unsanitized paths, although they were not flagged as critical or high severity. The complete absence of known vulnerabilities in its history is a positive indicator, suggesting a lack of publicly disclosed security flaws. However, this does not negate the inherent risks posed by the unprotected entry points, which remain a primary concern. The plugin's strengths lie in its SQL handling and output escaping, but these are overshadowed by the critical need for robust access control on its exposed functionalities.

Key Concerns

  • AJAX handlers without auth checks
  • REST API routes without permission callbacks
  • Flows with unsanitized paths
  • No nonce checks
  • No capability checks
Vulnerabilities
None known

Outranking Plugin Options Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Outranking Plugin Options Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
5
45 escaped
Nonce Checks
0
Capability Checks
0
File Operations
2
External Requests
3
Bundled Libraries
0

Output Escaping

90% escaped50 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
outranking_save_token (inc\ajax.php:8)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
7 unprotected

Outranking Plugin Options Attack Surface

Entry Points11
Unprotected7

AJAX Handlers 4

authwp_ajax_outranking_save_tokenoutranking.php:70
authwp_ajax_outranking_refresh_metaboxoutranking.php:71
authwp_ajax_outranking_import_articleoutranking.php:72
authwp_ajax_outranking_export_articleoutranking.php:73

REST API Routes 7

POST/wp-json/outranking/v1/create-postapi\api.php:33
POST/wp-json/outranking/v1/update-postapi\api.php:120
POST/wp-json/outranking/v1/selective-updateapi\api.php:190
GET/wp-json/outranking/v1/is-plugin-installedapi\api.php:282
GET/wp-json/outranking/v1/is-url-existsapi\api.php:303
POST/wp-json/outranking/v1/url-typesapi\api.php:330
GET/wp-json/outranking/v1/search-keywordapi\api.php:365
WordPress Hooks 13
actionrest_api_initapi\api.php:30
filtercontent_save_preapi\api.php:98
filtercontent_filtered_save_preapi\api.php:99
actionrest_api_initapi\api.php:116
filtercontent_save_preapi\api.php:173
filtercontent_filtered_save_preapi\api.php:174
actionrest_api_initapi\api.php:187
actionrest_api_initapi\api.php:279
actionrest_api_initapi\api.php:300
actionrest_api_initapi\api.php:327
actionrest_api_initapi\api.php:362
actionadd_meta_boxesoutranking.php:37
actionadmin_enqueue_scriptsoutranking.php:61
Maintenance & Trust

Outranking Plugin Options Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10
Last updatedOct 25, 2023
PHP min version5.6
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs100
Alternatives

Outranking Plugin Options Alternatives

Content Writer

Content Writer

content-writer

A
99

Allows users to order, post and socially share uniquely written content to their blog.

200 1 CVE
Surfer – WordPress Plugin

Surfer – WordPress Plugin

surferseo

A
97

Connect Surfer's Content Editor to WordPress. Write and optimize your articles for SEO, find new keyword ideas and publish straight to WordPress.

6K 3 CVEs
Quickcreator – AI Blog Writer

Quickcreator – AI Blog Writer

quickcreator

A
97

Integrate QuickCreator's Content Editor with WordPress for AI-driven SEO content creation and seamless publishing.

600 1 CVE
ContentPen

ContentPen

contentpen

A
100

AI-Powered SEO Content Writing Assistant

200 No CVEs
Accounting Records Copywriter

Accounting Records Copywriter

accounting-records-copywriter

A
85

Упрощение работы администратора с копиратером рерайтером на вашем блоге / Admin’s work simplification with copywriter rewriter for your blog

10 No CVEs
Developer Profile

Outranking Plugin Options Developer Profile

Outanking Team

1 plugin · 100 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Outranking Plugin Options

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/outranking/assets/images/outranking_dark_long.png/wp-content/plugins/outranking/assets/css/outranking_admin.css/wp-content/plugins/outranking/assets/js/outranking_admin.js
Script Paths
assets/js/outranking_admin.js
Version Parameters
outranking/assets/css/outranking_admin.css?ver=outranking/assets/js/outranking_admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
outranking-meta-box-header
REST Endpoints
/outranking/v1/create-post/outranking/v1/update-post
FAQ

Frequently Asked Questions about Outranking Plugin Options