WP-Safety

PageTest.ai – AI-Powered A/B and Multivariate Testing for WordPress Security & Risk Analysis

wordpress.org/plugins/pagetest-ai

Run AI-powered A/B and multivariate tests on your WordPress site—no coding needed. Optimize conversions by finding your best content.

20 active installs v1.0.1 PHP 7.4+ WP 5.6+ Updated Jun 6, 2025
a-b-testingab-testingconversion-optimizationmultivariate-testingsplit-testing
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is PageTest.ai – AI-Powered A/B and Multivariate Testing for WordPress Safe to Use in 2026?

Generally Safe

Score 100/100

PageTest.ai – AI-Powered A/B and Multivariate Testing for WordPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago
Risk Assessment

The pagetest-ai v1.0.1 plugin exhibits a mixed security posture. On the positive side, it demonstrates strong coding practices by utilizing prepared statements for all SQL queries and properly escaping all output, indicating a good defense against common injection vulnerabilities. The absence of dangerous functions, file operations, and any known historical vulnerabilities (CVEs) further contributes to a generally positive security outlook. However, a significant concern arises from its attack surface. The plugin exposes two AJAX handlers, both of which lack authentication checks. This creates a direct and unprotected entry point into the plugin's functionality, potentially allowing any unauthenticated user to trigger these actions. While taint analysis did not reveal any explicit unsanitized flows, the lack of authorization on these AJAX handlers is a critical oversight that could be exploited if the actions they perform are sensitive or could lead to undesirable side effects when triggered by unauthorized users.

Key Concerns

  • AJAX handlers without authentication
  • Lack of capability checks on entry points
Vulnerabilities
None known

PageTest.ai – AI-Powered A/B and Multivariate Testing for WordPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

PageTest.ai – AI-Powered A/B and Multivariate Testing for WordPress Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
11 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
4
Bundled Libraries
0

Output Escaping

100% escaped11 total outputs
Attack Surface
2 unprotected

PageTest.ai – AI-Powered A/B and Multivariate Testing for WordPress Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_pagetest_loginadmin\login.php:99
authwp_ajax_pagetest_logoutadmin\login.php:157
WordPress Hooks 9
actionadmin_enqueue_scriptsadmin\login.php:96
actioninitadmin\login.php:191
actioninitadmin\login.php:192
actionupdate_optionadmin\settings.php:76
actionwp_enqueue_scriptsinc\functions.php:27
actionwp_enqueue_scriptsinc\functions.php:81
actionadmin_menupagetest.php:52
actionadmin_enqueue_scriptspagetest.php:74
actionadmin_initpagetest.php:169
Maintenance & Trust

PageTest.ai – AI-Powered A/B and Multivariate Testing for WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJun 6, 2025
PHP min version7.4
Downloads1K

Community Trust

Rating100/100
Number of ratings1
Active installs20
Alternatives

PageTest.ai – AI-Powered A/B and Multivariate Testing for WordPress Alternatives

Unbounce Landing Pages

Unbounce Landing Pages

unbounce

A
100

Unbounce is the most powerful standalone landing page builder available.

10K No CVEs
Convert Experiences

Convert Experiences

convert-experiments

A
100

Convert Experiences provides advanced A/B and MVT Testing functionality for your website or blog.

100 No CVEs
Sigmize: A/B Testing, Session Recordings, Heatmaps & Revenue Tracking for WooCommerce, SureCart & EDD

Sigmize: A/B Testing, Session Recordings, Heatmaps & Revenue Tracking for WooCommerce, SureCart & EDD

sigmize

A
99

Powerful A/B testing for WordPress with heatmaps, session replays, and e-commerce tracking for WooCommerce, SureCart, and EDD.

100 1 CVE
abtestkit – AB testing for WooCommerce

abtestkit – AB testing for WooCommerce

abtestkit

A
100

Split testing for WooCommerce, compatible with all themes, page builders & caching plugins.

10 No CVEs
Landing Lion Landing Pages

Landing Lion Landing Pages

landing-lion-landing-pages

A
85

Landing Lion is the easiest and fastest landing page builder to create landing pages for your brand.

10 No CVEs
Developer Profile

PageTest.ai – AI-Powered A/B and Multivariate Testing for WordPress Developer Profile

pagetestai

1 plugin · 20 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect PageTest.ai – AI-Powered A/B and Multivariate Testing for WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/pagetest-ai/assets/admin-style.css/wp-content/plugins/pagetest-ai/assets/login.css/wp-content/plugins/pagetest-ai/assets/logo-style.css/wp-content/plugins/pagetest-ai/inc/admin.js
Script Paths
/wp-content/plugins/pagetest-ai/inc/admin.js
Version Parameters
pagetest-admin-style?ver=1.0.1pagetest-login-style?ver=1.0.0pagetest-logo-style?ver=1.0.0

HTML / DOM Fingerprints

CSS Classes
login-containerpagetest-login-logoform-grouplogin-buttonforgot-passwordregister
Data Attributes
id="pagetest-login-form"id="pagetest_email"id="pagetest_password"
JS Globals
pagetest_ajax
REST Endpoints
/wp-json/pagetest/v1/endpoint
FAQ

Frequently Asked Questions about PageTest.ai – AI-Powered A/B and Multivariate Testing for WordPress