Does PLX Portal Connector v2 for WordPress have any unpatched vulnerabilities?

No. All known vulnerabilities in PLX Portal Connector v2 for WordPress have been patched as of the latest data update. Always keep the plugin updated to the latest version.

How often is PLX Portal Connector v2 for WordPress updated?

PLX Portal Connector v2 for WordPress was last updated on Feb 2, 2023. Frequent updates are generally a positive security signal.

What is PLX Portal Connector v2 for WordPress's security score?

PLX Portal Connector v2 for WordPress has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

PLX Portal Connector v2 for WordPress Security & Risk Analysis

wordpress.org/plugins/plx-portal-connector

Connects your WordPress site with the Purplex Portal system.

200 active installs v2.0.2 PHP + WP + Updated Feb 2, 2023

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is PLX Portal Connector v2 for WordPress Safe to Use in 2026?

Generally Safe

Score 85/100

PLX Portal Connector v2 for WordPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The plx-portal-connector plugin, version 2.0.2, exhibits a mixed security posture. On the positive side, static analysis reveals no immediate critical vulnerabilities. There are no dangerous functions, no raw SQL queries, no file operations, and no bundled libraries that might carry known vulnerabilities. The complete absence of known CVEs in its history is also a strong indicator of a well-maintained and secure plugin.

However, several concerning areas warrant attention. The analysis shows that 71% of output is not properly escaped, posing a significant risk of Cross-Site Scripting (XSS) vulnerabilities, especially if any of the external HTTP requests or the limited flows processed by the plugin involve user-supplied data. Furthermore, the taint analysis indicates two flows with unsanitized paths, which could potentially lead to path traversal vulnerabilities if not handled with extreme care. The lack of nonce checks and capability checks on all entry points (even though the attack surface is currently zero) means that if new entry points are added in future versions without proper security considerations, the plugin could become vulnerable.

While the plugin currently has no recorded vulnerabilities and a seemingly small attack surface, the high percentage of unescaped output and the presence of unsanitized paths are significant weaknesses. The developer should prioritize addressing these areas to improve the plugin's overall security. The current strengths lie in its clean SQL practices and lack of known external threats, but the identified code-level concerns present a potential risk that needs mitigation.

Key Concerns

High percentage of unescaped output
Flows with unsanitized paths
No capability checks on entry points
No nonce checks on entry points

Vulnerabilities

None known

PLX Portal Connector v2 for WordPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

PLX Portal Connector v2 for WordPress Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

29% escaped7 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

store (PlxPortal\Content\Content.php:21)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

PLX Portal Connector v2 for WordPress Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 9

actionadmin_enqueue_scriptsPlxPortal\Admin\Enqueue.php:9

actionadd_meta_boxesPlxPortal\Admin\MetaBox.php:29

actionrest_api_initPlxPortal\Api\Api.php:19

actionupgrader_process_completePlxPortal\Config\PlxPortal.php:27

actionupdate_option_siteurlPlxPortal\Config\PlxPortal.php:28

actionwp_insert_postPlxPortal\Content\AccessToken.php:13

filterwp_insert_post_dataPlxPortal\Content\Content.php:12

actioninitPlxPortal\Content\ContentCpt.php:11

actionsave_postPlxPortal\Content\Replaceables.php:14

Maintenance & Trust

PLX Portal Connector v2 for WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested

Last updatedFeb 2, 2023

PHP min version

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs200

Alternatives

PLX Portal Connector v2 for WordPress Alternatives

No alternatives data available yet.

Developer Profile

PLX Portal Connector v2 for WordPress Developer Profile

Webmaster

3 plugins · 430 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect PLX Portal Connector v2 for WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/plx-portal-connector/assets/style.css

Version Parameters

plx_portal_admin_stylesplx-portal-connector/assets/style.css?ver=2.0.0

HTML / DOM Fingerprints

CSS Classes

post-attributes-label

HTML Comments



		TM
████████╗██╗     ███╗   ███╗
██╔═══██║██║      ███╗ ███╔╝
████████║██║       ██████╔╝
██╔═════╝██║      ███╔╝███╗
██║      ███████╗███╔╝  ███╗
╚═╝      ╚══════╝╚══╝   ╚══╝
    POWER YOUR WORDPRESS
       http://plx.mk

Data Attributes

name="plx_meta_noncename"name="plx_portal_content_connector_side"

REST Endpoints

/wp-json/plx-portal/v1/sync

Shortcode Output

plxportal

FAQ