Does Promociones TAP have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Promociones TAP compatible with WordPress 4.2.39?

According to WordPress.org data, Promociones TAP 1.0.0 has been tested up to WordPress 4.2.39. Check the plugin's changelog for the latest compatibility information.

How often is Promociones TAP updated?

Promociones TAP was last updated on Sep 2, 2015. Frequent updates are generally a positive security signal.

What is Promociones TAP's security score?

Promociones TAP has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Promociones TAP Security & Risk Analysis

wordpress.org/plugins/promociones-tap

Plugin para publicacion de promociones y/o publicidad.

10 active installs v1.0.0 PHP + WP 3.5.1+ Updated Sep 2, 2015

adsanunciospromocionespublicidad

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Promociones TAP Safe to Use in 2026?

Generally Safe

Score 85/100

Promociones TAP has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The "promociones-tap" plugin v1.0.0 exhibits a concerning security posture primarily due to its unprotected entry points and potential for critical vulnerabilities identified in taint analysis. While the plugin demonstrates some good practices, such as using prepared statements for most SQL queries and including nonce and capability checks, the presence of two AJAX handlers without authentication is a significant weakness. Furthermore, the taint analysis revealing two flows with unsanitized paths, though not reaching critical severity, suggests a high risk of potential injection attacks if these flows are exploited. The absence of any known vulnerabilities in its history is positive, indicating that the developers may be attentive or that the plugin hasn't been a target. However, this cannot overshadow the immediate risks identified in the code.

Key Concerns

AJAX handlers without authentication
Taint flows with unsanitized paths (High severity)
Use of unserialize function
Output escaping is not fully implemented

Vulnerabilities

None known

Promociones TAP Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Promociones TAP Release Timeline

v1.0.0Current

Code Analysis

Analyzed Mar 17, 2026

Promociones TAP Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

107 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$datetime = unserialize( $meta_value );admin\includes\cmb\helpers\cmb_Meta_Box_types.php:486

SQL Query Safety

80% prepared5 total queries

Output Escaping

64% escaped166 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

sanitize_field (admin\includes\cmb\init.php:643)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Promociones TAP Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_cmb_oembed_handleradmin\includes\cmb\init.php:1047

noprivwp_ajax_cmb_oembed_handleradmin\includes\cmb\init.php:1048

WordPress Hooks 66

actionadmin_enqueue_scriptsadmin\class-promociones-tap-admin.php:64

actionadmin_enqueue_scriptsadmin\class-promociones-tap-admin.php:65

actionadmin_menuadmin\class-promociones-tap-admin.php:68

filtercmb_meta_boxesadmin\includes\cmb\example-functions.php:11

actioninitadmin\includes\cmb\example-functions.php:406

filterget_post_metadataadmin\includes\cmb\helpers\cmb_Meta_Box_ajax.php:112

filterupdate_post_metadataadmin\includes\cmb\helpers\cmb_Meta_Box_ajax.php:114

filtercmb_show_onadmin\includes\cmb\init.php:171

actionadmin_enqueue_scriptsadmin\includes\cmb\init.php:175

actionadmin_menuadmin\includes\cmb\init.php:178

actionadd_attachmentadmin\includes\cmb\init.php:179

actionedit_attachmentadmin\includes\cmb\init.php:180

actionsave_postadmin\includes\cmb\init.php:181

actionadmin_enqueue_scriptsadmin\includes\cmb\init.php:182

actionadmin_headadmin\includes\cmb\init.php:185

actionshow_user_profileadmin\includes\cmb\init.php:200

actionedit_user_profileadmin\includes\cmb\init.php:201

actionpersonal_options_updateadmin\includes\cmb\init.php:203

actionedit_user_profile_updateadmin\includes\cmb\init.php:204

actionadmin_headadmin\includes\cmb\init.php:207

filtercmb_meta_boxesadmin\includes\meta-boxes.php:34

actioninitadmin\includes\meta-boxes.php:35

actionadmin_enqueue_scriptsadmin\includes\meta-boxes.php:36

actioninitadmin\includes\options\class-options-framework.php:56

actioninitadmin\includes\options\class-options-framework.php:57

actionadmin_initadmin\includes\options\class-options-framework.php:99

actionadmin_menuadmin\includes\options\class-options-framework.php:100

filteroption_page_capability_optionsframeworkadmin\includes\options\class-options-framework.php:162

actionadmin_enqueue_scriptsadmin\includes\options\class-options-framework.php:237

actionadmin_enqueue_scriptsadmin\includes\options\class-options-framework.php:238

actionadmin_headadmin\includes\options\class-options-framework.php:279

filterof_sanitize_textadmin\includes\options\class-options-sanitize.php:22

filterof_sanitize_passwordadmin\includes\options\class-options-sanitize.php:25

filterof_sanitize_textareaadmin\includes\options\class-options-sanitize.php:28

filterof_sanitize_selectadmin\includes\options\class-options-sanitize.php:31

filterof_sanitize_radioadmin\includes\options\class-options-sanitize.php:34

filterof_sanitize_imagesadmin\includes\options\class-options-sanitize.php:37

filterof_sanitize_checkboxadmin\includes\options\class-options-sanitize.php:40

filterof_sanitize_multicheckadmin\includes\options\class-options-sanitize.php:43

filterof_sanitize_coloradmin\includes\options\class-options-sanitize.php:46

filterof_sanitize_uploadadmin\includes\options\class-options-sanitize.php:49

filterof_sanitize_editoradmin\includes\options\class-options-sanitize.php:52

filterof_sanitize_infoadmin\includes\options\class-options-sanitize.php:55

filterof_sanitize_backgroundadmin\includes\options\class-options-sanitize.php:58

filterof_background_repeatadmin\includes\options\class-options-sanitize.php:59

filterof_background_positionadmin\includes\options\class-options-sanitize.php:60

filterof_background_attachmentadmin\includes\options\class-options-sanitize.php:61

filterof_sanitize_typographyadmin\includes\options\class-options-sanitize.php:64

filterof_font_sizeadmin\includes\options\class-options-sanitize.php:65

filterof_font_styleadmin\includes\options\class-options-sanitize.php:66

filterof_font_faceadmin\includes\options\class-options-sanitize.php:67

actioninitincludes\post-type-promocion.php:26

actioninitincludes\post-type-promocion.php:27

actioncontextual_helpincludes\post-type-promocion.php:28

filterpost_updated_messagesincludes\post-type-promocion.php:30

actionoptionsframework_custom_scriptsoptions.php:22

actionplugins_loadedpromociones-tap.php:48

actionplugins_loadedpromociones-tap.php:53

actionplugins_loadedpromociones-tap.php:73

actionplugins_loadedpromociones-tap.php:77

actionplugins_loadedpromociones-tap.php:83

actioninitpublic\class-promociones-tap.php:67

actionwpmu_new_blogpublic\class-promociones-tap.php:70

actionwp_enqueue_scriptspublic\class-promociones-tap.php:81

actionwp_enqueue_scriptspublic\class-promociones-tap.php:82

actionwp_footerpublic\class-promociones-tap.php:83

Maintenance & Trust

Promociones TAP Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39

Last updatedSep 2, 2015

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Promociones TAP Alternatives

Denakop Plugin

denakop

This plugin is the easiest way to implement Denakop's TAG on your website. Save time and start making money with our platform.

10 No CVEs

Site Kit by Google – Analytics, Search Console, AdSense, Speed

google-site-kit

100

Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.

5.0M 1 CVE

Google for WooCommerce

google-listings-and-ads

Native integration with Google that allows merchants to easily display their products across Google’s network.

900K 1 CVE

GTM4WP – A Google Tag Manager (GTM) plugin for WordPress

duracelltomi-google-tag-manager

Advanced tag management for WordPress with Google Tag Manager

700K 3 CVEs

TablePress – Tables in WordPress made easy

tablepress

Embed beautiful, accessible, and interactive tables into your WordPress website’s posts and pages, without having to write code!

700K 9 CVEs

Developer Profile

Promociones TAP Developer Profile

todoapuestas

5 plugins · 80 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Promociones TAP

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/promociones-tap/assets/css/admin.css/wp-content/plugins/promociones-tap/assets/js/admin.js/wp-content/plugins/promociones-tap/public/js/promociones-tap.js

Script Paths

assets/js/promociones-tap.js

Version Parameters

promociones-tap/assets/css/admin.css?ver=promociones-tap/assets/js/admin.js?ver=promociones-tap/public/js/promociones-tap.js?ver=

HTML / DOM Fingerprints

JS Globals

Promociones_TAPPromociones_TAP_Options_FrameworkPromocion_Post_Type

FAQ