
Pushnami – Web Push Notifications Security & Risk Analysis
wordpress.org/plugins/pushnami-web-push-notificationsWith push notifications from Pushnami, you can send messages via desktop & mobile browsers with ease. Users opt-in with one click, no email required.
Is Pushnami – Web Push Notifications Safe to Use in 2026?
Generally Safe
Score 100/100Pushnami – Web Push Notifications has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'pushnami-web-push-notifications' plugin v1.1.6 exhibits a strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points is a significant strength, indicating a minimal attack surface. Furthermore, the code demonstrates good security practices with 100% of SQL queries using prepared statements and a high percentage of output properly escaped. The lack of dangerous functions and external HTTP requests further contributes to its secure foundation. The plugin also has a clean vulnerability history, with no recorded CVEs, which suggests consistent security maintenance or a lack of past exploitable issues.
While the static analysis is largely positive, there are a few areas that warrant attention. The presence of file operations, although not directly flagged as a risk in the taint analysis, could potentially be an attack vector if not handled with extreme care. The absence of capability checks is also a point of concern, especially if the plugin interacts with sensitive user data or functionality. Despite these minor observations, the overall security of this plugin appears to be robust. The developer has implemented sound security practices, and the lack of known vulnerabilities is reassuring. Users can generally have confidence in the security of this plugin, but awareness of potential file operation and capability check implications is advised.
Key Concerns
- No capability checks found
- File operations present
Pushnami – Web Push Notifications Security Vulnerabilities
Pushnami – Web Push Notifications Release Timeline
Pushnami – Web Push Notifications Code Analysis
Output Escaping
Data Flow Analysis
Pushnami – Web Push Notifications Attack Surface
WordPress Hooks 9
Maintenance & Trust
Pushnami – Web Push Notifications Maintenance & Trust
Maintenance Signals
Community Trust
Pushnami – Web Push Notifications Alternatives
Web Push Notifications – Webpushr
webpushr-web-push-notifications
Fastest growing & lightweight plugin for Web Push Notifications. Add browser push notifications to your WordPress & WooCommerce site.
Push Notifications by LaraPush
push-notifications-by-larapush
LaraPush's "Push Notifications" is a premium add-on exclusively available for the larapush pro panel. With this add-on, users can easil …
Subscribers – Free Web Push Notifications
subscribers-com
Web push notifications for your website. Available in Chrome, Firefox, Edge, Opera, Android, Safari, AMP.
SendPulse Free Web Push
sendpulse-web-push
Web push notifications for your website. Available in Chrome (Android and desktop), Firefox (Android and desktop) and Safari (desktop).
SmartPush – Free Web Push Notifications
smartpush-web-push-notifications
Web push notifications for your website. Available in Chrome & Firefox (desktop) with support for Android and Safari coming soon.
Pushnami – Web Push Notifications Developer Profile
1 plugin · 50 total installs
How We Detect Pushnami – Web Push Notifications
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/pushnami-web-push-notifications/pushnami.php/wp-content/plugins/pushnami-web-push-notifications/includes/class-pushnami.phpHTML / DOM Fingerprints
/*pn_wordpress*/content="wordpress-plugin"window.pnwindow.pn.setupwindow.pn.subscribe