Does Quevedo have any unpatched vulnerabilities?

No. All known vulnerabilities in Quevedo have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Quevedo compatible with WordPress 6.8.5?

According to WordPress.org data, Quevedo 1.3 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is Quevedo updated?

Quevedo was last updated on May 5, 2025. Frequent updates are generally a positive security signal.

What is Quevedo's security score?

Quevedo has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Quevedo Security & Risk Analysis

wordpress.org/plugins/quevedo

Quevedo is a suite of tools for bloggers and content creators.

10 active installs v1.3 PHP + WP 4.6+ Updated May 5, 2025

bloggingcontentseowriting

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Quevedo Safe to Use in 2026?

Generally Safe

Score 100/100

Quevedo has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

The "quevedo" plugin v1.3 exhibits a strong security posture based on the provided static analysis. All identified output is properly escaped, and SQL queries exclusively utilize prepared statements, mitigating common injection risks. The absence of file operations and external HTTP requests further reduces the potential attack surface. The presence of nonce checks on its entry points is a positive indicator of input validation. The plugin also has no recorded vulnerabilities, historical or current, which is a significant strength. However, the complete absence of capability checks on its entry points (shortcodes in this case) represents a notable concern. While there are no unauthenticated entry points detected, a lack of role-based access control means that any authenticated user, regardless of their role or permissions, could potentially interact with and trigger the functionality exposed by these shortcodes. This could lead to unintended consequences or privilege escalation in certain contexts if the shortcode's functionality is sensitive. Therefore, while the plugin is well-developed regarding direct vulnerabilities, a lack of granular access control is a potential weakness that should be addressed to ensure robust security.

Key Concerns

No capability checks on entry points

Vulnerabilities

None known

Quevedo Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Quevedo Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

29 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped29 total outputs

Attack Surface

Quevedo Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[lipsum] quevedo-shortcodes.php:50

[year] quevedo-shortcodes.php:56

WordPress Hooks 13

actionadmin_noticesclass-notice.php:51

actiontemplate_redirectquevedo-actions.php:25

filterauthor_linkquevedo-actions.php:36

filterthe_author_posts_linkquevedo-actions.php:43

actionafter_setup_themequevedo-actions.php:48

actionadmin_initquevedo-actions.php:55

filterallowed_block_types_allquevedo-actions.php:65

actiontemplate_redirectquevedo-actions.php:85

filterdefault_post_metadataquevedo-actions.php:122

actioninitquevedo.php:24

actioninitquevedo.php:49

actionadmin_menuquevedo.php:79

filterplugin_action_linksquevedo.php:94

Maintenance & Trust

Quevedo Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMay 5, 2025

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings2

Active installs10

Alternatives

Quevedo Alternatives

ContentPen

contentpen

100

AI-Powered SEO Content Writing Assistant

200 No CVEs

AI Article Generator for WordPress

ai-contents-generator-wp

100

Enhance your WordPress writing experience with Contents.ai's innovative AI plugin.

20 No CVEs

Surfer – WordPress Plugin

surferseo

Connect Surfer's Content Editor to WordPress. Write and optimize your articles for SEO, find new keyword ideas and publish straight to WordPress.

6K 3 CVEs

Arvow AI SEO Writer

journalist-ai

100

The AI SEO writer that generates human-like content and auto-publishes it to your WordPress blog.

900 No CVEs

Quickcreator – AI Blog Writer

quickcreator

Integrate QuickCreator's Content Editor with WordPress for AI-driven SEO content creation and seamless publishing.

600 1 CVE

Developer Profile

Quevedo Developer Profile

Nilo Velez

4 plugins · 17K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Quevedo

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam justo odio, interdum sit amet egestas venenatis, tempor id erat. Cras lacus libero, lobortis ut posuere vel, vestibulum sit amet massa. Maecenas ac nulla eget arcu vehicula gravida aliquet a leo. Quisque dignissim velit ac nibh dictum convallis. Ut nec quam et nunc ultricies tempor ac at ligula. Mauris non condimentum libero. Ut odio leo, vehicula ut

FAQ