Does Quick-Insight have any unpatched vulnerabilities?

No. All known vulnerabilities in Quick-Insight have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Quick-Insight compatible with WordPress 6.6.5?

According to WordPress.org data, Quick-Insight 1.0.1 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is Quick-Insight compatible with PHP 7.2+?

Quick-Insight requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Quick-Insight updated?

Quick-Insight was last updated on Aug 5, 2025. Frequent updates are generally a positive security signal.

What is Quick-Insight's security score?

Quick-Insight has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Quick-Insight Security & Risk Analysis

wordpress.org/plugins/quick-insights

Quickly view active theme, post/page count, and storage stats with REST API and React for interactive insights.

0 active installs v1.0.1 PHP 7.2+ WP 5.0+ Updated Aug 5, 2025

insightpage-countpost-countstorage-overviewtheme-information

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Quick-Insight Safe to Use in 2026?

Generally Safe

Score 100/100

Quick-Insight has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8mo ago

Risk Assessment

The Quick Insights plugin v1.0.1 exhibits a concerning security posture primarily due to its significant attack surface lacking authentication. While the static analysis indicates good practices in areas like SQL prepared statements and output escaping, the presence of three REST API routes without permission callbacks represents a critical vulnerability. This means any user, including unauthenticated ones, can potentially trigger these endpoints, leading to unintended actions or information disclosure.

The absence of any recorded CVEs and the clean taint analysis are positive signs, suggesting the developers are likely not introducing common, easily detectable vulnerabilities. However, this historical cleanliness does not negate the immediate risks identified in the current code. The complete lack of nonce checks and capability checks on the identified entry points further exacerbates the risk, as there are no standard WordPress security mechanisms in place to protect these functions.

In conclusion, while the plugin demonstrates strengths in how it handles data and queries, the lack of proper authorization on its REST API routes is a severe weakness. This makes the plugin highly susceptible to unauthorized access and manipulation. Addressing these unprotected entry points should be the highest priority for the plugin's security.

Key Concerns

REST API routes without permission callbacks
AJAX handlers without auth checks
No nonce checks on entry points
No capability checks on entry points

Vulnerabilities

None known

Quick-Insight Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Quick-Insight Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

3 unprotected

Quick-Insight Attack Surface

Entry Points3

Unprotected3

REST API Routes 3

GET/wp-json/quick-insights-api/v1/storagequick-insights.php:90

GET/wp-json/quick-insights-api/v1/active-pluginsquick-insights.php:97

GET/wp-json/quick-insights-api/v1/active-themequick-insights.php:102

WordPress Hooks 3

actionadmin_enqueue_scriptsquick-insights.php:32

actionwp_dashboard_setupquick-insights.php:43

actionrest_api_initquick-insights.php:107

Maintenance & Trust

Quick-Insight Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedAug 5, 2025

PHP min version7.2

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Quick-Insight Alternatives

Advance User Post CRUD

advance-user-post-crud

100

Advance User CRUD lets you see different posts, pages and attachments created by a user. And lets you manage the user generated posts.

10 No CVEs

MCB – Stats

mcb-stats

MCB Stats collects statistics of users who access to the front part of wordpress, MCB Stast is capable of collecting the total amount of time a user s …

10 No CVEs

Site Kit by Google – Analytics, Search Console, AdSense, Speed

google-site-kit

100

Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.

5.0M 1 CVE

WP Statistics – Simple, privacy-friendly Google Analytics alternative

wp-statistics

Get website traffic insights with GDPR/CCPA compliant, privacy-friendly analytics. Includes visitor data, stunning graphs, and no data sharing.

600K 35 CVEs

Hotjar

hotjar

The fast & visual way to understand your users.

80K 1 CVE

Developer Profile

Quick-Insight Developer Profile

Ahsan Riad

2 plugins · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Quick-Insight

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/quick-insights/dist/bundle.js

Script Paths