Does QuickPress AI have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is QuickPress AI compatible with WordPress 6.7.5?

According to WordPress.org data, QuickPress AI 1.9.2 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is QuickPress AI compatible with PHP 7.2+?

QuickPress AI requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is QuickPress AI updated?

QuickPress AI was last updated on Feb 15, 2025. Frequent updates are generally a positive security signal.

What is QuickPress AI's security score?

QuickPress AI has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

QuickPress AI Security & Risk Analysis

wordpress.org/plugins/quickpressai

Quickly generate high-quality content in WordPress with an AI writing assistant that prioritizes creative freedom, flexibility, and ease of use.

10 active installs v1.9.2 PHP 7.2+ WP 5.8+ Updated Feb 15, 2025

aiautomationcontent-creationcontent-generatorseo

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is QuickPress AI Safe to Use in 2026?

Generally Safe

Score 92/100

QuickPress AI has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The quickpressai plugin v1.9.2 exhibits a concerning security posture due to a significant number of unprotected AJAX endpoints. While the plugin demonstrates good practices in output escaping and a lack of known historical vulnerabilities, the sheer volume of entry points accessible without proper authentication checks creates a substantial attack surface. The static analysis reveals 11 out of 12 AJAX handlers lack authentication, presenting a high risk of unauthorized actions being performed by unauthenticated users.

Although no critical or high-severity taint flows were identified, and the plugin avoids dangerous functions, the unprotected AJAX endpoints are a critical concern. The SQL queries are also a point of weakness, as none of them utilize prepared statements, which could lead to SQL injection vulnerabilities if data from these endpoints is not meticulously sanitized before being used in queries. The presence of external HTTP requests also warrants attention, as these could be exploited for various attacks if not properly secured.

The lack of any recorded vulnerabilities in its history is a positive indicator, suggesting developers may have a generally security-conscious approach. However, this should not overshadow the immediate risks posed by the current static analysis findings. The plugin's strengths lie in its properly escaped output and the absence of known CVEs, but these are significantly outweighed by the critical security oversight of unprotected AJAX endpoints and the use of raw SQL queries.

Key Concerns

Unprotected AJAX handlers
SQL queries without prepared statements
External HTTP requests

Vulnerabilities

None known

QuickPress AI Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

QuickPress AI Release Timeline

v1.9.2Current

v1.9.1

v1.8.0

v1.7.6

v1.7.5

v1.7.4

Code Analysis

Analyzed Mar 17, 2026

QuickPress AI Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

72 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared3 total queries

Output Escaping

100% escaped72 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

quickpress_ai_fetch_serpstack_data_ajax (quickpressai.php:1198)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

11 unprotected

QuickPress AI Attack Surface

Entry Points12

Unprotected11

AJAX Handlers 12

authwp_ajax_quickpress_ai_rewrite_titlequickpressai.php:642

authwp_ajax_quickpress_ai_add_to_contentquickpressai.php:682

authwp_ajax_quickpress_ai_refine_inlinequickpressai.php:989

authwp_ajax_quickpress_ai_generate_excerptquickpressai.php:1079

authwp_ajax_fetch_serpstack_dataquickpressai.php:1280

noprivwp_ajax_fetch_serpstack_dataquickpressai.php:1281

authwp_ajax_quickpress_ai_fetch_api_usagequickpressai.php:1297

noprivwp_ajax_quickpress_ai_fetch_api_usagequickpressai.php:1298

authwp_ajax_quickpress_ai_fetch_saved_ideasquickpressai.php:1448

noprivwp_ajax_quickpress_ai_fetch_saved_ideasquickpressai.php:1449

authwp_ajax_quickpress_ai_delete_saved_ideaquickpressai.php:1466

noprivwp_ajax_quickpress_ai_delete_saved_ideaquickpressai.php:1467

WordPress Hooks 9

actionadmin_enqueue_scriptsquickpressai.php:46

actioninitquickpressai.php:54

actionplugins_loadedquickpressai.php:59

actionadmin_noticesquickpressai.php:61

actionadmin_menuquickpressai.php:70

actionadmin_initquickpressai.php:71

filterpre_update_option_quickpress_ai_settingsquickpressai.php:208

actionadmin_initquickpressai.php:323

actionenqueue_block_editor_assetsquickpressai.php:637

Maintenance & Trust

QuickPress AI Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedFeb 15, 2025

PHP min version7.2

Downloads608

Community Trust

Rating80/100

Number of ratings1

Active installs10

Alternatives

QuickPress AI Alternatives

ClearPost – AI Blog Post Generator & Automated SEO Content Writer for WordPress

clearpost-simple-ai-auto-post

100

Automatically generate and publish SEO-optimized blog posts with AI. Your automated blog content engine for WordPress. Free forever, premium autopilot …

20 No CVEs

Lovarank

lovarank

100

Lovarank automatically researches keywords, generates SEO-optimized articles, and publishes them to your WordPress site as posts or drafts.

10 No CVEs

NexMind

nexmind

A WordPress plugin that brings your generated content into WordPress Posts.

10 No CVEs

Addlly AI – AI Content Writer and 1 Click AI Blog Generator

addlly

Create SEO-optimized blogs in one click with the best AI writer for WordPress. Get topic suggestions, keywords, meta tags, FAQ schema.

0 No CVEs

Easy AI Blog Generator

easy-ai-blog-generator

Generate SEO-optimized blog posts automatically with AI. Create content in seconds. Full-featured blog automation tool and image generation.

0 No CVEs

Developer Profile

QuickPress AI Developer Profile

quickpressai

1 plugin · 10 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect QuickPress AI

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/quickpressai/dist/css/index.css/wp-content/plugins/quickpressai/dist/js/index.js

Script Paths

/wp-content/plugins/quickpressai/dist/js/index.js

Version Parameters

quickpressai/dist/css/index.css?ver=quickpressai/dist/js/index.js?ver=

HTML / DOM Fingerprints

CSS Classes

quickpressai-settings-page

Data Attributes

data-quickpressai-editor-mode

JS Globals

QuickPressAIquickpress_ai_params

REST Endpoints

/wp-json/quickpressai/v1/generate_content/wp-json/quickpressai/v1/fetch_models

FAQ