WP-Safety

RW PostViewStats Lite Security & Risk Analysis

wordpress.org/plugins/rw-postviewstats-lite

A lightweight plugin to track post views via AJAX with anti-duplicate mechanisms and privacy-friendly design.

0 active installs v1.0.2 PHP 8.2+ WP 6.6+ Updated Oct 18, 2025
analyticspage-viewspost-viewsstatisticsview-counter
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is RW PostViewStats Lite Safe to Use in 2026?

Generally Safe

Score 100/100

RW PostViewStats Lite has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The "rw-postviewstats-lite" v1.0.2 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for its SQL queries and ensuring all output is properly escaped. It also has a clean vulnerability history with no recorded CVEs, which suggests a commitment to secure coding or a lack of discovered vulnerabilities. However, the plugin presents significant security concerns due to its unprotected entry points. Specifically, two AJAX handlers and one REST API route lack authentication checks, creating an open door for potential exploitation if they handle user-supplied data without proper validation or authorization.

Key Concerns

  • AJAX handlers without auth checks
  • REST API routes without permission callbacks
Vulnerabilities
None known

RW PostViewStats Lite Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

RW PostViewStats Lite Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
0
62 escaped
Nonce Checks
5
Capability Checks
3
File Operations
2
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

100% escaped62 total outputs
Attack Surface
3 unprotected

RW PostViewStats Lite Attack Surface

Entry Points4
Unprotected3

AJAX Handlers 2

noprivwp_ajax_rwpsl_add_viewincludes\core\HooksRegistrar.php:79
authwp_ajax_rwpsl_add_viewincludes\core\HooksRegistrar.php:80

REST API Routes 1

GET/wp-json/rwpsl/v1/views/(?P<id>\d+)includes\modules\restapi\RestApi.php:29

Shortcodes 1

[rwpsl_post_views] includes\core\HooksRegistrar.php:76
WordPress Hooks 20
actionadmin_noticesincludes\admin\ui\AdminNotice.php:46
actionadmin_initincludes\core\HooksRegistrar.php:31
actionadmin_initincludes\core\HooksRegistrar.php:32
actionadmin_menuincludes\core\HooksRegistrar.php:45
actionadmin_menuincludes\core\HooksRegistrar.php:46
actionadmin_menuincludes\core\HooksRegistrar.php:47
actionadmin_post_rwpsl_save_settingsincludes\core\HooksRegistrar.php:50
actionadmin_post_rwpsl_cleanerincludes\core\HooksRegistrar.php:51
actionadmin_post_rwpsl_export_csvincludes\core\HooksRegistrar.php:52
actionadmin_initincludes\core\HooksRegistrar.php:55
actionupdate_option_rwpsl_settingsincludes\core\HooksRegistrar.php:59
filtermanage_posts_columnsincludes\core\HooksRegistrar.php:62
actionmanage_posts_custom_columnincludes\core\HooksRegistrar.php:63
filtermanage_page_posts_columnsincludes\core\HooksRegistrar.php:64
actionmanage_page_posts_custom_columnincludes\core\HooksRegistrar.php:65
actionadmin_enqueue_scriptsincludes\core\HooksRegistrar.php:69
actionwp_enqueue_scriptsincludes\core\HooksRegistrar.php:81
actionplugins_loadedincludes\core\plugin.php:6
actionrest_api_initincludes\modules\restapi\RestApi.php:19
filterpre_get_postsincludes\modules\sort\Sort.php:26
Maintenance & Trust

RW PostViewStats Lite Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 18, 2025
PHP min version8.2
Downloads167

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

RW PostViewStats Lite Alternatives

Countera

Countera

countera

A
92

Track post view count by user and date for better insights.

10 No CVEs
Single Post View Counter

Single Post View Counter

single-post-view-counter

A
92

A simple plugin to count and display post views on each post page. Tracks views and shows the view count at the end of each post.

0 No CVEs
Concise Counter of Post Views

Concise Counter of Post Views

concise-counter-of-post-views

A
100

⚠️ This plugin has been replaced by RW PostViewStats Lite.

0 No CVEs
Post Views by DevDesignDazzle

Post Views by DevDesignDazzle

devdesigndazzle-post-views

A
100

Post Views tracks WordPress views with bot filtering, stats, and top posts displays. Customize easily and boost your site!

0 No CVEs
Epic Tracking

Epic Tracking

epic-tracking

A
100

Easy event tracking for WordPress. Point, click, and track — no code, no tag managers, no third-party scripts.

0 No CVEs
Developer Profile

RW PostViewStats Lite Developer Profile

RobertWP

3 plugins · 30 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect RW PostViewStats Lite

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/rw-postviewstats-lite/assets/css/admin-style.css/wp-content/plugins/rw-postviewstats-lite/assets/js/admin-script.js/wp-content/plugins/rw-postviewstats-lite/assets/js/frontend-script.js
Script Paths
/wp-content/plugins/rw-postviewstats-lite/assets/js/admin-script.js/wp-content/plugins/rw-postviewstats-lite/assets/js/frontend-script.js
Version Parameters
rw-postviewstats-lite/assets/css/admin-style.css?ver=rw-postviewstats-lite/assets/js/admin-script.js?ver=rw-postviewstats-lite/assets/js/frontend-script.js?ver=

HTML / DOM Fingerprints

HTML Comments
<!-- Data Cleaner -->
Data Attributes
data-rwpsl-admin-post-urldata-rwpsl-nonce-action
JS Globals
rwpsl
REST Endpoints
/wp-json/rwpsl/v1/views/
Shortcode Output
[rwpsl_post_views]
FAQ

Frequently Asked Questions about RW PostViewStats Lite