Sajjetti – AI Audit Security & Risk Analysis
wordpress.org/plugins/sajjetti-auditAI-assisted theme and plugin scanner for security, performance, and best practices. Provides clear, actionable insights.
Is Sajjetti – AI Audit Safe to Use in 2026?
Generally Safe
Score 100/100Sajjetti – AI Audit has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The sajjetti-audit v1.0.0 plugin presents a mixed security picture. On the positive side, the plugin boasts a remarkably small attack surface with no apparent AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, the static analysis shows no critical or high severity taint flows, a clean history of known CVEs, and a strong adherence to using prepared statements for SQL queries. This indicates a generally well-developed plugin with good awareness of common web vulnerabilities.
However, significant concerns arise from the lack of proper output escaping, with only 4% of outputs being properly escaped. This creates a high risk of cross-site scripting (XSS) vulnerabilities, where malicious code could be injected into the website. Additionally, the absence of any nonce or capability checks across all entry points, combined with a complete lack of direct security checks (nonce/capability checks), is a critical oversight. This means that even if the attack surface were larger, any potential entry points would be entirely unprotected against unauthorized actions.
In conclusion, while the plugin excels in minimizing its attack surface and handling SQL securely, the severe deficiency in output escaping and the complete lack of authorization checks are major security weaknesses. These issues, if exploited, could lead to significant compromise. The absence of historical vulnerabilities is positive but cannot negate the current, evident risks.
Key Concerns
- Output escaping is severely lacking
- No nonce checks found
- No capability checks found
Sajjetti – AI Audit Security Vulnerabilities
Sajjetti – AI Audit Code Analysis
SQL Query Safety
Output Escaping
Sajjetti – AI Audit Attack Surface
Maintenance & Trust
Sajjetti – AI Audit Maintenance & Trust
Maintenance Signals
Community Trust
Sajjetti – AI Audit Alternatives
WPLifeCycle – Free PHP Version Info & Website Manager
free-php-version-info
This plugin shows your current PHP version, its lifecycle security support days, and can send version data to the WPLifeCycle for proactive planning.
WP Scanner – Performance and Security
wp-scanner
Scan your WordPress site and receive recommendations on how to improve load time, performance and security.
Site Checker: All-in-One QA Testing, Speed, Link & Security Audit
site-checker-all-in-one-qa-testing
Scan, spot, and solve WordPress issues in seconds with Site Checker.
Resilience Compliance Manager
resilience-compliance-manager
CRA compliance for WordPress developers. Checklist, document generator, vulnerability scanner, and incident reporting for the 2026 EU deadline.
The Code Registry – Code Backup & Intelligence
the-code-registry-code-backup-intelligence
Backup your code and analyze security vulnerabilities, third-party component usage, licensing issues, code quality and more with The Code Registry.
Sajjetti – AI Audit Developer Profile
1 plugin · 0 total installs
How We Detect Sajjetti – AI Audit
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/sajjetti-audit/assets/css/admin-global.css/wp-content/plugins/sajjetti-audit/assets/css/admin-onboard.css/wp-content/plugins/sajjetti-audit/assets/css/admin-page-min.css/wp-content/plugins/sajjetti-audit/assets/css/admin-page.csssajjetti-audit/assets/css/admin-onboard.css?ver=sajjetti-audit/assets/css/admin-global.css?ver=sajjetti-audit/assets/css/admin-page-min.css?ver=sajjetti-audit/assets/css/admin-page.css?ver=HTML / DOM Fingerprints
sajjetti-admin-noticesajjetti-audit-notice-error