WP-Safety

Site Demo Content Security & Risk Analysis

wordpress.org/plugins/sample-data

One click import demo content which includes post, pages, comments etc. Also, import demo content for different plugins such as WooCommerce, bbPress e …

100 active installs v1.1.2 PHP + WP 4.4+ Updated Jul 23, 2020
bbpress-dummy-datadummy-datasample-datatheme-unit-test-datawoocommerce-dummy-data
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Site Demo Content Safe to Use in 2026?

Generally Safe

Score 85/100

Site Demo Content has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The 'sample-data' plugin v1.1.2 exhibits a concerning security posture primarily due to the presence of unprotected AJAX handlers. While the plugin does not appear to have a history of reported vulnerabilities, the static analysis reveals significant weaknesses that could be exploited. The 2 AJAX entry points without authentication checks represent a direct attack vector, making them prime targets for unauthorized actions. Furthermore, the taint analysis identified a flow with an unsanitized path, which, although not classified as critical or high severity, still indicates potential for security issues if input is not handled carefully. The limited number of prepared statements and the low percentage of properly escaped output are also worrying signs, increasing the risk of SQL injection and cross-site scripting (XSS) vulnerabilities, respectively.

Key Concerns

  • AJAX handlers without authorization checks
  • Unsanitized path in taint analysis flow
  • Low percentage of properly escaped output
  • Limited use of prepared statements for SQL queries
  • Missing nonce checks on AJAX handlers
  • Missing capability checks on AJAX handlers
Vulnerabilities
None known

Site Demo Content Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Site Demo Content Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
5 prepared
Unescaped Output
9
8 escaped
Nonce Checks
0
Capability Checks
0
File Operations
5
External Requests
1
Bundled Libraries
0

SQL Query Safety

71% prepared7 total queries

Output Escaping

47% escaped17 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<class-sample-data> (classes\class-sample-data.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Site Demo Content Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_sample-data-wxr-importclasses\class-sample-data.php:63
authwp_ajax_sample-data-prepare-importclasses\class-sample-data.php:64
WordPress Hooks 15
actionadmin_menuclasses\class-sample-data-page.php:48
actionadmin_enqueue_scriptsclasses\class-sample-data-page.php:49
actionwxr_importer.processed.postclasses\class-sample-data.php:125
actionwxr_importer.process_failed.postclasses\class-sample-data.php:126
actionwxr_importer.process_already_imported.postclasses\class-sample-data.php:127
actionwxr_importer.process_skipped.postclasses\class-sample-data.php:128
actionwxr_importer.processed.commentclasses\class-sample-data.php:129
actionwxr_importer.process_already_imported.commentclasses\class-sample-data.php:130
actionwxr_importer.processed.termclasses\class-sample-data.php:131
actionwxr_importer.process_failed.termclasses\class-sample-data.php:132
actionwxr_importer.process_already_imported.termclasses\class-sample-data.php:133
actionwxr_importer.processed.userclasses\class-sample-data.php:134
actionwxr_importer.process_failed.userclasses\class-sample-data.php:135
filterimport_post_meta_keyclasses\importer\class-wxr-importer.php:328
filterhttp_request_timeoutclasses\importer\class-wxr-importer.php:329
Maintenance & Trust

Site Demo Content Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19
Last updatedJul 23, 2020
PHP min version
Downloads23K

Community Trust

Rating56/100
Number of ratings9
Active installs100
Alternatives

Site Demo Content Alternatives

Dummy Text Generator

Dummy Text Generator

dummy-text-generator

A
92

This is a simple WordPress Dummy Text Generator plugin. This plugin based on lorem ipsum dummy content.

100 No CVEs
Tally Theme Setup

Tally Theme Setup

tally-theme-setup

A
85

Import demo content for Tally Themes

100 No CVEs
AutoRadomContent

AutoRadomContent

auto-random-content

A
85

This plugin generate automatic post/page/comments/Users/media/terms with random content | It's Perfect for WP developer.

70 No CVEs
Template Sell Demo Importer

Template Sell Demo Importer

template-sell-demo-importer

A
85

Import Dummy data for themes developed by Template Sell.

70 No CVEs
Add Dummy Post

Add Dummy Post

add-dummy-post

A
85

Add Dummy Post plugin allows user to add post in their WordPress website.

30 No CVEs
Developer Profile

Site Demo Content Developer Profile

Mahesh Waghmare

7 plugins · 260 total installs

85
trust score
Avg Security Score
87/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Site Demo Content

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/sample-data/assets/js/importer.js/wp-content/plugins/sample-data/assets/css/importer.css
Script Paths
/wp-content/plugins/sample-data/assets/js/importer.js
Version Parameters
sample-data/assets/js/importer.js?ver=sample-data/assets/css/importer.css?ver=

HTML / DOM Fingerprints

CSS Classes
sample-dataget-started
HTML Comments
translators: %s is the link of theme unit test data.
Data Attributes
data-file
JS Globals
SampleDataVars
FAQ

Frequently Asked Questions about Site Demo Content