WP-Safety

SecurelyWP – all-in-one security Security & Risk Analysis

wordpress.org/plugins/securelywp

SecurelyWP is a simple security plugin that protects your WordPress site right after activation—no setup needed for most features.

20 active installs v1.0.10 PHP + WP 5.0+ Updated Nov 22, 2025
captchaheaderssecuritytwo-factor-authentication-2fa
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is SecurelyWP – all-in-one security Safe to Use in 2026?

Generally Safe

Score 100/100

SecurelyWP – all-in-one security has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The "securelywp" plugin v1.0.10 exhibits a generally good security posture, with strong adherence to best practices like using prepared statements for all SQL queries and properly escaping all output. The absence of any recorded vulnerabilities or CVEs in its history is a significant positive indicator. The plugin also demonstrates robust use of nonce and capability checks, suggesting a deliberate effort to secure its functionality. However, the presence of three AJAX handlers, one of which lacks authentication checks, represents a notable area of concern and a potential entry point for attackers. While the taint analysis shows no critical or high-severity unsanitized flows, the unprotected AJAX endpoint could be exploited if it handles sensitive data or performs critical actions without proper authorization.

Key Concerns

  • Unprotected AJAX handler
Vulnerabilities
None known

SecurelyWP – all-in-one security Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

SecurelyWP – all-in-one security Release Timeline

v1.0.10Current
v1.0.9
v1.0.8
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0.0
Code Analysis
Analyzed Apr 16, 2026

SecurelyWP – all-in-one security Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
4 prepared
Unescaped Output
2
473 escaped
Nonce Checks
11
Capability Checks
11
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared4 total queries

Output Escaping

100% escaped475 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

9 flows
securelywp_captcha_settings_page (admin/settings-pages/captcha-settings.php:18)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

SecurelyWP – all-in-one security Attack Surface

Entry Points3
Unprotected1

AJAX Handlers 3

authwp_ajax_securelywp_get_dashboard_statusadmin/dashboard.php:18
authwp_ajax_securelywp_purge_cacheincludes/cache/purge-cache.php:20
authwp_ajax_securelywp_reset_2faincludes/two-factor/render.php:165
WordPress Hooks 80
actionadmin_menuadmin/dashboard.php:17
actionadmin_bar_menuincludes/cache/purge-cache.php:16
actionadmin_enqueue_scriptsincludes/cache/purge-cache.php:17
actionwp_enqueue_scriptsincludes/cache/purge-cache.php:18
actionadmin_enqueue_scriptsincludes/cache/purge-cache.php:19
actionadmin_noticesincludes/cache/purge-cache.php:21
actionplugins_loadedincludes/captcha/captcha.php:71
actionlogin_formincludes/captcha/captcha.php:79
actionregister_formincludes/captcha/captcha.php:82
actionlostpassword_formincludes/captcha/captcha.php:85
actioncomment_form_after_fieldsincludes/captcha/captcha.php:88
actioncomment_form_logged_in_afterincludes/captcha/captcha.php:89
actionwoocommerce_checkout_before_customer_detailsincludes/captcha/captcha.php:92
filterwpcf7_form_elementsincludes/captcha/captcha.php:95
actionwpcf7_before_send_mailincludes/captcha/captcha.php:96
filtergform_pre_renderincludes/captcha/captcha.php:99
actiongform_pre_submissionincludes/captcha/captcha.php:100
filterwpforms_frontend_outputincludes/captcha/captcha.php:103
actionwpforms_processincludes/captcha/captcha.php:104
filterfrm_display_formincludes/captcha/captcha.php:107
actionfrm_before_create_entryincludes/captcha/captcha.php:108
filterforminator_custom_form_render_responseincludes/captcha/captcha.php:111
actionforminator_custom_form_submit_responseincludes/captcha/captcha.php:112
actionelementor_pro/forms/validationincludes/captcha/captcha.php:115
actionedd_purchase_form_before_submitincludes/captcha/captcha.php:118
actionedd_checkout_error_checksincludes/captcha/captcha.php:119
actionmc4wp_form_before_fieldsincludes/captcha/captcha.php:122
filtermc4wp_form_submitincludes/captcha/captcha.php:123
actionbp_before_account_details_fieldsincludes/captcha/captcha.php:126
actionbp_core_signup_userincludes/captcha/captcha.php:127
actionbbp_template_after_replies_loopincludes/captcha/captcha.php:130
actionbbp_new_replyincludes/captcha/captcha.php:131
actionbbp_new_topicincludes/captcha/captcha.php:132
actionmepr-account-formincludes/captcha/captcha.php:135
actionum_after_form_fieldsincludes/captcha/captcha.php:138
actionwpmem_register_formincludes/captcha/captcha.php:141
actionsignup_extra_fieldsincludes/captcha/captcha.php:144
actionwpmu_validate_user_signupincludes/captcha/captcha.php:145
actionwp_enqueue_scriptsincludes/captcha/render.php:27
actionlogin_enqueue_scriptsincludes/captcha/render.php:28
filterauthenticateincludes/captcha/verify.php:56
filterregistration_errorsincludes/captcha/verify.php:57
filterallow_password_resetincludes/captcha/verify.php:58
filterpreprocess_commentincludes/captcha/verify.php:59
actionwoocommerce_after_checkout_validationincludes/captcha/verify.php:61
actionwpcf7_before_send_mailincludes/captcha/verify.php:64
actiongform_pre_submissionincludes/captcha/verify.php:67
actionwpforms_processincludes/captcha/verify.php:70
actionfrm_before_create_entryincludes/captcha/verify.php:73
actionforminator_custom_form_submit_responseincludes/captcha/verify.php:76
actionelementor_pro/forms/validationincludes/captcha/verify.php:79
actionedd_checkout_error_checksincludes/captcha/verify.php:82
filtermc4wp_form_submitincludes/captcha/verify.php:85
actionbp_core_signup_userincludes/captcha/verify.php:88
actionbbp_new_replyincludes/captcha/verify.php:91
actionbbp_new_topicincludes/captcha/verify.php:92
actionwpmu_validate_user_signupincludes/captcha/verify.php:95
filtergform_validation_messageincludes/captcha/verify.php:173
actionplugins_loadedincludes/firewall/firewall.php:79
actionwp_login_failedincludes/hardening/brute-force-lite.php:41
actionwp_loginincludes/hardening/brute-force-lite.php:42
filterauthenticateincludes/hardening/brute-force-lite.php:43
actionadmin_noticesincludes/hardening/detect-admin-username.php:27
actioninitincludes/hardening/disable-php-uploads.php:20
filterlogin_urlincludes/hardening/force-https.php:40
filteradmin_urlincludes/hardening/force-https.php:41
filterstyle_loader_srcincludes/hardening/hide-wp-version.php:41
filterscript_loader_srcincludes/hardening/hide-wp-version.php:42
actiontemplate_redirectincludes/hardening/prevent-user-enum.php:27
actionsend_headersincludes/headers/csp.php:15
actionsend_headersincludes/headers/hsts.php:15
actionsend_headersincludes/headers/permissions-policy.php:15
actionsend_headersincludes/headers/referrer-policy.php:15
actionsend_headersincludes/headers/x-content-type-options.php:15
actionsend_headersincludes/headers/x-frame-options.php:15
actionlogin_formincludes/two-factor/render.php:18
filterauthenticateincludes/two-factor/render.php:98
actionadmin_enqueue_scriptssecurelywp.php:53
actionadmin_menusecurelywp.php:54
actionplugins_loadedsecurelywp.php:217
Maintenance & Trust

SecurelyWP – all-in-one security Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedNov 22, 2025
PHP min version
Downloads934

Community Trust

Rating0/100
Number of ratings0
Active installs20
Alternatives

SecurelyWP – all-in-one security Alternatives

SiteGuard WP Plugin

SiteGuard WP Plugin

siteguard

A
98

SiteGurad WP Plugin is the plugin specialized for the protection against the attack to the management page and login.

600K 2 CVEs
reCaptcha by BestWebSoft

reCaptcha by BestWebSoft

google-captcha

A
98

Protect WordPress website forms from spam entries with Google reCAPTCHA.

100K 3 CVEs
Headers Security Advanced & HSTS WP

Headers Security Advanced & HSTS WP

headers-security-advanced-hsts-wp

A
100

Best all-in-one WordPress security plugin, uses HTTP & HSTS response headers to avoid vulnerabilities: XSS, injection, clickjacking. Force HTTP/HTTPS.

90K No CVEs
Wordfence Login Security

Wordfence Login Security

wordfence-login-security

A
92

Secure your website with Wordfence Login Security, providing two-factor authentication, login and registration CAPTCHA, and XML-RPC protection.

70K No CVEs
Login No Captcha reCAPTCHA

Login No Captcha reCAPTCHA

login-recaptcha

A
85

Adds a Google No Captcha ReCaptcha checkbox to your Wordpress and Woocommerce login, forgot password, and user registration pages.

60K 1 CVE
Developer Profile

SecurelyWP – all-in-one security Developer Profile

SecurelyWP

1 plugin · 20 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect SecurelyWP – all-in-one security

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/securelywp/assets/css/admin.css/wp-content/plugins/securelywp/assets/two-factor/js/qrcode.js
Script Paths
/wp-content/plugins/securelywp/assets/js/jquery-ui-dialog.js/wp-content/plugins/securelywp/assets/two-factor/js/qrcode.js
Version Parameters
securelywp/assets/css/admin.css?ver=securelywp/assets/js/jquery-ui-dialog.js?ver=securelywp/assets/two-factor/js/qrcode.js?ver=

HTML / DOM Fingerprints

Data Attributes
securelywp_2fa_nonce
JS Globals
securelywp_2fa
FAQ

Frequently Asked Questions about SecurelyWP – all-in-one security