Semrush Content Toolkit Security & Risk Analysis
wordpress.org/plugins/semrush-contentshakeCreate SEO-friendly content that brings traffic.
Is Semrush Content Toolkit Safe to Use in 2026?
Generally Safe
Score 99/100Semrush Content Toolkit has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.
The semrush-contentshake plugin version 1.1.33 exhibits a strong security posture based on the static analysis. The absence of dangerous functions, raw SQL queries, improper output escaping, file operations, and external HTTP requests indicates diligent development practices. The presence of a nonce check and the lack of critical or high severity taint flows are positive indicators. However, the static analysis reveals no explicit capability checks, and the total entry points are reported as zero, which might suggest a limited functionality or reliance on other plugin mechanisms for interaction. The vulnerability history notes one past medium-severity CVE, specifically Cross-Site Request Forgery, which was last seen in 2025. While this vulnerability is not currently unpatched and the number of past vulnerabilities is low, it highlights a potential area of past weakness that warrants continued vigilance.
Key Concerns
- One past medium CVE (CSRF)
- No capability checks found
Semrush Content Toolkit Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
Semrush Content Toolkit <= 1.1.32 - Cross-Site Request Forgery
Semrush Content Toolkit Release Timeline
Semrush Content Toolkit Code Analysis
Output Escaping
Semrush Content Toolkit Attack Surface
WordPress Hooks 6
Maintenance & Trust
Semrush Content Toolkit Maintenance & Trust
Maintenance Signals
Community Trust
Semrush Content Toolkit Alternatives
ContentPen
contentpen
AI-Powered SEO Content Writing Assistant
ACME.BOT – AI SEO Writer & Content Generator
acme-bot-ai-seo-writer-content-generator
Run your WordPress blog on auto-pilot with ACME.BOT - automated AI SEO writer that creates deep-researched, publish-ready content with AI diagrams.
Hydori SEO – AI-Powered SEO Automation
hydori-seo-ai-powered-seo-automation
Autonomous SEO platform that detects ranking drops, generates AI content fixes, and publishes directly to WordPress. The full closed loop.
Smart Decay Copilot by Content Refresher
smart-decay-copilot-content-refresher
AI-powered plugin that detects your outdated WordPress posts and generates refreshed content drafts for your approval — before anything goes live.
upword. Connect
upword-connect
Publish SEO-ready articles from upword. to WordPress automatically. No logins, no copy-paste, no extra work.
Semrush Content Toolkit Developer Profile
2 plugins · 11K total installs
How We Detect Semrush Content Toolkit
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
HTML / DOM Fingerprints
contentshake/v1/postscontentshake/v1/acceptedcontentshake/v1/decline