Does SEO Pyramid have any unpatched vulnerabilities?

Yes — SEO Pyramid currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is SEO Pyramid compatible with WordPress 6.8.5?

According to WordPress.org data, SEO Pyramid 1.9.8 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is SEO Pyramid compatible with PHP 5.0+?

SEO Pyramid requires PHP 5.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is SEO Pyramid updated?

SEO Pyramid was last updated on Jun 10, 2025. Frequent updates are generally a positive security signal.

What is SEO Pyramid's security score?

SEO Pyramid has a WP-Safety security score of 78/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SEO Pyramid Security & Risk Analysis

wordpress.org/plugins/seo-pyramid

SEO Pyramid is a free, lightweight Search Engine Optimization plugin designed to simplify website SEO process.

50 active installs v1.9.8 PHP 5.0+ WP 5.0+ Updated Jun 10, 2025

content-analysisopen-graphschemaseoxml-sitemap

B · Generally Safe

CVEs total1

Unpatched1

Last CVESep 20, 2025

Plugin page Download

Safety Verdict

Is SEO Pyramid Safe to Use in 2026?

Mostly Safe

Score 78/100

SEO Pyramid is generally safe to use. 1 past CVE were resolved. Keep it updated.

1 known CVE 1 unpatched Last CVE: Sep 20, 2025Updated 9mo ago

Risk Assessment

The "seo-pyramid" plugin version 1.9.8 exhibits a mixed security posture. On the positive side, the static analysis reveals no identified dangerous functions, all SQL queries are prepared, and there are no external HTTP requests. This suggests a good foundation in handling sensitive operations.

However, significant concerns arise from the output escaping and taint analysis. A substantial percentage of output (59%) is not properly escaped, creating a high risk of Cross-Site Scripting (XSS) vulnerabilities. Furthermore, the taint analysis shows 11 flows with unsanitized paths, all of which are concerning. The lack of nonce and capability checks on any identified entry points is a critical oversight, especially in conjunction with the unescaped output.

The plugin's vulnerability history is also a major red flag. With one unpatched CVE, specifically an XSS vulnerability, and the last known vulnerability being recent, this indicates a pattern of insecure coding practices that have led to exploitable flaws. The presence of a medium severity XSS vulnerability in the past, even if historical, combined with the current static analysis findings, strongly suggests that unpatched vulnerabilities are likely to remain or reappear if not addressed.

Key Concerns

Unpatched CVE
High percentage of unescaped output
Unsanitized paths in taint analysis
Missing nonce checks
Missing capability checks

Vulnerabilities

SEO Pyramid Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-53427medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

SEO Pyramid <= 1.9.8 - Reflected Cross-Site Scripting

Sep 20, 2025Unpatched

Code Analysis

Analyzed Mar 16, 2026

SEO Pyramid Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

62 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

41% escaped152 total outputs

Data Flows

11 unsanitized

Data Flow Analysis

11 flows11 with unsanitized paths

seo_pyramid_analyze (builders\seo_pyramid_analyzer.php:22)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

SEO Pyramid Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 34

filterplugin_action_linksindex.php:32

actionadmin_menupages\general-page.php:11

actionadmin_initpages\general-page.php:13

actionadmin_menupages\reports-page.php:7

actionadmin_initpages\reports-page.php:8

actionadmin_menupages\reports-page.php:162

actionadmin_menupages\schema-page.php:5

actionadmin_initpages\schema-page.php:6

actionadmin_menupages\schema-page.php:368

actionadmin_footerpages\schema-page.php:377

actionadmin_menupages\share-page.php:8

actionadmin_initpages\share-page.php:10

actionadmin_menupages\share-page.php:415

actionadmin_footerpages\share-page.php:422

actionadmin_menupages\sitemap-page.php:9

actionadmin_initpages\sitemap-page.php:11

actionadmin_menupages\sitemap-page.php:336

actionwp_print_scriptsseo_pyramid_form.php:343

actionwp_headseo_pyramid_functions.php:38

filtermanage_pages_columnsseo_pyramid_functions.php:100

filtermanage_posts_columnsseo_pyramid_functions.php:102

actionmanage_pages_custom_columnseo_pyramid_functions.php:116

actionmanage_posts_custom_columnseo_pyramid_functions.php:118

filtermanage_edit-page_sortable_columnsseo_pyramid_functions.php:181

filtermanage_edit-post_sortable_columnsseo_pyramid_functions.php:183

actionload-edit.phpseo_pyramid_functions.php:197

filterrequestseo_pyramid_functions.php:202

actionadmin_menuseo_pyramid_functions.php:270

actionplugins_loadedseo_pyramid_functions.php:275

filterpre_get_document_titleseo_pyramid_functions.php:303

actionwp_headseo_pyramid_functions.php:449

actionadd_meta_boxesseo_pyramid_functions.php:688

actionadmin_enqueue_scriptsseo_pyramid_functions.php:703

actionsave_postseo_pyramid_functions.php:831

Maintenance & Trust

SEO Pyramid Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJun 10, 2025

PHP min version5.0

Downloads14K

Community Trust

Rating100/100

Number of ratings4

Active installs50

Alternatives

SEO Pyramid Alternatives

Yoast SEO – Advanced SEO with real-time guidance and built-in AI

wordpress-seo

Improve your SEO with real-time feedback, schema, and clear guidance. Upgrade for AI tools, Google Docs integration, and 24/7 support, no hidden fees.

10.0M 17 CVEs