Does SEOLAT Tool Plus have any unpatched vulnerabilities?

No. All known vulnerabilities in SEOLAT Tool Plus have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is SEOLAT Tool Plus compatible with WordPress 6.4.8?

According to WordPress.org data, SEOLAT Tool Plus 2.2 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

How often is SEOLAT Tool Plus updated?

SEOLAT Tool Plus was last updated on Dec 15, 2023. Frequent updates are generally a positive security signal.

What is SEOLAT Tool Plus's security score?

SEOLAT Tool Plus has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SEOLAT Tool Plus Security & Risk Analysis

wordpress.org/plugins/seolat-tool-plus

This SEOLAT Tool Plus plugin gives you control over title tags, noindex/nofollow, meta tags, opengraph+, slugs, canonical tags, autolinks, 404 errors, rich snippets, and more.

100 active installs v2.2 PHP + WP 3.9+ Updated Dec 15, 2023

googleseoseolat-tool-plussuiteyahoo

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is SEOLAT Tool Plus Safe to Use in 2026?

Generally Safe

Score 85/100

SEOLAT Tool Plus has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The seolat-tool-plus plugin exhibits a mixed security posture. While it has a clean vulnerability history and a good percentage of SQL queries using prepared statements, several concerning signals emerge from the static analysis. The presence of two AJAX handlers, with one lacking proper authentication checks, presents a direct attack vector. Furthermore, the use of the `unserialize` function is a significant risk, as it can lead to remote code execution if uncontrolled user input is passed to it. The taint analysis revealing two high-severity flows and a large number of unsanitized paths also points to potential vulnerabilities, even if no critical ones were identified. The relatively low percentage of properly escaped output further adds to the risk profile, indicating potential for cross-site scripting (XSS) vulnerabilities.

Despite the absence of known CVEs, the identified code signals and taint analysis results suggest that the plugin is not as secure as its history might imply. The lack of comprehensive authentication on an AJAX endpoint, coupled with the dangerous `unserialize` function and numerous unsanitized data flows, creates a fertile ground for attackers. While strengths like prepared SQL statements and nonce checks are present, they are overshadowed by these critical weaknesses. A thorough review and remediation of the identified high-severity taint flows and the unprotected AJAX endpoint are highly recommended.

Key Concerns

Unprotected AJAX handler
Dangerous unserialize function detected
High severity taint flow (x2)
High percentage of unsanitized paths
Low percentage of properly escaped output

Vulnerabilities

None known

SEOLAT Tool Plus Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

SEOLAT Tool Plus Code Analysis

Dangerous Functions

Raw SQL Queries

10 prepared

Unescaped Output

184

108 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$response = unserialize( wp_remote_retrieve_body( $request ) );am\classes\class-wc-plugin-update.php:223

unserialize$import = unserialize($import);modules\settings\settings-data.php:71

SQL Query Safety

83% prepared12 total queries

Output Escaping

37% escaped292 total outputs

Data Flows

13 unsanitized

Data Flow Analysis

14 flows13 with unsanitized paths

admin_page_contents (modules\301s\301-rules.php:124)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

SEOLAT Tool Plus Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 2

authwp_ajax_supiat_update_alt_captionmodules\alt-attribute\alt-attribute.php:35

authwp_ajax_sl-jlsuggest-autocompleteplugin\class.seolat-tool-plus.php:252

WordPress Hooks 149

actionadmin_menuam\admin\class-wc-api-manager-menu.php:20

actionadmin_initam\admin\class-wc-api-manager-menu.php:21

filterpre_set_site_transient_update_pluginsam\classes\class-wc-plugin-update.php:110

filterplugins_apiam\classes\class-wc-plugin-update.php:113

filterpre_set_site_transient_update_themesam\classes\class-wc-plugin-update.php:120

actionadmin_noticesam\classes\class-wc-plugin-update.php:305

actionadmin_noticesam\classes\class-wc-plugin-update.php:306

actionadmin_noticesam\classes\class-wc-plugin-update.php:310

actionadmin_noticesam\classes\class-wc-plugin-update.php:314

actionadmin_noticesam\classes\class-wc-plugin-update.php:318

actionadmin_noticesam\classes\class-wc-plugin-update.php:322

actionadmin_noticesam\classes\class-wc-plugin-update.php:326

actionadmin_noticesam\classes\class-wc-plugin-update.php:330

actionadmin_noticesam\classes\class-wc-plugin-update.php:334

actionadmin_noticesam\classes\class-wc-plugin-update.php:338

actionadmin_noticesam\classes\class-wc-plugin-update.php:342

actionadmin_noticesam\classes\class-wc-plugin-update.php:346

actionadmin_noticesam\classes\class-wc-plugin-update.php:350

actionadmin_noticesam\classes\class-wc-plugin-update.php:354

filterhttp_headers_useragentincludes\jlwp\functions.php:81

actionadmin_enqueue_scriptsmodules\301s\301-rules.php:24

actionadmin_enqueue_scriptsmodules\301s\301s.php:26

filtersl_settings_export_arraymodules\404s\fofs-log.php:14

actionadmin_enqueue_scriptsmodules\404s\fofs-log.php:40

actionsl_save_hitmodules\404s\fofs-log.php:41

filtersl_get_setting-404s-max_log_sizemodules\404s\fofs-settings.php:32

filtersl_settings_import_arraymodules\alt-attribute\alt-attribute.php:15

actionadmin_enqueue_scriptsmodules\alt-attribute\alt-attribute.php:27

filtermanage_media_columnsmodules\alt-attribute\alt-attribute.php:29

actionmanage_media_custom_columnmodules\alt-attribute\alt-attribute.php:30

filtermanage_media_columnsmodules\alt-attribute\alt-attribute.php:32

actionmanage_media_custom_columnmodules\alt-attribute\alt-attribute.php:33

actionadmin_menumodules\alt-attribute\alt-attribute.php:37

filteruser_contactmethodsmodules\author-links\author-links.php:23

filteruser_contactmethodsmodules\author-links\author-links.php:24

actionadmin_enqueue_scriptsmodules\autolinks\content-autolinks.php:23

filterthe_contentmodules\autolinks\content-autolinks.php:26

filtersl_postmeta_helpmodules\autolinks\content-autolinks.php:28

filtersl_get_postmeta-autolinksmodules\autolinks\content-autolinks.php:29

filtersl_custom_update_postmeta-autolinksmodules\autolinks\content-autolinks.php:30

filtersl_get_setting-autolinks-linkfree_tagsmodules\autolinks\content-autolinks.php:32

filtersl_get_setting-autolinks-dampen_sitewide_lpa_valuemodules\autolinks\content-autolinks.php:33

actionwp_footermodules\autolinks\footer-autolinks.php:22

filtersl_get_setting-canonical-canonical_url_schememodules\canonical\canonical.php:18

actiontemplate_redirectmodules\canonical\canonical.php:31

actiontemplate_redirectmodules\canonical\canonical.php:35

filtersl_get_setting-canonical-canonical_url_schememodules\canonical-url\canonical-url.php:19

actionsl_headmodules\canonical-url\canonical-url.php:29

actiontemplate_redirectmodules\canonical-url\canonical-url.php:33

actiontemplate_redirectmodules\canonical-url\canonical-url.php:37

actionin_admin_footermodules\class.sl-module.php:887

actionadmin_enqueue_scriptsmodules\class.sl-module.php:951

actionadmin_xml_nsmodules\class.sl-module.php:2738

actiondo_robotsmodules\files\files.php:24

actionadmin_noticesmodules\files\files.php:27

filtersl_get_setting-files-htaccessmodules\files\files.php:31

filtersl_custom_update_setting-files-htaccessmodules\files\files.php:32

actionadmin_enqueue_scriptsmodules\internal-link-aliases\internal-link-aliases.php:13

filtersl_custom_update_postmeta-aliasesmodules\internal-link-aliases\internal-link-aliases.php:16

filtersl_get_setting-internal-link-aliases-alias_dirmodules\internal-link-aliases\internal-link-aliases.php:17

filterthe_contentmodules\internal-link-aliases\internal-link-aliases.php:20

actiontemplate_redirectmodules\internal-link-aliases\internal-link-aliases.php:21

actiondo_robotstxtmodules\internal-link-aliases\internal-link-aliases.php:22

actionsl_do_robotstxtmodules\internal-link-aliases\internal-link-aliases.php:23

filterwp_list_pagesmodules\link-nofollow\link-nofollow.php:51

actionsl_headmodules\meta\hreflang-language.php:19

filtersl_settings_export_arraymodules\meta\meta-descriptions.php:14

actionsl_headmodules\meta\meta-descriptions.php:23

filtersl_postmeta_helpmodules\meta\meta-descriptions.php:24

filtersl_settings_export_arraymodules\meta\meta-keywords.php:14

actionsl_headmodules\meta\meta-keywords.php:24

actionadmin_enqueue_scriptsmodules\meta\meta-robots.php:18

filtersl_meta_robotsmodules\meta\meta-robots.php:21

filterthe_content_more_linkmodules\more-links\more-links.php:24

filtersl_get_postmeta-morelinktextmodules\more-links\more-links.php:25

filtersl_settings_export_arraymodules\noindex\noindex.php:17

actionsl_meta_robotsmodules\noindex\noindex.php:31

actioncommentsrss2_headmodules\noindex\noindex.php:37

actionadmin_headmodules\noindex\noindex.php:41

actionlogin_headmodules\noindex\noindex.php:45

filterlanguage_attributesmodules\opengraph\opengraph.php:30

actionsl_headmodules\opengraph\opengraph.php:31

filtersl_get_setting-opengraph-twitter_site_handlemodules\opengraph\opengraph.php:32

filteruser_contactmethodsmodules\opengraph\opengraph.php:33

filtersl_get_setting-opengraph-twitter_creator_handlemodules\opengraph\opengraph.php:34

actionshow_user_profilemodules\opengraph\opengraph.php:35

actionedit_user_profilemodules\opengraph\opengraph.php:36

actionpersonal_options_updatemodules\opengraph\opengraph.php:37

actionedit_user_profile_updatemodules\opengraph\opengraph.php:38

actionwp_insert_postmodules\permalinks\permalinks.php:39

filterterm_linkmodules\permalinks\permalinks.php:40

filterquery_varsmodules\permalinks\permalinks.php:41

filterrequestmodules\permalinks\permalinks.php:42

filterthe_contentmodules\rich-snippets\rich-snippets.php:21

filtersl_settings_export_arraymodules\sds-blog\sds-blog.php:28

filterhttp_headers_useragentmodules\sds-blog\sds-blog.php:69

filteresc_htmlmodules\sds-blog\sds-blog.php:70

actionadmin_menumodules\seo-data-importer\admin.php:6

actionplugins_loadedmodules\seo-data-importer\plugin.php:4

filtersl_custom_admin_page-settingsmodules\settings\install.php:78

filtersl_custom_admin_page-settingsmodules\settings\uninstall.php:55

filterthe_contentmodules\sharing-buttons\sharing-buttons.php:18

actionadmin_menumodules\sitemap\sitemap.php:63

actionupgrader_process_completemodules\sitemap\sitemap.php:96

actioninitmodules\sitemap\sitemap.php:97

filterquery_varsmodules\sitemap\sitemap.php:99

filtertemplate_redirectmodules\sitemap\sitemap.php:100

actionadmin_enqueue_scriptsmodules\sitemap\sitemap.php:119

actionadmin_initmodules\sitemap\sitemap.php:120

filtername_save_premodules\slugs\slugs.php:26

filtersanitize_titlemodules\slugs\slugs.php:31

filtersl_settings_export_arraymodules\titles\titles.php:14

filterwp_titlemodules\titles\titles.php:25

actiontemplate_redirectmodules\titles\titles.php:29

actionwp_headmodules\titles\titles.php:30

filtersl_postmeta_helpmodules\titles\titles.php:34

filtersl_settings_import_arraymodules\user-code\user-code.php:17

filtersl_settings_import_arraymodules\user-code-plus\user-code-plus.php:17

actionwidgets_initmodules\widgets\widgets.php:27

actionshutdownplugin\class.seolat-tool-plus.php:131

actioninitplugin\class.seolat-tool-plus.php:186

actioninitplugin\class.seolat-tool-plus.php:187

actionwp_headplugin\class.seolat-tool-plus.php:190

filterredirect_canonicalplugin\class.seolat-tool-plus.php:194

filterwp_redirectplugin\class.seolat-tool-plus.php:195

filterstatus_headerplugin\class.seolat-tool-plus.php:196

actionwp_enqueue_scriptsplugin\class.seolat-tool-plus.php:201

actionadmin_enqueue_scriptsplugin\class.seolat-tool-plus.php:211

actionadmin_headplugin\class.seolat-tool-plus.php:214

actionadmin_headplugin\class.seolat-tool-plus.php:217

actionadmin_noticesplugin\class.seolat-tool-plus.php:221

actionadmin_initplugin\class.seolat-tool-plus.php:224

actionadmin_menuplugin\class.seolat-tool-plus.php:230

actionnetwork_admin_menuplugin\class.seolat-tool-plus.php:231

actionadmin_headplugin\class.seolat-tool-plus.php:234

actiondo_meta_boxesplugin\class.seolat-tool-plus.php:237

actionsave_postplugin\class.seolat-tool-plus.php:238

filtertransient_update_pluginsplugin\class.seolat-tool-plus.php:242

filterplugin_row_metaplugin\class.seolat-tool-plus.php:249

actionafter_wp_tiny_mceplugin\class.seolat-tool-plus.php:256

actionadmin_enqueue_scriptsplugin\class.seolat-tool-plus.php:653

filterupgrader_pre_installplugin\class.sl-installer.php:49

filterupgrader_clear_destinationplugin\class.sl-installer.php:50

actionadmin_bar_menuplugin\sl-functions.php:683

filterjetpack_enable_open_graphplugin\sl-functions.php:686

actionadmin_noticesseolat-tool-plus.php:79

actionadmin_noticesseolat-tool-plus.php:92

actionadmin_menuseolat-tool-plus.php:99

actionadmin_noticesseolat-tool-plus.php:215

Maintenance & Trust

SEOLAT Tool Plus Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedDec 15, 2023

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings3

Active installs100

Alternatives

SEOLAT Tool Plus Alternatives

SEO Ultimate

seo-ultimate

This all-in-one SEO plugin gives you control over meta titles & descriptions, open graph, auto-linking, rich-snippets, 404 monitoring, siloing &am …

20K No CVEs

Easy Verification

easy-verification

This plugin will allow you to easily verify your WordPress website with Google Webmaster Tools, Bing Webmaster Tools and Yahoo! SiteExplorer.

100 No CVEs

Karailiev's sitemap

karailievs-sitemap

This plugin adds a XML sitemap and news sitemap to your blog. It's used to show all your pages and posts to the search engines like Google, Yahoo …

70 No CVEs

WPMU Fast Verification for Google Webmaster Tools and Yahoo! Site Explorer

wpmu-fast-verification-for-google-webmaster-tools-and-yahoo-site-explorer

Allow you to do fast verification for WPMU websites with Google Webmaster Tools, Yahoo! SiteExplorer, Bing Webmaster Center & Alexa Siteowners.

10 No CVEs

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic

all-in-one-seo-pack

AIOSEO is the most powerful WordPress SEO plugin. Improve SEO rankings and traffic with comprehensive SEO tools and smart AI SEO optimizations!

3.0M 26 CVEs

Developer Profile

SEOLAT Tool Plus Developer Profile

AffiliateCMS.com

2 plugins · 110 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect SEOLAT Tool Plus

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/seolat-tool-plus/css/simple-wp-sitemap-admin.css/wp-content/plugins/seolat-tool-plus/js/simple-wp-sitemap-admin.js

Script Paths

/wp-content/plugins/seolat-tool-plus/js/simple-wp-sitemap-admin.js

Version Parameters

simple-wp-sitemap-admin-css?ver=simple-wp-sitemap-admin-js?ver=

HTML / DOM Fingerprints

CSS Classes

simple-wp-sitemap-h2

HTML Comments

Simple Wp Sitemap Admin interface

FAQ