WP-Safety

Seotune Search Insights Security & Risk Analysis

wordpress.org/plugins/seotune-search-insights

Search Console analytics and SEO insights in your WordPress admin. Connect with OAuth; data stored in your DB. Not affiliated with Google.

0 active installs v1.0.1 PHP 8.0+ WP 6.2+ Updated Apr 15, 2026
analyticsgoogle-search-consolekeywordsqueriesseo
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Seotune Search Insights Safe to Use in 2026?

Generally Safe

Score 100/100

Seotune Search Insights has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The seotune-search-insights plugin v1.0.1 exhibits a generally strong security posture, with several excellent practices in place. Notably, 100% of SQL queries use prepared statements, all output is properly escaped, and there are no recorded vulnerabilities or critical taint flows. The absence of dangerous functions, file operations, and unsanitized paths further contributes to its robust security. The plugin also demonstrates good use of nonces and capability checks, indicating an awareness of common WordPress security pitfalls.

However, the plugin does present a notable concern regarding its REST API. Out of 34 REST API routes, one is identified as lacking permission callbacks. This means that this specific endpoint could potentially be accessed and manipulated by unauthenticated users, creating an attack vector. While the static analysis did not reveal any specific critical taint flows or dangerous functions stemming from this unprotected endpoint, it represents a direct and unprotected entry point into the plugin's functionality that could be exploited in conjunction with other weaknesses or by a determined attacker.

Overall, seotune-search-insights is a well-coded plugin from a security perspective, excelling in core security practices. The single unprotected REST API route is the primary area of concern and requires immediate attention to implement proper authentication and authorization checks. If this is addressed, the plugin's security profile would be significantly enhanced.

Key Concerns

  • REST API route without permission callback
Vulnerabilities
None known

Seotune Search Insights Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Seotune Search Insights Release Timeline

v1.0.1Current
v1.0.0
Code Analysis
Analyzed Apr 16, 2026

Seotune Search Insights Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
166 prepared
Unescaped Output
1
377 escaped
Nonce Checks
13
Capability Checks
9
File Operations
0
External Requests
1
Bundled Libraries
1

Bundled Libraries

Guzzle

SQL Query Safety

100% prepared166 total queries

Output Escaping

100% escaped378 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

2 flows
maybe_handle_admin_actions (includes/admin/class-admin.php:145)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

Seotune Search Insights Attack Surface

Entry Points34
Unprotected1

REST API Routes 34

GET/wp-json/serpiq/v1/alertsincludes/api/controllers/class-alerts-controller.php:20
GET/wp-json/serpiq/v1/cannibalizationincludes/api/controllers/class-cannibalization-controller.php:20
GET/wp-json/serpiq/v1/content-refreshincludes/api/controllers/class-content-refresh-controller.php:29
GET/wp-json/serpiq/v1/content-refresh/detailincludes/api/controllers/class-content-refresh-controller.php:51
GET/wp-json/serpiq/v1/dashboard/overviewincludes/api/controllers/class-dashboard-controller.php:23
GET/wp-json/serpiq/v1/decayincludes/api/controllers/class-decay-controller.php:43
GET/wp-json/serpiq/v1/internal-linkingincludes/api/controllers/class-internal-linking-controller.php:27
GET/wp-json/serpiq/v1/internal-linking/detailincludes/api/controllers/class-internal-linking-controller.php:48
POST/wp-json/serpiq/v1/oauth/connect-urlincludes/api/controllers/class-oauth-controller.php:27
POST/wp-json/serpiq/v1/oauth/disconnectincludes/api/controllers/class-oauth-controller.php:37
GET/wp-json/serpiq/v1/opportunities/listincludes/api/controllers/class-opportunities-controller.php:20
GET/wp-json/serpiq/v1/opportunities/high-impressions-low-ctrincludes/api/controllers/class-opportunities-controller.php:44
GET/wp-json/serpiq/v1/opportunities/position-8-20includes/api/controllers/class-opportunities-controller.php:64
POST/wp-json/serpiq/v1/opportunities/query-pagesincludes/api/controllers/class-opportunities-controller.php:83
POST/wp-json/serpiq/v1/page-edit-linksincludes/api/controllers/class-page-links-controller.php:23
GET/wp-json/serpiq/v1/pagesincludes/api/controllers/class-pages-controller.php:20
GET/wp-json/serpiq/v1/page-keywordsincludes/api/controllers/class-pages-controller.php:31
GET/wp-json/serpiq/v1/pages-with-changeincludes/api/controllers/class-pages-controller.php:51
GET/wp-json/serpiq/v1/queriesincludes/api/controllers/class-queries-controller.php:20
GET/wp-json/serpiq/v1/queries-with-pagesincludes/api/controllers/class-queries-controller.php:31
GET/wp-json/serpiq/v1/queries-with-changeincludes/api/controllers/class-queries-controller.php:42
GET/wp-json/serpiq/v1/question-queriesincludes/api/controllers/class-question-queries-controller.php:32
GET/wp-json/serpiq/v1/question-queries/termsincludes/api/controllers/class-question-queries-controller.php:51
GET/wp-json/serpiq/v1/reports/queries-csvincludes/api/controllers/class-reports-controller.php:29
GET/wp-json/serpiq/v1/reports/pages-csvincludes/api/controllers/class-reports-controller.php:40
GET/wp-json/serpiq/v1/reports/opportunities-high-imp-csvincludes/api/controllers/class-reports-controller.php:51
GET/wp-json/serpiq/v1/reports/opportunities-position-csvincludes/api/controllers/class-reports-controller.php:62
GET/wp-json/serpiq/v1/reports/alerts-csvincludes/api/controllers/class-reports-controller.php:73
GET/wp-json/serpiq/v1/reports/decay-csvincludes/api/controllers/class-reports-controller.php:84
GET/wp-json/serpiq/v1/reports/content-refresh-csvincludes/api/controllers/class-reports-controller.php:95
GET/wp-json/serpiq/v1/reports/internal-linking-csvincludes/api/controllers/class-reports-controller.php:106
GET/wp-json/serpiq/v1/statusincludes/api/controllers/class-status-controller.php:24
GET/wp-json/serpiq/v1/health-checkincludes/api/controllers/class-status-controller.php:34
POST/wp-json/serpiq/v1/sync/runincludes/api/controllers/class-sync-controller.php:22
WordPress Hooks 9
actionadmin_menuincludes/admin/class-admin.php:28
actionadmin_enqueue_scriptsincludes/admin/class-admin.php:29
actionrest_api_initincludes/api/class-rest.php:43
actioninitincludes/core/class-plugin.php:28
actionplugins_loadedincludes/core/class-plugin.php:29
actioninitincludes/cron/class-scheduler.php:29
actionserpiq_daily_syncincludes/cron/class-scheduler.php:30
actionserpiq_backfill_stepincludes/cron/class-scheduler.php:31
actionserpiq_internal_links_dailyincludes/cron/class-scheduler.php:32

Scheduled Events 7

serpiq_daily_sync
serpiq_internal_links_daily
serpiq_backfill_step
serpiq_backfill_step
serpiq_backfill_step
serpiq_backfill_step
serpiq_backfill_step
Maintenance & Trust

Seotune Search Insights Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 15, 2026
PHP min version8.0
Downloads90

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

Seotune Search Insights Alternatives

Mirolabs AI SEO

Mirolabs AI SEO

mirolabs-ai-seo

A
100

Powerful AI-first SEO suite with Google Search Console integration, keyword research, content optimization, and more.

0 No CVEs
Rankology SEO and Analytics Tool

Rankology SEO and Analytics Tool

rankology-seo-and-analytics-tool

A
99

Rankology SEO and Analytics Tool is a powerful, fast, and easy-to-use SEO plugin that helps WordPress sites rank higher in search engines.

300 1 CVE
Word Stats

Word Stats

word-stats

A
85

A suite of word counters, keyword counters and readability analysis for your blog.

200 No CVEs
Bruce Clay SEO WP

Bruce Clay SEO WP

bruce-clay-seo

A
85

Next-level SEO plugin! Get on-page guidance per keyword based on analysis of top competitors. See analytics in the WP dashboard.

10 No CVEs
Repivot

Repivot

repivot

A
100

Win back lost rankings. AI-powered content analysis to find gaps in quality, brand voice, and AI reach — right inside WordPress.

0 No CVEs
Developer Profile

Seotune Search Insights Developer Profile

SeoTune

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Seotune Search Insights

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/seotune-search-insights/includes/assets/css/admin.css/wp-content/plugins/seotune-search-insights/includes/assets/js/admin.js/wp-content/plugins/seotune-search-insights/includes/assets/js/vendor.js
Script Paths
/wp-content/plugins/seotune-search-insights/includes/assets/js/admin.js/wp-content/plugins/seotune-search-insights/includes/assets/js/vendor.js
Version Parameters
seotune-search-insights/includes/assets/css/admin.css?ver=seotune-search-insights/includes/assets/js/admin.js?ver=seotune-search-insights/includes/assets/js/vendor.js?ver=

HTML / DOM Fingerprints

CSS Classes
serpiq-app-rootserpiq-menu-icon
Data Attributes
data-serpiq-nonce
JS Globals
serpiq_admin_params
REST Endpoints
/wp-json/serpiq/v1/settings
FAQ

Frequently Asked Questions about Seotune Search Insights