Does Sequensy have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Sequensy compatible with WordPress 6.9.4?

According to WordPress.org data, Sequensy 2.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Sequensy compatible with PHP 8.0+?

Sequensy requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Sequensy updated?

Sequensy was last updated on Feb 25, 2026. Frequent updates are generally a positive security signal.

What is Sequensy's security score?

Sequensy has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Sequensy Security & Risk Analysis

wordpress.org/plugins/sequensy

Build visual workflows that automate WordPress tasks — connect triggers to actions with zero code.

0 active installs v2.0.0 PHP 8.0+ WP 6.4+ Updated Feb 25, 2026

actionsautomationintegrationstriggersworkflow

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Sequensy Safe to Use in 2026?

Generally Safe

Score 100/100

Sequensy has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The "sequensy" v2.0.0 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of critical findings in taint analysis, a complete lack of known CVEs, and the consistent use of prepared statements for all SQL queries are significant strengths. Furthermore, all output appears to be properly escaped, mitigating common cross-site scripting (XSS) vulnerabilities. The plugin also demonstrates good practice by avoiding bundled libraries and limiting external HTTP requests to a single instance.

However, the analysis does reveal a notable area for improvement: the complete absence of nonce checks across all entry points. While the attack surface is reported as zero unprotected entry points (AJAX, REST API, shortcodes), the lack of nonces significantly weakens the protection against potential cross-site request forgery (CSRF) attacks if any of these entry points were to become exposed or if the reported "unprotected" count is inaccurate. The presence of only two capability checks could also be a concern if these checks are not comprehensive enough to cover all sensitive operations.

Given the clean vulnerability history and excellent coding practices in other areas, the plugin is currently in a good state. The primary concern is the reliance on other mechanisms for CSRF protection, which is a fundamental security control that should ideally be implemented. The deduction for missing nonce checks reflects this, as it represents a potential, albeit not yet exploited, vulnerability.

Key Concerns

Missing nonce checks on all entry points

Vulnerabilities

None known

Sequensy Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Sequensy Release Timeline

v2.0.0Current

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

Sequensy Code Analysis

Dangerous Functions

Raw SQL Queries

71 prepared

Unescaped Output

198 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared71 total queries

Output Escaping

100% escaped198 total outputs

Attack Surface

Sequensy Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 15

actionsequensy_execute_actionincludes/src/Engine/ActionQueueProcessor.php:526

actionaction_scheduler_failed_executionincludes/src/Engine/ActionQueueProcessor.php:534

filteraction_scheduler_failure_periodincludes/src/Engine/ActionQueueProcessor.php:542

actionadmin_menuincludes/src/Providers/AdminServiceProvider.php:56

actionadmin_enqueue_scriptsincludes/src/Providers/AdminServiceProvider.php:57

actionsequensy_cleanupincludes/src/Providers/CoreServiceProvider.php:168

actionactivated_pluginincludes/src/Providers/IntegrationServiceProvider.php:55

actiondeactivated_pluginincludes/src/Providers/IntegrationServiceProvider.php:56

actionsequensy_before_execute_actionincludes/src/Providers/IntegrationServiceProvider.php:73

actionrest_api_initincludes/src/Providers/IntegrationServiceProvider.php:76

actionsequensy_register_triggersincludes/src/Providers/RegistryServiceProvider.php:72

actionsequensy_register_actionsincludes/src/Providers/RegistryServiceProvider.php:73

actionrest_api_initincludes/src/Providers/RestApiServiceProvider.php:119

actioninitincludes/src/Registry/AbstractRegistry.php:40

actionplugins_loadedsequensy.php:153

Scheduled Events 1

sequensy_cleanup

Maintenance & Trust

Sequensy Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 25, 2026

PHP min version8.0

Downloads211

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Sequensy Alternatives

Zapier for WordPress

zapier

Zapier saves you time on tedious tasks by moving info between WordPress and your other favorite apps, so you can focus on your most important work.

50K 2 CVEs

Zoho Flow – Integrate 100+ plugins with 1000+ business apps, no-code workflow automation

zoho-flow

Integrate your WordPress plugins with your business applications and automate workflows between them. A single platform for all your integrations.

5K 4 CVEs

theMarketer – Email marketing, Newsletters, Automation & Loyalty for Woocommerce

themarketer

Collect subscribers. Send newsletters. Create 1:1 personalised emails using dynamic blocks. Activate one of almost 30 predefined workflows.

700 1 CVE

GoPublish: Publish from Google Docs to Any Site

gopublish-publish-from-google-docs-to-any-site

100

Publish directly from Google Docs™ to any website with SEO meta titles, descriptions, images, and format intact. Stop copy-pasting today!

70 No CVEs

Hooksure

hooksure

100

Hooksure allows you to map SureForms, form submissions to webhooks dynamically within your WordPress admin dashboard without needing the pro plugin.

60 No CVEs

Developer Profile

Sequensy Developer Profile

Summix

2 plugins · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Sequensy

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/sequensy/assets/css/admin.css/wp-content/plugins/sequensy/assets/js/admin.js

Script Paths

/wp-content/plugins/sequensy/assets/js/admin.js

Version Parameters

sequensy/assets/css/admin.css?ver=sequensy/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

sequensy-admin-root

JS Globals

SequensyAdminsequensy_rest_api_params

REST Endpoints

/wp-json/sequensy/v1/settings/wp-json/sequensy/v1/workflows/wp-json/sequensy/v1/integrations/wp-json/sequensy/v1/activity

FAQ