Does SPAI – Similar posts AI Plugin have any unpatched vulnerabilities?

No. All known vulnerabilities in SPAI – Similar posts AI Plugin have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is SPAI – Similar posts AI Plugin compatible with WordPress 6.8.5?

According to WordPress.org data, SPAI – Similar posts AI Plugin 1.8.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is SPAI – Similar posts AI Plugin compatible with PHP 7.4+?

SPAI – Similar posts AI Plugin requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is SPAI – Similar posts AI Plugin updated?

SPAI – Similar posts AI Plugin was last updated on Apr 20, 2025. Frequent updates are generally a positive security signal.

What is SPAI – Similar posts AI Plugin's security score?

SPAI – Similar posts AI Plugin has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

SPAI – Similar posts AI Plugin Security & Risk Analysis

wordpress.org/plugins/similar-posts-ai-spai

Creates an AI-based recommended articles widget. The fastest plugin, since all calculations take place on the developer's servers.

10 active installs v1.8.1 PHP 7.4+ WP 5.0+ Updated Apr 20, 2025

related-postsseosimilar-postsspaiyarpp

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is SPAI – Similar posts AI Plugin Safe to Use in 2026?

Generally Safe

Score 100/100

SPAI – Similar posts AI Plugin has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

The security posture of the "similar-posts-ai-spai" v1.8.1 plugin presents significant concerns, primarily due to its unprotected attack surface. With all 6 AJAX handlers lacking any authentication or capability checks, there's a high risk of unauthenticated users triggering potentially sensitive operations. The taint analysis, while limited in scope with only 2 flows, identified 2 flows with unsanitized paths, indicating a potential for vulnerabilities if these paths were to be exploited through the unprotected AJAX endpoints. The plugin demonstrates some good practices, such as a high percentage of SQL queries using prepared statements and a high rate of properly escaped output, which mitigates some risks. However, the absence of any nonce checks on AJAX handlers is a critical oversight. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive sign suggesting a generally well-maintained codebase. Despite the lack of past vulnerabilities and good practices in SQL and output handling, the substantial unprotected attack surface and the presence of unsanitized paths in taint flows create a considerable risk that outweighs these strengths.

Key Concerns

AJAX handlers without authentication
Flows with unsanitized paths
Missing nonce checks on AJAX
Capability checks missing on AJAX

Vulnerabilities

None known

SPAI – Similar posts AI Plugin Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

SPAI – Similar posts AI Plugin Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

148 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

43% prepared7 total queries

Output Escaping

90% escaped164 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

spai_get_related_posts (public\class-spai-public.php:169)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

6 unprotected

SPAI – Similar posts AI Plugin Attack Surface

Entry Points6

Unprotected6

AJAX Handlers 6

authwp_ajax_spai_save_related_post_clickincludes\class-spai.php:183

noprivwp_ajax_spai_save_related_post_clickincludes\class-spai.php:184

authwp_ajax_spai_get_related_postsincludes\class-spai.php:186

noprivwp_ajax_spai_get_related_postsincludes\class-spai.php:187

authwp_ajax_spai_send_imp_is_loadedincludes\class-spai.php:188

noprivwp_ajax_spai_send_imp_is_loadedincludes\class-spai.php:189

WordPress Hooks 14

actionplugins_loadedincludes\class-spai.php:127

actionadmin_enqueue_scriptsincludes\class-spai.php:142

actionadmin_enqueue_scriptsincludes\class-spai.php:143

actionadmin_initincludes\class-spai.php:147

actionadmin_menuincludes\class-spai.php:150

actionsave_postincludes\class-spai.php:157

filterwp_resource_hintsincludes\class-spai.php:160

actionwp_enqueue_scriptsincludes\class-spai.php:177

actionwp_enqueue_scriptsincludes\class-spai.php:178

actionthe_contentincludes\class-spai.php:180

actionwidgets_initincludes\class-spai.php:181

actionwp_footerincludes\class-spai.php:182

actionwp_headincludes\class-spai.php:185

filterwp_resource_hintsincludes\class-spai.php:191

Maintenance & Trust

SPAI – Similar posts AI Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 20, 2025

PHP min version7.4

Downloads3K

Community Trust

Rating60/100

Number of ratings2

Active installs10

Alternatives

SPAI – Similar posts AI Plugin Alternatives

Inline Related Posts

intelly-related-posts

Inline Related Posts AUTOMATICALLY inserts related posts INSIDE your content, capturing immediately the reader's attention.

100K 7 CVEs

YARPP – Yet Another Related Posts Plugin

yet-another-related-posts-plugin

The best WordPress plugin for displaying related posts. Simple and flexible, with a powerful proven algorithm and inbuilt caching.

100K 8 CVEs

Contextual Related Posts

contextual-related-posts

Keep visitors on your site longer with intelligent, fast-loading, contextually related posts. Block, shortcode, custom post type and widget ready.

60K 7 CVEs

Awesome Related Posts – Display Contextual Similar Posts

awesome-related-posts

100

Displays related posts based on categories, tags, and custom taxonomies with customizable layouts.

0 No CVEs

Developer Profile

SPAI – Similar posts AI Plugin Developer Profile

SPAIgroup

1 plugin · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect SPAI – Similar posts AI Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/similar-posts-ai-spai/public/css/spai-short_codes.css/wp-content/plugins/similar-posts-ai-spai/admin/css/spai-admin.css/wp-content/plugins/similar-posts-ai-spai/admin/libs/spectrum/spectrum.min.css/wp-content/plugins/similar-posts-ai-spai/public/css/spai-public.css/wp-content/plugins/similar-posts-ai-spai/admin/js/spai-admin.js/wp-content/plugins/similar-posts-ai-spai/admin/js/spai-admin-preview.js

Script Paths

/wp-content/plugins/similar-posts-ai-spai/admin/js/spai-admin.js/wp-content/plugins/similar-posts-ai-spai/admin/js/spai-admin-preview.js

Version Parameters

similar-posts-ai-spai/public/css/spai-short_codes.css?ver=similar-posts-ai-spai/admin/css/spai-admin.css?ver=similar-posts-ai-spai/admin/libs/spectrum/spectrum.min.css?ver=similar-posts-ai-spai/public/css/spai-public.css?ver=similar-posts-ai-spai/admin/js/spai-admin.js?ver=similar-posts-ai-spai/admin/js/spai-admin-preview.js?ver=

HTML / DOM Fingerprints

HTML Comments

<!--
     This file is part of the SPAI plugin.
-->

JS Globals

window.SPAI_VERSIONwindow.spai_admin_datawindow.spai_optionswindow.spai_admin_settings

FAQ