WP-Safety

Slim SEO – A Fast & Automated SEO Plugin For WordPress Security & Risk Analysis

wordpress.org/plugins/slim-seo

A full-featured SEO plugin for WordPress that's lightweight, blazing fast with minimum configuration. No bloats and just works!

60K active installs v4.9.1 PHP 7.2+ WP 5.9+ Updated Mar 12, 2026
headerredirectionschemaseoxml-sitemap
98
A · Safe
CVEs total2
Unpatched0
Last CVEJun 12, 2025
Plugin page Download
Safety Verdict

Is Slim SEO – A Fast & Automated SEO Plugin For WordPress Safe to Use in 2026?

Generally Safe

Score 98/100

Slim SEO – A Fast & Automated SEO Plugin For WordPress has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Jun 12, 2025Updated 22d ago
Risk Assessment

Slim SEO v4.9.1 exhibits a mixed security posture. The plugin demonstrates good practices in output escaping and prepared statement usage for SQL queries, with a very low percentage of unescaped outputs and a significant portion of SQL queries using prepared statements. However, the presence of 5 AJAX handlers without authentication checks represents a notable concern, as these could potentially be exploited by unauthenticated users to perform unintended actions. The taint analysis shows a small number of flows with unsanitized paths, but importantly, none were categorized as critical or high severity, suggesting these might be lower-risk issues or have mitigating factors within the code. The vulnerability history indicates two past medium-severity vulnerabilities, one related to SQL injection and another to XSS. While there are currently no unpatched CVEs, the historical pattern of these common vulnerability types warrants continued vigilance.

Overall, the plugin has strengths in core areas like output sanitization and database interaction, but the direct exposure of AJAX endpoints without proper authorization is a significant weakness. The limited number of taint flows and absence of critical/high issues are positive, but the historical vulnerabilities remind us that input validation needs to remain a focus. A balance of these factors leads to a moderately concerning risk profile, primarily driven by the unprotected AJAX endpoints.

Key Concerns

  • Unprotected AJAX handlers
  • Unsanitized taint flows
  • Past SQL injection vulnerabilities
  • Past XSS vulnerabilities
Vulnerabilities
2

Slim SEO – A Fast & Automated SEO Plugin For WordPress Security Vulnerabilities

CVEs by Year

2 CVEs in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

CVE-2025-49854medium · 4.9Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Slim SEO <= 4.5.4 - Authenticated (Administrator+) SQL Injection

Jun 12, 2025 Patched in 4.5.5 (7d)
CVE-2025-4611medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Slim SEO <= 4.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via slim_seo_breadcrumbs Shortcode

May 20, 2025 Patched in 4.5.4 (1d)
Code Analysis
Analyzed Mar 17, 2026

Slim SEO – A Fast & Automated SEO Plugin For WordPress Code Analysis

Dangerous Functions
0
Raw SQL Queries
9
14 prepared
Unescaped Output
5
162 escaped
Nonce Checks
5
Capability Checks
8
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

61% prepared23 total queries

Output Escaping

97% escaped167 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
save (src\Settings\Settings.php:74)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
5 unprotected

Slim SEO – A Fast & Automated SEO Plugin For WordPress Attack Surface

Entry Points25
Unprotected5

AJAX Handlers 7

authwp_ajax_ss_prepare_migrationsrc\Migration\Migration.php:22
authwp_ajax_ss_reset_countersrc\Migration\Migration.php:23
authwp_ajax_ss_migrate_postssrc\Migration\Migration.php:24
authwp_ajax_ss_migrate_termssrc\Migration\Migration.php:25
authwp_ajax_ss_migrate_redirectssrc\Migration\Migration.php:26
authwp_ajax_ss_migrate_robotssrc\Migration\Migration.php:27
authwp_ajax_slim_seo_dismiss_notificationsrc\Notification.php:15

REST API Routes 17

GET/wp-json/slim-seometa-tags/aisrc\MetaTags\AI.php:13
GET/wp-json/slim-seo-redirectionrecords/totalsrc\Redirection\Api\Log404.php:22
GET/wp-json/slim-seo-redirectionrecords/listsrc\Redirection\Api\Log404.php:28
GET/wp-json/slim-seo-redirectionrecords/deletesrc\Redirection\Api\Log404.php:34
GET/wp-json/slim-seo-redirectionrecords/delete-allsrc\Redirection\Api\Log404.php:40
GET/wp-json/slim-seo-redirectionredirectssrc\Redirection\Api\Redirects.php:18
GET/wp-json/slim-seo-redirectionexistssrc\Redirection\Api\Redirects.php:24
GET/wp-json/slim-seo-redirectionupdate_redirectsrc\Redirection\Api\Redirects.php:30
GET/wp-json/slim-seo-redirectiondelete_redirectssrc\Redirection\Api\Redirects.php:36
GET/wp-json/slim-seo-redirectionpostssrc\Redirection\Api\Redirects.php:42
GET/wp-json/slim-seo-redirectionexportsrc\Redirection\ExportImport.php:18
GET/wp-json/slim-seo-redirectionimportsrc\Redirection\ExportImport.php:24
GET/wp-json/slim-seo-redirectionsamplesrc\Redirection\ExportImport.php:30
GET/wp-json/slim-seometa-tags/optionsrc\Settings\MetaTags\RestApi.php:13
GET/wp-json/slim-seometa-tags/variablessrc\Settings\MetaTags\RestApi.php:19
GET/wp-json/slim-seometa-tags/image_variablessrc\Settings\MetaTags\RestApi.php:25
GET/wp-json/slim-seometa-tags/meta_keyssrc\Settings\MetaTags\RestApi.php:31

Shortcodes 1

[slim_seo_breadcrumbs] src\Breadcrumbs.php:37
WordPress Hooks 167
actioninitslim-seo.php:47
actionactivated_pluginsrc\Activator.php:7
filterslim_seo_settings_tabssrc\Code.php:15
filterslim_seo_settings_panessrc\Code.php:16
actionwp_headsrc\Code.php:19
actionwp_body_opensrc\Code.php:20
actionwp_footersrc\Code.php:21
filterplugin_action_links_slim-seo/slim-seo.phpsrc\Core.php:6
filterplugin_row_metasrc\Core.php:7
filterplugins_api_resultsrc\FeaturedPlugins.php:6
filterthe_content_feedsrc\Feed.php:6
filterthe_excerpt_rsssrc\Feed.php:8
filterwp_get_attachment_image_attributessrc\ImagesAlt.php:11
filterwp_prepare_attachment_for_jssrc\ImagesAlt.php:14
actionadd_attachmentsrc\ImagesAlt.php:16
filterget_avatarsrc\ImagesAlt.php:19
filterslim_seo_variablessrc\Integrations\ACF\ACF.php:12
filterslim_seo_datasrc\Integrations\ACF\ACF.php:13
actiontemplate_redirectsrc\Integrations\AffiliateWP.php:10
filterslim_seo_post_contentsrc\Integrations\AffiliateWP.php:16
filterslim_seo_skipped_shortcodessrc\Integrations\AffiliateWP.php:19
actionamp_post_template_footersrc\Integrations\AMP.php:12
actionamp_post_template_headsrc\Integrations\AMP.php:14
actiontemplate_redirectsrc\Integrations\AutoListings.php:10
filterslim_seo_skipped_shortcodessrc\Integrations\AutoListings.php:14
filterfl_builder_disable_schemasrc\Integrations\BeaverBuilder.php:10
filterfl_theme_disable_schemasrc\Integrations\BeaverBuilder.php:11
filterslim_seo_post_typessrc\Integrations\BeaverBuilder.php:13
filterslim_seo_taxonomiessrc\Integrations\BeaverBuilder.php:14
filterslim_seo_skipped_shortcodessrc\Integrations\BeaverBuilder.php:15
filterslim_seo_allowed_blockssrc\Integrations\BeaverBuilder.php:17
filterslim_seo_post_contentsrc\Integrations\Breakdance.php:12
filterslim_seo_post_contentsrc\Integrations\Bricks.php:45
filterbricks/frontend/disable_opengraphsrc\Integrations\Bricks.php:47
filterbricks/frontend/disable_seosrc\Integrations\Bricks.php:48
filterslim_seo_post_typessrc\Integrations\Bricks.php:50
filterslim_seo_taxonomiessrc\Integrations\Bricks.php:51
filterthe_contentsrc\Integrations\Bricks.php:68
filterbricks/element/rendersrc\Integrations\Bricks.php:70
filterslim_seo_post_typessrc\Integrations\Divi.php:12
filterslim_seo_taxonomiessrc\Integrations\Divi.php:13
filterslim_seo_post_contentsrc\Integrations\Divi.php:14
filterslim_seo_allowed_blockssrc\Integrations\Divi.php:15
filterslim_seo_post_typessrc\Integrations\Elementor.php:10
filterslim_seo_no_post_contentsrc\Integrations\Elementor.php:13
filterslim_seo_skipped_shortcodessrc\Integrations\Forminator.php:6
filterslim_seo_allowed_blockssrc\Integrations\GenerateBlocks.php:10
filtergenesis_detect_seo_pluginssrc\Integrations\Genesis.php:6
filtergenesis_disable_microdatasrc\Integrations\Genesis.php:10
filterjetpack_disable_seo_toolssrc\Integrations\Jetpack.php:6
filterjetpack_enable_open_graphsrc\Integrations\Jetpack.php:7
filterjetpack_seo_meta_tags_enabledsrc\Integrations\Jetpack.php:8
filterjetpack_boost_should_defer_jssrc\Integrations\Jetpack.php:11
actionslim_seo_sitemap_before_outputsrc\Integrations\Jetpack.php:13
filterjetpack_photon_skip_imagesrc\Integrations\Jetpack.php:21
filterslim_seo_post_typessrc\Integrations\Kadence.php:16
filterslim_seo_skipped_shortcodessrc\Integrations\Kadence.php:17
filterslim_seo_allowed_blockssrc\Integrations\Kadence.php:18
actiontemplate_redirectsrc\Integrations\LifterLMS.php:10
filterslim_seo_post_contentsrc\Integrations\LifterLMS.php:15
filterslim_seo_skipped_shortcodessrc\Integrations\MetaBox\MetaBox.php:12
filterslim_seo_variablessrc\Integrations\MetaBox\MetaBox.php:13
filterslim_seo_datasrc\Integrations\MetaBox\MetaBox.php:14
filterslim_seo_post_typessrc\Integrations\MyListing.php:10
filterslim_seo_taxonomiessrc\Integrations\MyListing.php:11
filterslim_seo_post_contentsrc\Integrations\Oxygen.php:12
filterslim_seo_skipped_shortcodessrc\Integrations\Oxygen.php:13
filterslim_seo_post_typessrc\Integrations\Oxygen.php:14
filterslim_seo_sitemap_post_type_query_argssrc\Integrations\Polylang.php:17
filterslim_seo_sitemap_post_ignoresrc\Integrations\Polylang.php:18
actionslim_seo_settings_enqueuesrc\Integrations\Polylang.php:19
actionslim_seo_skipped_shortcodessrc\Integrations\SenseiLMS.php:10
filterslim_seo_skipped_shortcodessrc\Integrations\TheEventsCalendar.php:11
filterslim_seo_redirection_home_urlsrc\Integrations\TranslatePress.php:24
actiontemplate_redirectsrc\Integrations\UltimateMember.php:24
filterslim_seo_allowed_shortcodessrc\Integrations\VisualComposer.php:11
actioninitsrc\Integrations\WebStories.php:28
actionweb_stories_story_headsrc\Integrations\WebStories.php:30
actiontemplate_redirectsrc\Integrations\WooCommerce.php:21
filterslim_seo_variablessrc\Integrations\WooCommerce.php:22
filterslim_seo_datasrc\Integrations\WooCommerce.php:23
filterslim_seo_breadcrumbs_argssrc\Integrations\WooCommerce.php:25
filterslim_seo_allowed_shortcodessrc\Integrations\WooCommerce.php:26
filterslim_seo_no_post_contentsrc\Integrations\WooCommerce.php:28
filterslim_seo_sitemap_post_type_query_argssrc\Integrations\WooCommerce.php:30
filterslim_seo_meta_tags_post_termssrc\Integrations\WooCommerce.php:31
filterslim_seo_open_graph_tagssrc\Integrations\WooCommerce.php:139
actiontemplate_redirectsrc\Integrations\WPForo.php:18
filterwpml_tm_adjust_translation_fieldssrc\Integrations\WPML.php:27
actionparse_querysrc\Integrations\WPML.php:30
filterslim_seo_redirection_home_urlsrc\Integrations\WPML.php:33
filterslim_seo_post_typessrc\Integrations\ZionBuilder.php:12
filterslim_seo_post_contentsrc\Integrations\ZionBuilder.php:13
actionwp_enqueue_editorsrc\LinkAttributes.php:9
actionenqueue_block_editor_assetssrc\LinkAttributes.php:11
actionadmin_initsrc\MetaTags\AdminColumns\Base.php:26
actionadmin_enqueue_scriptssrc\MetaTags\AdminColumns\Base.php:34
actionquick_edit_custom_boxsrc\MetaTags\AdminColumns\Base.php:37
actionbulk_edit_custom_boxsrc\MetaTags\AdminColumns\Base.php:41
actionbulk_edit_postssrc\MetaTags\AdminColumns\Base.php:42
actionrest_api_initsrc\MetaTags\AI.php:9
actionslim_seo_headsrc\MetaTags\CanonicalUrl.php:11
actionslim_seo_headsrc\MetaTags\Description.php:24
filterpre_render_blocksrc\MetaTags\Helper.php:31
actionwp_headsrc\MetaTags\Hook.php:6
actionslim_seo_headsrc\MetaTags\LinkedIn.php:10
actionslim_seo_headsrc\MetaTags\OpenGraph.php:20
actionslim_seo_headsrc\MetaTags\RelLinks.php:10
filterwp_robotssrc\MetaTags\Robots.php:23
actiontemplate_redirectsrc\MetaTags\Robots.php:25
filterloginoutsrc\MetaTags\Robots.php:26
filterregistersrc\MetaTags\Robots.php:27
actionslim_seo_meta_box_enqueuesrc\MetaTags\Settings\Post.php:10
filterslim_seo_meta_box_tabssrc\MetaTags\Settings\Post.php:11
filterslim_seo_meta_box_panelssrc\MetaTags\Settings\Post.php:12
actionsave_postsrc\MetaTags\Settings\Post.php:13
actionrest_api_initsrc\MetaTags\Settings\Preview.php:17
actioninitsrc\MetaTags\Settings\Term.php:9
actionadmin_print_styles-term.phpsrc\MetaTags\Settings\Term.php:20
filterpre_get_document_titlesrc\MetaTags\Title.php:25
filterpost_type_archive_titlesrc\MetaTags\Title.php:27
actionslim_seo_headsrc\MetaTags\TwitterCards.php:14
filterseopress_primary_category_listsrc\Migration\Sources\SEOPress.php:53
actioncreated_categorysrc\NoCategoryBase.php:8
actiondelete_categorysrc\NoCategoryBase.php:9
actionedited_categorysrc\NoCategoryBase.php:10
actioninitsrc\NoCategoryBase.php:11
filtercategory_rewrite_rulessrc\NoCategoryBase.php:12
filterquery_varssrc\NoCategoryBase.php:13
filterrequestsrc\NoCategoryBase.php:14
filterterms_clausessrc\NoCategoryBase.php:71
actionadmin_noticessrc\Notification.php:12
actionadmin_enqueue_scriptssrc\Notification.php:14
actionrest_api_initsrc\Redirection\Api\Base.php:6
actionpost_updatedsrc\Redirection\Loader.php:24
actioninitsrc\Redirection\Loader.php:25
actionslim_seo_deactivatesrc\Redirection\Loader.php:27
actioninitsrc\Redirection\Post.php:16
actionslim_seo_meta_box_enqueuesrc\Redirection\Post.php:20
filterslim_seo_meta_box_tabssrc\Redirection\Post.php:21
filterslim_seo_meta_box_panelssrc\Redirection\Post.php:22
actionsave_postsrc\Redirection\Post.php:23
actionlogin_initsrc\Redirection\Redirection.php:12
actiontemplate_redirectsrc\Redirection\Redirection.php:13
actiontemplate_redirectsrc\Redirection\Redirection.php:14
actiontemplate_redirectsrc\Redirection\Redirection.php:15
filteruser_trailingslashitsrc\Redirection\Redirection.php:16
actiontemplate_redirectsrc\Redirection\Redirection404.php:10
actiontemplate_redirectsrc\Redirection\Redirection404.php:18
filterslim_seo_settings_tabssrc\Redirection\Settings.php:13
filterslim_seo_settings_panessrc\Redirection\Settings.php:14
actionadmin_print_styles-settings_page_slim-seosrc\Redirection\Settings.php:15
filterslim_seo_optionsrc\Redirection\Settings.php:16
actionrest_api_initsrc\RestApi.php:20
filterrobots_txtsrc\RobotsTxt\Loader.php:18
filterrobots_txtsrc\RobotsTxt\Loader.php:54
actionadmin_print_styles-settings_page_slim-seosrc\RobotsTxt\Settings.php:12
filterslim_seo_optionsrc\RobotsTxt\Settings.php:13
actionwp_footersrc\Schema\Manager.php:26
actionrest_api_initsrc\Settings\MetaTags\RestApi.php:9
actionadmin_print_styles-settings_page_slim-seosrc\Settings\Settings.php:38
filterslim_seo_settings_tabssrc\Settings\Settings.php:39
filterslim_seo_settings_panessrc\Settings\Settings.php:40
actionslim_seo_savesrc\Settings\Settings.php:42
actioninitsrc\Sitemaps\Manager.php:11
filterquery_varssrc\Sitemaps\Manager.php:12
actiontemplate_redirectsrc\Sitemaps\Manager.php:13
Maintenance & Trust

Slim SEO – A Fast & Automated SEO Plugin For WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 12, 2026
PHP min version7.2
Downloads1.8M

Community Trust

Rating96/100
Number of ratings132
Active installs60K
Alternatives

Slim SEO – A Fast & Automated SEO Plugin For WordPress Alternatives

Xagio SEO – AI Powered SEO

Xagio SEO – AI Powered SEO

xagio-seo

C
64

Xagio is the only WordPress SEO plugin built with AI to help you rank fast, rank higher, and optimize for SEO using advanced AI for insane SEO results &hellip;

10K 1 unpatched
Yoast SEO – Advanced SEO with real-time guidance and built-in AI

Yoast SEO – Advanced SEO with real-time guidance and built-in AI

wordpress-seo

A
89

Improve your SEO with real-time feedback, schema, and clear guidance. Upgrade for AI tools, Google Docs integration, and 24/7 support, no hidden fees.

10.0M 17 CVEs
All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic

all-in-one-seo-pack

B
82

AIOSEO is the most powerful WordPress SEO plugin. Improve SEO rankings and traffic with comprehensive SEO tools and smart AI SEO optimizations!

3.0M 26 CVEs
Rank Math SEO – AI SEO Tools to Dominate SEO Rankings

Rank Math SEO – AI SEO Tools to Dominate SEO Rankings

seo-by-rank-math

A
86

Rank Math SEO is the best WordPress SEO plugin with the features of many SEO and AI SEO tools in a single package to help multiply your SEO traffic.

3.0M 20 CVEs
SiteSEO – SEO Simplified

SiteSEO – SEO Simplified

siteseo

A
95

SiteSEO is an easy, fast and powerful SEO plugin for WordPress. Unlock your Website's potential and Maximize your online visibility with our SiteSEO!

500K 4 CVEs
Developer Profile

Slim SEO – A Fast & Automated SEO Plugin For WordPress Developer Profile

Anh Tran

17 plugins · 85K total installs

85
trust score
Avg Security Score
96/100
Avg Patch Time
76 days
View full developer profile
Detection Fingerprints

How We Detect Slim SEO – A Fast & Automated SEO Plugin For WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/slim-seo/css/link-attributes.css/wp-content/plugins/slim-seo/js/link-attributes/classic-editor.js/wp-content/plugins/slim-seo/js/build/link-attributes.js
Script Paths
/wp-content/plugins/slim-seo/js/link-attributes/classic-editor.js/wp-content/plugins/slim-seo/js/build/link-attributes.js
Version Parameters
slim-seo/css/link-attributes.css?ver=slim-seo/js/link-attributes/classic-editor.js?ver=slim-seo/js/build/link-attributes.js?ver=

HTML / DOM Fingerprints

CSS Classes
ss-tooltipss-toggless-toggle__switchfeatureBoxfeatureBox_bodyfeatureBox_titlefeatureBox_descriptionss-manual-content
Data Attributes
data-tippy-contentdata-tippy-content=
JS Globals
tippySSLinkAttributesssLinkL10n
FAQ

Frequently Asked Questions about Slim SEO – A Fast & Automated SEO Plugin For WordPress