Does Smart Docs have any unpatched vulnerabilities?

Yes — Smart Docs currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Smart Docs compatible with WordPress 6.9.4?

According to WordPress.org data, Smart Docs 1.1.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Smart Docs compatible with PHP 7.4+?

Smart Docs requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Smart Docs updated?

Smart Docs was last updated on Dec 4, 2025. Frequent updates are generally a positive security signal.

What is Smart Docs's security score?

Smart Docs has a WP-Safety security score of 77/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Smart Docs Security & Risk Analysis

wordpress.org/plugins/smart-docs

Knowledge Base & Documentation Plugin for WordPress.

70 active installs v1.1.3 PHP 7.4+ WP 5.0+ Updated Dec 4, 2025

docsdocumentationdocumentsknowledge-basewiki

B · Generally Safe

CVEs total2

Unpatched1

Last CVEOct 2, 2025

Plugin page Download

Safety Verdict

Is Smart Docs Safe to Use in 2026?

Mostly Safe

Score 77/100

Smart Docs is generally safe to use. 2 past CVEs were resolved. Keep it updated.

2 known CVEs 1 unpatched Last CVE: Oct 2, 2025Updated 4mo ago

Risk Assessment

The "smart-docs" plugin v1.1.3 exhibits a mixed security posture. While it demonstrates good practices like using prepared statements for all SQL queries and a high percentage of properly escaped outputs, there are significant areas of concern. The presence of one AJAX handler without authentication checks presents a direct entry point for potential exploitation, which is a critical oversight. The plugin has a history of two known CVEs, with one still unpatched. Both historical vulnerabilities were of medium severity and related to Cross-Site Scripting (XSS), indicating a recurring pattern of input sanitization issues. The lack of taint analysis results is also notable, as it suggests either the analysis tool did not find any flows, or the plugin's structure did not lend itself to this type of analysis, leaving potential risks undiscovered. Overall, the plugin has strengths in its database interaction and output handling, but the unauthenticated AJAX endpoint and the recurring XSS vulnerabilities in its history are substantial risks that require immediate attention.

Key Concerns

AJAX handler without authentication checks
1 currently unpatched medium severity CVE
Recurring Cross-Site Scripting vulnerabilities
Low percentage of capability checks (1/8 entry points)

Vulnerabilities

Smart Docs Security Vulnerabilities

CVEs by Year

2 CVEs in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2025-9333medium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Smart Docs <= 1.1.1 - Authenticated (Admin+) Stored Cross-Site Scripting

Oct 2, 2025Unpatched

CVE-2025-6787medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Smart Docs <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Jul 3, 2025 Patched in 1.1.1 (7d)

Code Analysis

Analyzed Mar 16, 2026

Smart Docs Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

218 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

80% escaped271 total outputs

Attack Surface

1 unprotected

Smart Docs Attack Surface

Entry Points8

Unprotected1

AJAX Handlers 6

authwp_ajax_smartdocs_on_settings_saveclasses\ajax.php:24

authwp_ajax_smartdocs_term_orderingclasses\ajax.php:27

authwp_ajax_smartdocs_search_resultsclasses\ajax.php:30

noprivwp_ajax_smartdocs_search_resultsclasses\ajax.php:31

authwp_ajax_smartdocs_doc_feedbackclasses\ajax.php:34

noprivwp_ajax_smartdocs_doc_feedbackclasses\ajax.php:35

Shortcodes 2

[smartdocs_search] includes\shortcode.php:68

[smartdocs_categories] includes\shortcode.php:154

WordPress Hooks 63

actioninitclasses\admin-settings.php:26

actionadmin_menuclasses\admin-settings.php:29

actionadmin_bar_menuclasses\admin-settings.php:32

actionadmin_enqueue_scriptsclasses\admin-settings.php:35

actionin_admin_headerclasses\admin-settings.php:39

actionblock_categoriesclasses\blocks.php:33

actioninitclasses\blocks.php:34

actiontemplate_redirectclasses\content.php:41

actioninitclasses\cpt.php:43

actionadmin_headclasses\cpt.php:44

actionadmin_print_scriptsclasses\cpt.php:45

filterrewrite_rules_arrayclasses\cpt.php:47

filterpost_type_linkclasses\cpt.php:48

actionpre_get_postsclasses\cpt.php:56

actionget_terms_defaultsclasses\cpt.php:58

actionpre_get_termsclasses\cpt.php:59

actionterms_clausesclasses\cpt.php:60

actionedit_termclasses\cpt.php:390

actioncreate_termclasses\cpt.php:391

actioncustomize_registerclasses\customizer.php:38

actioncustomize_controls_enqueue_scriptsclasses\customizer.php:39

actioncustomize_preview_initclasses\customizer.php:40

actioncustomize_controls_print_stylesclasses\customizer.php:41

actiontemplate_redirectclasses\customizer.php:42

actionsmartdocs_single_doc_footerclasses\customizer.php:334

actionsmartdocs_after_single_doc_titleclasses\customizer.php:341

actioninitclasses\plugin.php:224

actionadmin_initclasses\plugin.php:226

actionwp_headclasses\plugin.php:228

actionwp_enqueue_scriptsclasses\plugin.php:290

actionsmartdocs_breadcrumbclasses\structured-data.php:35

actionwp_footerclasses\structured-data.php:37

filtertemplate_includeclasses\template.php:75

filterget_the_generator_htmlclasses\template.php:78

filterget_the_generator_xhtmlclasses\template.php:79

filterbody_classclasses\template.php:82

actionwidgets_initclasses\widget.php:23

actionsmartdocs_before_main_contentincludes\template-hooks.php:20

actionsmartdocs_before_main_contentincludes\template-hooks.php:28

actionsmartdocs_after_main_contentincludes\template-hooks.php:29

actionsmartdocs_header_contentincludes\template-hooks.php:37

actionsmartdocs_header_contentincludes\template-hooks.php:38

actionsmartdocs_archive_contentincludes\template-hooks.php:45

actionsmartdocs_before_archive_contentincludes\template-hooks.php:53

actionsmartdocs_after_archive_contentincludes\template-hooks.php:54

actionsmartdocs_before_single_docincludes\template-hooks.php:62

actionsmartdocs_after_single_docincludes\template-hooks.php:63

actionsmartdocs_before_single_doc_contentincludes\template-hooks.php:70

actionsmartdocs_after_single_doc_titleincludes\template-hooks.php:77

actionsmartdocs_before_single_doc_contentincludes\template-hooks.php:84

actionsmartdocs_single_doc_contentincludes\template-hooks.php:91

actionsmartdocs_after_single_doc_contentincludes\template-hooks.php:98

actionsmartdocs_single_doc_footerincludes\template-hooks.php:105

actionsmartdocs_after_single_docincludes\template-hooks.php:112

actionsmartdocs_after_single_docincludes\template-hooks.php:119

actionsmartdocs_after_single_docincludes\template-hooks.php:126

actionsmartdocs_after_single_docincludes\template-hooks.php:133

actionsmartdocs_primary_content_areaincludes\template-hooks.php:140

actionsmartdocs_primary_content_areaincludes\template-hooks.php:147

actionsmartdocs_sidebarincludes\template-hooks.php:154

actionplugins_loadedsmart-docs.php:25

actionadmin_noticessmart-docs.php:36

actionadmin_noticessmart-docs.php:44

Maintenance & Trust

Smart Docs Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 4, 2025

PHP min version7.4

Downloads4K

Community Trust

Rating100/100

Number of ratings3

Active installs70

Alternatives

Smart Docs Alternatives

Knowledge Base documentation & wiki plugin – BasePress Docs

basepress

Easily create & manage documentation. Reduce support tickets & scale your customer support workload. This simple plugin works with any theme.

2K 4 CVEs

weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot

wedocs

Build AI-powered documentation hub with knowledge base, docs, wiki tools and chatbot support with weDocs, built by weDevs with 13 years of innovation.

4K 5 CVEs

WPHelpKit

wphelpkit

Create a fully featured Help Center site (Knowledge Base, Documentation, Wiki, FAQs) with WordPress.

0 No CVEs

BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor

betterdocs

A full-featured documentation plugin including AI writing assistance to create knowledge bases, docs, FAQs, wikis, and more with easy drag & drop UI.

40K 7 CVEs

BuddyPress Docs

buddypress-docs

Adds collaborative Docs to BuddyPress.

7K 3 CVEs

Developer Profile

Smart Docs Developer Profile

Achal Jain

8 plugins · 4K total installs

trust score

Avg Security Score

84/100

Avg Patch Time

442 days

View full developer profile

Detection Fingerprints

How We Detect Smart Docs

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/smart-docs/assets/css/backend/smart-docs-admin-settings.css/wp-content/plugins/smart-docs/assets/css/backend/smart-docs-admin-settings.min.css/wp-content/plugins/smart-docs/assets/js/backend/smart-docs-admin-settings.js/wp-content/plugins/smart-docs/assets/js/backend/smart-docs-admin-settings.min.js

Script Paths

/wp-content/plugins/smart-docs/assets/js/backend/smart-docs-admin-settings.js/wp-content/plugins/smart-docs/assets/js/backend/smart-docs-admin-settings.min.js

Version Parameters

smart-docs/assets/css/backend/smart-docs-admin-settings.css?ver=smart-docs/assets/css/backend/smart-docs-admin-settings.min.css?ver=smart-docs/assets/js/backend/smart-docs-admin-settings.js?ver=smart-docs/assets/js/backend/smart-docs-admin-settings.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

smartdocs-setting-root

JS Globals

smartDocsSettings

REST Endpoints

/wp-json/smartdocs/v1/settings

FAQ