WP-Safety

Smart SEO Tool – SEO优化插件 Security & Risk Analysis

wordpress.org/plugins/smart-seo-tool

Smart SEO Tool是一款专门针对WordPress开发的智能SEO优化插件,与众多WordPress的SEO插件不一样的是,Smart SEO Tool更加简单易用,帮助站长快速完成WordPress博客/网站的SEO基础优化。

5K active installs v4.1.2 PHP 7.0.0+ WP 6.0+ Updated Jun 29, 2025
baidudescriptionkeywordseotitle
99
A · Safe
CVEs total2
Unpatched0
Last CVEAug 16, 2023
Plugin page Download
Safety Verdict

Is Smart SEO Tool – SEO优化插件 Safe to Use in 2026?

Generally Safe

Score 99/100

Smart SEO Tool – SEO优化插件 has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Aug 16, 2023Updated 9mo ago
Risk Assessment

The "smart-seo-tool" plugin v4.1.2 exhibits a generally good security posture with several positive indicators. The absence of unprotected entry points, a low number of AJAX handlers without authentication checks, and a relatively high percentage of prepared SQL statements suggest a developer mindful of common security pitfalls. Furthermore, the majority of output is properly escaped, and there is a notable presence of capability checks, which are crucial for access control.

However, some concerns warrant attention. The static analysis revealed two flows with unsanitized paths, which could potentially be exploited if an attacker can control the path input. While no critical or high severity taint flows were found, even medium severity issues in unsanitized paths can be problematic. The plugin's history shows two medium severity vulnerabilities, specifically Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS), indicating past weaknesses in input validation and output encoding. The most recent vulnerability was in August 2023, suggesting a potential for recurring issues if past patterns are not addressed.

In conclusion, while the plugin has strengths like a controlled attack surface and good SQL practices, the presence of unsanitized paths and a history of CSRF and XSS vulnerabilities necessitate caution. Developers should prioritize addressing the identified unsanitized path flows and ensure that historical vulnerability types are thoroughly mitigated in future updates. The current version has no unpatched CVEs, which is a positive sign, but ongoing vigilance is recommended.

Key Concerns

  • Flows with unsanitized paths found
  • Past medium severity vulnerabilities (2 total)
Vulnerabilities
2

Smart SEO Tool – SEO优化插件 Security Vulnerabilities

CVEs by Year

1 CVE in 2021
2021
1 CVE in 2023
2023
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

WF-078d06ad-555b-4de4-a032-d81440c7dfb5-smart-seo-toolmedium · 5.4Cross-Site Request Forgery (CSRF)

Smart SEO Tool-WordPress SEO优化插件 <= 4.0.1 - Cross-Site Request Forgery via 'wp_ajax_wb_smart_seo_tool'

Aug 16, 2023 Patched in 4.0.2 (160d)
CVE-2021-24976medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Smart SEO Tool <= 3.0.5 - Reflected Cross-Site Scripting

Dec 22, 2021 Patched in 3.0.6 (762d)
Code Analysis
Analyzed Mar 16, 2026

Smart SEO Tool – SEO优化插件 Code Analysis

Dangerous Functions
0
Raw SQL Queries
18
57 prepared
Unescaped Output
14
65 escaped
Nonce Checks
1
Capability Checks
14
File Operations
5
External Requests
9
Bundled Libraries
0

SQL Query Safety

76% prepared75 total queries

Output Escaping

82% escaped79 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths
init (classes\url.class.php:15)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Smart SEO Tool – SEO优化插件 Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

authwp_ajax_wb_smart_seo_toolclasses\ajax.class.php:13
authwp_ajax_wb_smart_seo_toolclasses\ajax.class.php:14
WordPress Hooks 65
actionplugins_loadedclasses\admin.class.php:369
filterall_pluginsclasses\admin.class.php:374
filterplugin_action_linksclasses\admin.class.php:391
actionadmin_menuclasses\admin.class.php:393
actionadmin_initclasses\admin.class.php:395
actionadmin_enqueue_scriptsclasses\admin.class.php:397
filterplugin_row_metaclasses\admin.class.php:399
actionupdated_optionclasses\admin.class.php:401
actionadmin_noticesclasses\admin.class.php:403
actionwp_headclasses\admin.class.php:416
actiontemplate_redirectclasses\common.class.php:27
filterwp_robotsclasses\common.class.php:28
actionwp_headclasses\common.class.php:31
filterrobots_txtclasses\common.class.php:40
filterdocument_title_separatorclasses\common.class.php:45
actionwb_smart_seo_tool_cronclasses\common.class.php:52
filterwb_seo_infoclasses\common.class.php:59
filterdocument_title_partsclasses\common.class.php:612
filterwp_titleclasses\common.class.php:614
actionwp_headclasses\common.class.php:621
actionwp_headclasses\common.class.php:623
actionwp_headclasses\common.class.php:628
filterthe_contentclasses\images.class.php:27
filterpost_thumbnail_htmlclasses\images.class.php:30
actionadd_meta_boxesclasses\postedit.class.php:19
actionsave_postclasses\postedit.class.php:20
actionadmin_head-post.phpclasses\postedit.class.php:21
actionadmin_head-post-new.phpclasses\postedit.class.php:22
actionedit_postclasses\postedit.class.php:25
filterthe_contentclasses\rewrite.class.php:29
actionparse_queryclasses\rewrite.class.php:31
actionwb_sst_option_updateclasses\rewrite.class.php:32
filterrewrite_rules_arrayclasses\rewrite.class.php:86
filterpost_tag_rewrite_rulesclasses\rewrite.class.php:87
filterrewrite_rules_arrayclasses\rewrite.class.php:95
filterpost_tag_rewrite_rulesclasses\rewrite.class.php:96
filtercategory_rewrite_rulesclasses\rewrite.class.php:100
filtercategory_rewrite_rulesclasses\rewrite.class.php:107
filterrewrite_rules_arrayclasses\rewrite.class.php:113
filterrewrite_rules_arrayclasses\rewrite.class.php:120
filterrewrite_rules_arrayclasses\rewrite.class.php:147
filterquery_varsclasses\rewrite.class.php:148
actionparse_requestclasses\rewrite.class.php:149
filterrewrite_rules_arrayclasses\rewrite.class.php:308
filterpost_tag_rewrite_rulesclasses\rewrite.class.php:309
filterterm_linkclasses\rewrite.class.php:310
actionquery_varsclasses\rewrite.class.php:312
actioncreated_categoryclasses\rewrite.class.php:370
actiondelete_categoryclasses\rewrite.class.php:371
actionedited_categoryclasses\rewrite.class.php:372
actioninitclasses\rewrite.class.php:374
filtercategory_rewrite_rulesclasses\rewrite.class.php:377
filterquery_varsclasses\rewrite.class.php:380
actionparse_requestclasses\rewrite.class.php:382
actionwb_sst_option_updateclasses\sitemap.class.php:93
filterrewrite_rules_arrayclasses\sitemap.class.php:122
filterrewrite_rules_arrayclasses\sitemap.class.php:135
filterquery_varsclasses\sitemap.class.php:136
actionparse_requestclasses\sitemap.class.php:137
actionwb_sst_pingclasses\sitemap.class.php:156
actionwb_sst_ping_dailyclasses\sitemap.class.php:159
actiontransition_post_statusclasses\sitemap.class.php:161
filterrobots_txtclasses\sitemap.class.php:171
filterwp_sitemaps_enabledclasses\sitemap.class.php:174
actioninitclasses\url.class.php:19

Scheduled Events 3

wb_smart_seo_tool_cron
wb_sst_ping_daily
wb_sst_ping
Maintenance & Trust

Smart SEO Tool – SEO优化插件 Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJun 29, 2025
PHP min version7.0.0
Downloads118K

Community Trust

Rating76/100
Number of ratings4
Active installs5K
Alternatives

Smart SEO Tool – SEO优化插件 Alternatives

Simple SEO

Simple SEO

cds-simple-seo

A
91

Allows the modification of META titles, descriptions and keywords for all pages and posts. Also allows for default setting for of META title, descript &hellip;

10K 6 CVEs
Simple SEO by falbar

Simple SEO by falbar

simple-seo-by-falbar

A
85

This plugin extends the standard SEO WordPress features.

200 No CVEs
Simple SEO Optimizer

Simple SEO Optimizer

simple-seo-optimizer

A
92

Optimize your site's SEO by adding custom meta titles, descriptions, and keywords to posts and pages with this lightweight WordPress plugin.

40 No CVEs
WP Simple SEO Meta

WP Simple SEO Meta

wp-simple-seo-meta

A
85

Add page title, meta description, keywords and robots to all post types and taxonomies.

30 No CVEs
Bulk Interlinking Tool

Bulk Interlinking Tool

bulk-interlinking-tool

A
92

Effortlessly convert keywords to hyperlinks with Bulk Interlinking Tool for WordPress, plus optimize titles and meta descriptions for better SEO.

20 No CVEs
Developer Profile

Smart SEO Tool – SEO优化插件 Developer Profile

wbolt.com

11 plugins · 17K total installs

76
trust score
Avg Security Score
95/100
Avg Patch Time
202 days
View full developer profile
Detection Fingerprints

How We Detect Smart SEO Tool – SEO优化插件

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/smart-seo-tool/assets/css/admin.css/wp-content/plugins/smart-seo-tool/assets/css/backend.css/wp-content/plugins/smart-seo-tool/assets/js/admin.js/wp-content/plugins/smart-seo-tool/assets/js/backend.js/wp-content/plugins/smart-seo-tool/assets/js/backend.min.js
Generator Patterns
Smart SEO Tool v4.1.2
Script Paths
/wp-content/plugins/smart-seo-tool/assets/js/admin.js/wp-content/plugins/smart-seo-tool/assets/js/backend.js/wp-content/plugins/smart-seo-tool/assets/js/backend.min.js
Version Parameters
smart-seo-tool/assets/css/admin.css?ver=smart-seo-tool/assets/css/backend.css?ver=smart-seo-tool/assets/js/admin.js?ver=smart-seo-tool/assets/js/backend.js?ver=smart-seo-tool/assets/js/backend.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
sseot_pack
HTML Comments
Author: wbolt teamAuthor URI: https://www.wbolt.com/
Data Attributes
data-id="tdk"data-path="/tdk"data-id="img_seo"data-path="/image"data-id="url_seo"data-path="/url-rewrite"+11 more
JS Globals
Smart_SEO_Tool_AdminSmart_SEO_Tool_BaseWB_SST_TD
FAQ

Frequently Asked Questions about Smart SEO Tool – SEO优化插件