WP-Safety

Spawnster: AI Blog Writer and Instant Site Generator for Publishing Articles on a Schedule Security & Risk Analysis

wordpress.org/plugins/spawnster-ai-content-generator

The Best AI Blog Writer for Automatically Generating SEO-Friendly Blog Articles on a Schedule

300 active installs v1.1.6 PHP 7.0+ WP 5.0+ Updated Nov 18, 2025
aiai-content-generationai-seoai-writerwebsite-builder
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Spawnster: AI Blog Writer and Instant Site Generator for Publishing Articles on a Schedule Safe to Use in 2026?

Generally Safe

Score 100/100

Spawnster: AI Blog Writer and Instant Site Generator for Publishing Articles on a Schedule has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The "spawnster-ai-content-generator" plugin, version 1.1.6, exhibits a mixed security posture. While it demonstrates good practices in several areas, such as using prepared statements for all SQL queries and a high rate of output escaping, significant concerns exist regarding its attack surface. A notable number of AJAX handlers (20 out of 36) are not protected by authentication checks, creating a considerable entry point for potential attackers. The presence of dangerous functions like 'unserialize' and 'shell_exec' also raises red flags, as these can be leveraged in various attack vectors if not handled with extreme care and proper sanitization, although no critical or high-severity taint flows were identified in the static analysis. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive indicator of past development and maintenance. However, the clean history, combined with the identified unprotected entry points and dangerous functions, suggests that the plugin might not have been subjected to rigorous security testing for these specific weaknesses. In conclusion, while the plugin has strengths in its SQL handling and output escaping, the large number of unprotected AJAX endpoints and the presence of dangerous functions warrant careful consideration and potential remediation to improve its overall security.

Key Concerns

  • AJAX handlers without authentication checks
  • Presence of dangerous functions (unserialize, shell_exec)
  • Low capability check count compared to entry points
Vulnerabilities
None known

Spawnster: AI Blog Writer and Instant Site Generator for Publishing Articles on a Schedule Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Spawnster: AI Blog Writer and Instant Site Generator for Publishing Articles on a Schedule Code Analysis

Dangerous Functions
7
Raw SQL Queries
0
9 prepared
Unescaped Output
4
208 escaped
Nonce Checks
19
Capability Checks
1
File Operations
0
External Requests
3
Bundled Libraries
0

Dangerous Functions Found

unserialize$current = unserialize(get_option(Constants::SPAWNSTER_GENERATED_CONTENT_KEY . $ids[1]));admin\class-spawnster-admin.php:529
unserialize$requests = unserialize(get_option(Constants::SPAWNSTER_PAGE_NAME_REQUEST));src\BaseController.php:184
unserialize$context = unserialize(get_option(\RistrettoApps\Spawnster\Base\Constants::SPAWNSTER_GENERATED_CONTEsrc\resources\views\admin\check-generated-content.php:45
unserialize$menu = unserialize(get_option(Constants::SPAWNSTER_PAGE_NAME_REQUEST));src\Services\AjaxHandler.php:11
shell_exec$output = shell_exec( 'which wget 2>/dev/null' );src\Services\GoogleSearchService.php:164
unserialize$pages = unserialize(get_option(Constants::SPAWNSTER_PAGE_NAME_REQUEST));src\Services\PublishPages.php:11
unserialize$content = implode("\n", unserialize(get_option(Constants::SPAWNSTER_GENERATED_CONTENT_KEY . $key)))src\Services\PublishPages.php:15

SQL Query Safety

100% prepared9 total queries

Output Escaping

98% escaped212 total outputs
Data Flows
All sanitized

Data Flow Analysis

8 flows
ajax_enhance_content (admin\class-spawnster-admin.php:490)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
20 unprotected

Spawnster: AI Blog Writer and Instant Site Generator for Publishing Articles on a Schedule Attack Surface

Entry Points36
Unprotected20

AJAX Handlers 36

noprivwp_ajax_generate_contentadmin\class-spawnster-admin.php:78
authwp_ajax_generate_contentadmin\class-spawnster-admin.php:79
noprivwp_ajax_generate_descriptionadmin\class-spawnster-admin.php:80
authwp_ajax_generate_descriptionadmin\class-spawnster-admin.php:81
noprivwp_ajax_view_contentadmin\class-spawnster-admin.php:82
authwp_ajax_view_contentadmin\class-spawnster-admin.php:83
noprivwp_ajax_update_contentadmin\class-spawnster-admin.php:84
authwp_ajax_update_contentadmin\class-spawnster-admin.php:85
noprivwp_ajax_publish_pagesadmin\class-spawnster-admin.php:86
authwp_ajax_publish_pagesadmin\class-spawnster-admin.php:87
noprivwp_ajax_get_progressadmin\class-spawnster-admin.php:88
authwp_ajax_get_progressadmin\class-spawnster-admin.php:89
noprivwp_ajax_enhance_contentadmin\class-spawnster-admin.php:90
authwp_ajax_enhance_contentadmin\class-spawnster-admin.php:91
noprivwp_ajax_accept_contentadmin\class-spawnster-admin.php:92
authwp_ajax_accept_contentadmin\class-spawnster-admin.php:93
noprivwp_ajax_reject_contentadmin\class-spawnster-admin.php:94
authwp_ajax_reject_contentadmin\class-spawnster-admin.php:95
noprivwp_ajax_edit_menuadmin\class-spawnster-admin.php:96
authwp_ajax_edit_menuadmin\class-spawnster-admin.php:97
authwp_ajax_create_content_jobincludes\class-spawnster.php:224
authwp_ajax_update_content_jobincludes\class-spawnster.php:225
authwp_ajax_delete_content_jobincludes\class-spawnster.php:226
authwp_ajax_generate_content_nowincludes\class-spawnster.php:227
authwp_ajax_search_similar_contentincludes\class-spawnster.php:228
authwp_ajax_generate_contentincludes\class-spawnster.php:231
authwp_ajax_generate_descriptionincludes\class-spawnster.php:232
authwp_ajax_view_contentincludes\class-spawnster.php:233
authwp_ajax_update_contentincludes\class-spawnster.php:234
authwp_ajax_publish_pagesincludes\class-spawnster.php:235
authwp_ajax_get_progressincludes\class-spawnster.php:236
authwp_ajax_enhance_contentincludes\class-spawnster.php:237
authwp_ajax_accept_contentincludes\class-spawnster.php:238
authwp_ajax_reject_contentincludes\class-spawnster.php:239
authwp_ajax_edit_menuincludes\class-spawnster.php:240
authwp_ajax_toggle_loggingincludes\class-spawnster.php:241
WordPress Hooks 23
actionadmin_menuadmin\class-spawnster-admin.php:76
actionadmin_menuadmin\class-spawnster-admin.php:77
actioninitadmin\class-spawnster-admin.php:99
actionadmin_post_setup_website_form_submitadmin\class-spawnster-admin.php:100
actionadmin_headadmin\class-spawnster-admin.php:279
filtermanage_spawnster_job_posts_columnsadmin\class-spawnster-admin.php:665
actionmanage_spawnster_job_posts_custom_columnadmin\class-spawnster-admin.php:666
actionadd_meta_boxesadmin\class-spawnster-admin.php:669
actionsave_postadmin\class-spawnster-admin.php:670
actionadmin_headadmin\class-spawnster-admin.php:673
filteruse_block_editor_for_post_typeadmin\class-spawnster-admin.php:676
filterparent_fileadmin\class-spawnster-admin.php:679
filtersubmenu_fileadmin\class-spawnster-admin.php:680
actionplugins_loadedincludes\class-spawnster.php:198
actionadmin_enqueue_scriptsincludes\class-spawnster.php:213
actionadmin_enqueue_scriptsincludes\class-spawnster.php:214
actionadmin_menuincludes\class-spawnster.php:217
actioninitincludes\class-spawnster.php:220
actioninitincludes\class-spawnster.php:221
actioninitincludes\class-spawnster.php:244
actionadmin_post_setup_website_form_submitincludes\class-spawnster.php:245
actionspawnster_generate_contentspawnster.php:83
filtercron_schedulesspawnster.php:86

Scheduled Events 1

spawnster_generate_content
Maintenance & Trust

Spawnster: AI Blog Writer and Instant Site Generator for Publishing Articles on a Schedule Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedNov 18, 2025
PHP min version7.0
Downloads2K

Community Trust

Rating100/100
Number of ratings4
Active installs300
Alternatives

Spawnster: AI Blog Writer and Instant Site Generator for Publishing Articles on a Schedule Alternatives

Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode

Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode

coming-soon

C
67

Easy Drag & Drop Page Builder. A complete solution to create a WordPress Website, Custom Themes, Landing Pages, Coming Soon & Maintenance Mode Pages.

700K 1 unpatched
BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor

BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor

betterdocs

A
86

A full-featured documentation plugin including AI writing assistance to create knowledge bases, docs, FAQs, wikis, and more with easy drag & drop UI.

40K 7 CVEs
Content Egg – Affiliate Product Importer & Price Comparison

Content Egg – Affiliate Product Importer & Price Comparison

content-egg

A
96

Import affiliate products, compare prices, sync to WooCommerce, and auto-generate SEO content with AI — all in one toolkit.

10K 3 CVEs
Live Copy Paste for Elementor – Cross Domain Copy Paste & Page Duplicator

Live Copy Paste for Elementor – Cross Domain Copy Paste & Page Duplicator

live-copy-paste

A
100

The ultimate Elementor addon for cross-domain copying, magic copy buttons, and instant page duplication. Build websites faster with one-click design t …

7K No CVEs
TextBuilder

TextBuilder

textbuilder

A
98

With the TextBuilder.ai WordPress Plugin, you can quickly create content and post it directly to your blog without any manual effort.

5K 1 CVE
Developer Profile

Spawnster: AI Blog Writer and Instant Site Generator for Publishing Articles on a Schedule Developer Profile

ristrettoapps

2 plugins · 310 total installs

91
trust score
Avg Security Score
96/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Spawnster: AI Blog Writer and Instant Site Generator for Publishing Articles on a Schedule

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/spawnster-ai-content-generator/assets/css/backend.css/wp-content/plugins/spawnster-ai-content-generator/assets/css/editor.css/wp-content/plugins/spawnster-ai-content-generator/assets/js/backend.js/wp-content/plugins/spawnster-ai-content-generator/assets/js/editor.js/wp-content/plugins/spawnster-ai-content-generator/assets/js/tinymce.js
Script Paths
/wp-content/plugins/spawnster-ai-content-generator/assets/js/backend.js/wp-content/plugins/spawnster-ai-content-generator/assets/js/editor.js/wp-content/plugins/spawnster-ai-content-generator/assets/js/tinymce.js
Version Parameters
spawnster-ai-content-generator/assets/css/backend.css?ver=spawnster-ai-content-generator/assets/css/editor.css?ver=spawnster-ai-content-generator/assets/js/backend.js?ver=spawnster-ai-content-generator/assets/js/editor.js?ver=spawnster-ai-content-generator/assets/js/tinymce.js?ver=

HTML / DOM Fingerprints

CSS Classes
spawnster-editor-containerspawnster-editor-panel
Data Attributes
data-spawnster-contentdata-spawnster-job-iddata-spawnster-parent-iddata-spawnster-content-typedata-spawnster-action-url
JS Globals
SpawnsterAIspawnster_ajax_object
REST Endpoints
/wp-json/spawnster/v1/generate/wp-json/spawnster/v1/description/wp-json/spawnster/v1/view/wp-json/spawnster/v1/update/wp-json/spawnster/v1/publish/wp-json/spawnster/v1/progress/wp-json/spawnster/v1/enhance/wp-json/spawnster/v1/accept/wp-json/spawnster/v1/reject/wp-json/spawnster/v1/menu
FAQ

Frequently Asked Questions about Spawnster: AI Blog Writer and Instant Site Generator for Publishing Articles on a Schedule