WP-Safety

Spotfix – proofreading, spelling and grammar reviews by visitors Security & Risk Analysis

wordpress.org/plugins/spotfix-content-review

Collect visitors’ questions and suggestions directly on your website pages. Make proofreading, spell checking, and grammar reviews easy.

0 active installs v1.0.4 PHP 7.2+ WP 5.0+ Updated Mar 6, 2026
grammarproofreadingspell-checktypo
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Spotfix – proofreading, spelling and grammar reviews by visitors Safe to Use in 2026?

Generally Safe

Score 100/100

Spotfix – proofreading, spelling and grammar reviews by visitors has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 28d ago
Risk Assessment

The "spotfix-content-review" plugin, version 1.0.4, presents a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and achieving a high percentage of properly escaped output. It also has no known historical vulnerabilities, which is a strong indicator of a well-maintained codebase. However, a significant concern arises from the attack surface. All three identified AJAX handlers lack authentication checks, making them potentially exploitable by unauthenticated users. While the plugin includes nonce checks and capability checks, their placement or effectiveness on these unprotected AJAX endpoints is not specified in the provided data, but their absence from an explicit 'auth check' is a critical oversight.

The taint analysis shows no identified unsanitized flows, which is a positive sign. The absence of dangerous functions, file operations, and shortcodes also contributes to a generally cleaner code profile. Despite the lack of historical vulnerabilities, the unprotected AJAX endpoints represent a tangible and immediate risk that requires attention. The plugin's strengths lie in its database and output handling, but its core interaction points with users are exposed.

Key Concerns

  • AJAX handlers without authentication checks
  • Multiple AJAX handlers without auth checks
Vulnerabilities
None known

Spotfix – proofreading, spelling and grammar reviews by visitors Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Spotfix – proofreading, spelling and grammar reviews by visitors Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
3
38 escaped
Nonce Checks
3
Capability Checks
5
File Operations
0
External Requests
3
Bundled Libraries
0

Output Escaping

93% escaped41 total outputs
Attack Surface
3 unprotected

Spotfix – proofreading, spelling and grammar reviews by visitors Attack Surface

Entry Points3
Unprotected3

AJAX Handlers 3

authwp_ajax_spotfix_check_statusincludes\class-spotfix.php:49
authwp_ajax_spotfix_create_accountincludes\class-spotfix.php:50
authwp_ajax_spotfix_configure_accountincludes\class-spotfix.php:51
WordPress Hooks 6
actionadmin_menuincludes\class-spotfix.php:45
actionadmin_initincludes\class-spotfix.php:46
actionadmin_enqueue_scriptsincludes\class-spotfix.php:47
actionadmin_enqueue_scriptsincludes\class-spotfix.php:48
filterplugin_row_metaincludes\class-spotfix.php:53
actionwp_enqueue_scriptsincludes\class-spotfix.php:62
Maintenance & Trust

Spotfix – proofreading, spelling and grammar reviews by visitors Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 6, 2026
PHP min version7.2
Downloads190

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Spotfix – proofreading, spelling and grammar reviews by visitors Alternatives

WProofreader spell & grammar check plugin for WordPress

WProofreader spell & grammar check plugin for WordPress

webspellchecker

A
100

WProofreader checks spelling, grammar, and style in real-time while editing in WordPress.

4K No CVEs
WP Spell Check

WP Spell Check

wp-spell-check

A
96

Proofread & Audit your WordPress website with One Click! Find & fix the errors and build a professional image for your business.

2K 6 CVEs
Perfect Tense – Spelling and Grammar Checker

Perfect Tense – Spelling and Grammar Checker

perfect-tense

A
85

Perfect Tense is an AI-powered, spelling and grammar corrector. Perfect Tense will automatically detect and fix mistakes, proofread entire blog posts, …

100 No CVEs
Qalam Arabic AI Writing Assistant Plugin | Qalam

Qalam Arabic AI Writing Assistant Plugin | Qalam

qalam

A
92

Qalam plugin for WordPress adds AI based grammar, spell check, and Tashkeel "Diacritization" capabilities to your website content in Arabic Language.

30 No CVEs
Orphans

Orphans

sierotki

A
100

Supports the grammar rule for orphan words at the end of a line.

40K No CVEs
Developer Profile

Spotfix – proofreading, spelling and grammar reviews by visitors Developer Profile

CleanTalk Inc

5 plugins · 230K total installs

73
trust score
Avg Security Score
92/100
Avg Patch Time
571 days
View full developer profile
Detection Fingerprints

How We Detect Spotfix – proofreading, spelling and grammar reviews by visitors

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/spotfix-content-review/admin/css/spotfix-admin.css/wp-content/plugins/spotfix-content-review/admin/js/spotfix-admin.js
Version Parameters
spotfix-admin.css?ver=spotfix-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
spotfix-auto-setupspotfix-create-account-blockspotfix-create-accountspotfix-configure-account-blockspotfix-configure-accountspotfix-setup-messagespotfix-instructions-sectionspotfix-admin
Data Attributes
id="spotfix-create-account"id="spotfix-configure-account"id="spotfix-code"
JS Globals
spotfixAdmin
FAQ

Frequently Asked Questions about Spotfix – proofreading, spelling and grammar reviews by visitors