Does Supawriter have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Supawriter compatible with WordPress 6.9.4?

According to WordPress.org data, Supawriter 1.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Supawriter compatible with PHP 8.0+?

Supawriter requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Supawriter updated?

Supawriter was last updated on Mar 10, 2026. Frequent updates are generally a positive security signal.

What is Supawriter's security score?

Supawriter has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Supawriter Security & Risk Analysis

wordpress.org/plugins/supawriter

Connect your WordPress site to Supawriter for automatic SEO-optimized article publishing.

0 active installs v1.0.0 PHP 8.0+ WP 6.0+ Updated Mar 10, 2026

aiblogcontentpublishingseo

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Supawriter Safe to Use in 2026?

Generally Safe

Score 100/100

Supawriter has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The 'supawriter' v1.0.0 plugin exhibits a generally strong security posture based on the provided static analysis. It demonstrates excellent practices by fully utilizing prepared statements for SQL queries and a high percentage of properly escaped output. The complete absence of dangerous functions, file operations, and external HTTP requests further contributes to a reduced attack surface. Crucially, all identified entry points (AJAX, REST API) appear to have authentication and permission checks, and the presence of nonce checks and capability checks adds layers of defense against common WordPress attacks.

The vulnerability history is also a significant positive, with zero recorded CVEs of any severity. This indicates either a history of highly secure development or a lack of past scrutiny. The taint analysis reveals no issues with unsanitized paths or critical/high severity flows, reinforcing the impression of secure code handling.

While the plugin shows many strengths, the primary area for potential concern lies in the limited scope of the static analysis provided. Although all identified entry points are protected, a thorough review of the REST API permission callbacks and AJAX authentication mechanisms would be prudent to ensure they are robust and correctly implemented in practice. The absence of vulnerabilities could also be attributed to a lack of widespread usage or targeted security audits. Overall, 'supawriter' v1.0.0 appears to be a well-developed plugin with a strong focus on security, but continuous vigilance and a deeper dive into the implementation details of its authentication checks would be recommended for complete assurance.

Vulnerabilities

None known

Supawriter Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Supawriter Release Timeline

v1.0.0Current

Code Analysis

Analyzed Mar 17, 2026

Supawriter Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

46 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

92% escaped50 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

4 flows

supawriter_render_settings_page (supawriter.php:43)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Supawriter Attack Surface

Entry Points4

Unprotected0

REST API Routes 4

POST/wp-json/supawriter/v1/testincludes\api.php:7

POST/wp-json/supawriter/v1/publishincludes\api.php:13

POST/wp-json/supawriter/v1/testtrunk\includes\api.php:7

POST/wp-json/supawriter/v1/publishtrunk\includes\api.php:13

WordPress Hooks 6

actionrest_api_initincludes\api.php:4

filterpre_http_requestincludes\api.php:231

actionadmin_menusupawriter.php:32

actionrest_api_inittrunk\includes\api.php:4

filterpre_http_requesttrunk\includes\api.php:231

actionadmin_menutrunk\supawriter.php:32

Maintenance & Trust

Supawriter Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 10, 2026

PHP min version8.0

Downloads189

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Supawriter Alternatives

DraftSEO.AI

draftseo-ai

100

Publish AI-generated blogs from DraftSEO.AI directly to WordPress with automatic image import and SEO optimization.

90 No CVEs

KeywordBuddy

keywordbuddy

100

Connect your WordPress site to KeywordBuddy for automated SEO blog publishing.

0 No CVEs

SEO Content Publisher for 8ight.ai

seo-content-publisher-for-8ight-ai

100

Connects your WordPress site to 8ight.ai. Automatically publishes SEO-optimized content to your site.

0 No CVEs

Soro – SEO Autopilot & AI Content Writer

soro-seo

100

Connect your WordPress site to Soro for automatic AI-powered article publishing and SEO content automation.

2K No CVEs

Outrank

outrank

100

Outrank automatically creates and publishes SEO-optimized articles to your WordPress site as blog posts or drafts.

1K No CVEs

Developer Profile

Supawriter Developer Profile

supawriter

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Supawriter

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

supawriter-settings

Data Attributes

supawriter_default_author

FAQ