Does Swiss Toolkit For WP have any unpatched vulnerabilities?

Yes — Swiss Toolkit For WP currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Swiss Toolkit For WP compatible with WordPress 6.9.4?

According to WordPress.org data, Swiss Toolkit For WP 1.4.5 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Swiss Toolkit For WP compatible with PHP 7.4+?

Swiss Toolkit For WP requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Swiss Toolkit For WP updated?

Swiss Toolkit For WP was last updated on Mar 9, 2026. Frequent updates are generally a positive security signal.

What is Swiss Toolkit For WP's security score?

Swiss Toolkit For WP has a WP-Safety security score of 75/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Swiss Toolkit For WP Security & Risk Analysis

wordpress.org/plugins/swiss-toolkit-for-wp

Say Goodbye to Plugin Overload - WP Swiss Toolkit Has It All

1K active installs v1.4.5 PHP 7.4+ WP 5.2+ Updated Mar 9, 2026

increase-file-size-limitincrease-upload-limittoolkitupload-limit

B · Generally Safe

CVEs total3

Unpatched1

Last CVEMar 31, 2025

Plugin page Download

Safety Verdict

Is Swiss Toolkit For WP Safe to Use in 2026?

Mostly Safe

Score 75/100

Swiss Toolkit For WP is generally safe to use. 3 past CVEs were resolved. Keep it updated.

3 known CVEs 1 unpatched Last CVE: Mar 31, 2025Updated 26d ago

Risk Assessment

The "swiss-toolkit-for-wp" v1.4.5 plugin demonstrates some good security practices, particularly in its handling of SQL queries and a substantial number of proper output escapses. The absence of unsanitized path flows in taint analysis and the presence of nonce and capability checks on its AJAX endpoints are also positive indicators. However, the plugin's vulnerability history raises significant concerns. With three known CVEs, including one currently unpatched high-severity vulnerability, and a pattern of missing authorization and authentication bypass issues, the plugin has a track record of introducing critical security flaws. The recent vulnerability date in 2025 suggests that the development team may be slow to address security issues or that there's an ongoing struggle with maintaining a secure codebase. While the static analysis shows a protected attack surface in this version, the historical context suggests a higher risk than the code signals alone might indicate.

Key Concerns

Unpatched high-severity vulnerability
History of missing authorization/auth bypass
Bundled outdated library (Select2)
Below average output escaping (82%)

Vulnerabilities

Swiss Toolkit For WP Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

2 CVEs in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

High

Medium

3 total CVEs

CVE-2025-31546medium · 4.3Missing Authorization

Swiss Toolkit For WP <= 1.4.0 - Missing Authorization

Mar 31, 2025 Patched in 1.4.1 (74d)

CVE-2025-31544medium · 4.3Missing Authorization

Swiss Toolkit For WP <= 1.4.1 - Missing Authorization

Mar 31, 2025Unpatched

CVE-2024-5204high · 8.8Authentication Bypass Using an Alternate Path or Channel

Swiss Toolkit For WP <= 1.0.7 - Authenticated (Contributor+) Authentication Bypass

May 28, 2024 Patched in 1.0.8 (1d)

Code Analysis

Analyzed Mar 16, 2026

Swiss Toolkit For WP Code Analysis

Dangerous Functions

Raw SQL Queries

28 prepared

Unescaped Output

141 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

100% prepared28 total queries

Output Escaping

82% escaped173 total outputs

Data Flows

All sanitized

Data Flow Analysis

4 flows

duplicate (includes\plugins\class-boomdevs-swiss-toolkit-post-duplicate.php:64)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Swiss Toolkit For WP Attack Surface

Entry Points13

Unprotected0

AJAX Handlers 13

authwp_ajax_bdstfw_chunkerincludes\plugins\class-boomdevs-swiss-toolkit-upload-chunk-files.php:43

authwp_ajax_swiss_toolkit_delete_post_revisionsoptimizations\class-boomdevs-swiss-toolkit-optimizations.php:46

authwp_ajax_swiss_toolkit_delete_post_draftoptimizations\class-boomdevs-swiss-toolkit-optimizations.php:48

authwp_ajax_swiss_toolkit_delete_post_trashoptimizations\class-boomdevs-swiss-toolkit-optimizations.php:50

authwp_ajax_swiss_toolkit_delete_spam_commentsoptimizations\class-boomdevs-swiss-toolkit-optimizations.php:52

authwp_ajax_swiss_toolkit_delete_trashed_commentsoptimizations\class-boomdevs-swiss-toolkit-optimizations.php:54

authwp_ajax_swiss_toolkit_delete_unapproved_commentsoptimizations\class-boomdevs-swiss-toolkit-optimizations.php:56

authwp_ajax_swiss_toolkit_delete_orphaned_postmetaoptimizations\class-boomdevs-swiss-toolkit-optimizations.php:58

authwp_ajax_swiss_toolkit_delete_orphaned_user_metaoptimizations\class-boomdevs-swiss-toolkit-optimizations.php:60

authwp_ajax_swiss_toolkit_delete_orphaned_comment_metaoptimizations\class-boomdevs-swiss-toolkit-optimizations.php:62

authwp_ajax_swiss_toolkit_delete_orphaned_relationship_dataoptimizations\class-boomdevs-swiss-toolkit-optimizations.php:64

authwp_ajax_swiss_toolkit_delete_pingbacksoptimizations\class-boomdevs-swiss-toolkit-optimizations.php:66

authwp_ajax_swiss_toolkit_delete_trackbacksoptimizations\class-boomdevs-swiss-toolkit-optimizations.php:68

WordPress Hooks 57

actionplugins_loadedboomdevs-swiss-toolkit.php:123

actioninitcode-snippet\class-boomdevs-swiss-toolkit-code-snippet.php:47

actionadmin_menucode-snippet\class-boomdevs-swiss-toolkit-code-snippet.php:48

actionadmin_initcode-snippet\class-boomdevs-swiss-toolkit-code-snippet.php:49

filterpost_updated_messagescode-snippet\class-boomdevs-swiss-toolkit-code-snippet.php:50

actionsave_post_swiss_snippetscode-snippet\class-boomdevs-swiss-toolkit-code-snippet.php:51

actionadmin_enqueue_scriptscode-snippet\class-boomdevs-swiss-toolkit-code-snippet.php:52

filterpost_row_actionscode-snippet\class-boomdevs-swiss-toolkit-code-snippet.php:53

actioninitgenerate-url\class-boomdevs-swiss-toolkit-generate-url.php:52

actionadmin_menugenerate-url\class-boomdevs-swiss-toolkit-generate-url.php:53

actionsave_post_swiss_generate_urlgenerate-url\class-boomdevs-swiss-toolkit-generate-url.php:55

filterpost_updated_messagesgenerate-url\class-boomdevs-swiss-toolkit-generate-url.php:56

actionmanage_swiss_generate_url_posts_custom_columngenerate-url\class-boomdevs-swiss-toolkit-generate-url.php:57

filtermanage_swiss_generate_url_posts_columnsgenerate-url\class-boomdevs-swiss-toolkit-generate-url.php:58

filterpost_row_actionsgenerate-url\class-boomdevs-swiss-toolkit-generate-url.php:59

actionadmin_noticesincludes\class-boomdevs-notification-widget-swiss-toolkit.php:15

actionadmin_enqueue_scriptsincludes\class-boomdevs-notification-widget-swiss-toolkit.php:16

actionsave_postincludes\class-boomdevs-notification-widget-swiss-toolkit.php:17

actionplugins_loadedincludes\class-boomdevs-swiss-tookit-user-settings.php:59

actionadmin_noticesincludes\class-boomdevs-swiss-toolkit-settings.php:51

actionplugins_loadedincludes\class-boomdevs-swiss-toolkit.php:192

actionadmin_enqueue_scriptsincludes\class-boomdevs-swiss-toolkit.php:206

actionadmin_enqueue_scriptsincludes\class-boomdevs-swiss-toolkit.php:207

actionwp_enqueue_scriptsincludes\class-boomdevs-swiss-toolkit.php:221

actionwp_enqueue_scriptsincludes\class-boomdevs-swiss-toolkit.php:222

actioninitincludes\plugins\class-boomdevs-swiss-toolkit-admin-login-url.php:61

actionwp_loadedincludes\plugins\class-boomdevs-swiss-toolkit-admin-login-url.php:62

filtersite_urlincludes\plugins\class-boomdevs-swiss-toolkit-admin-login-url.php:63

filterwp_redirectincludes\plugins\class-boomdevs-swiss-toolkit-admin-login-url.php:64

filterget_avatarincludes\plugins\class-boomdevs-swiss-toolkit-avatar.php:45

filterget_avatar_urlincludes\plugins\class-boomdevs-swiss-toolkit-avatar.php:46

actionadmin_menuincludes\plugins\class-boomdevs-swiss-toolkit-bulk-theme-delete.php:46

actionadmin_initincludes\plugins\class-boomdevs-swiss-toolkit-bulk-theme-delete.php:47

filterwp_prepare_attachment_for_jsincludes\plugins\class-boomdevs-swiss-toolkit-extension-attachment.php:49

filterwp_generate_attachment_metadataincludes\plugins\class-boomdevs-swiss-toolkit-extension-attachment.php:50

filterwp_handle_upload_prefilterincludes\plugins\class-boomdevs-swiss-toolkit-extension-attachment.php:51

filterwp_calculate_image_srcsetincludes\plugins\class-boomdevs-swiss-toolkit-extension-attachment.php:53

filterwp_get_attachment_image_srcincludes\plugins\class-boomdevs-swiss-toolkit-extension-attachment.php:54

filterwp_check_filetype_and_extincludes\plugins\class-boomdevs-swiss-toolkit-extension-supports.php:49

filterupload_mimesincludes\plugins\class-boomdevs-swiss-toolkit-extension-supports.php:50

actionadmin_headincludes\plugins\class-boomdevs-swiss-toolkit-favicon.php:50

actionwp_headincludes\plugins\class-boomdevs-swiss-toolkit-favicon.php:51

actioninitincludes\plugins\class-boomdevs-swiss-toolkit-generate-login-url.php:44

actionwp_headincludes\plugins\class-boomdevs-swiss-toolkit-header-footer-scripts.php:47

actionwp_footerincludes\plugins\class-boomdevs-swiss-toolkit-header-footer-scripts.php:48

filteradmin_action_swiss_toolkit_duplicate_as_draftincludes\plugins\class-boomdevs-swiss-toolkit-post-duplicate.php:40

filterpost_row_actionsincludes\plugins\class-boomdevs-swiss-toolkit-post-duplicate.php:41

filterpage_row_actionsincludes\plugins\class-boomdevs-swiss-toolkit-post-duplicate.php:42

filterplupload_initincludes\plugins\class-boomdevs-swiss-toolkit-upload-chunk-files.php:44

filterplupload_default_settingsincludes\plugins\class-boomdevs-swiss-toolkit-upload-chunk-files.php:45

filterplupload_default_paramsincludes\plugins\class-boomdevs-swiss-toolkit-upload-chunk-files.php:46

filterupload_post_paramsincludes\plugins\class-boomdevs-swiss-toolkit-upload-chunk-files.php:47

filterupload_size_limitincludes\plugins\class-boomdevs-swiss-toolkit-upload-size-limit.php:44

actionshow_user_profileincludes\plugins\class-boomdevs-swiss-toolkit-username.php:50

actionedit_user_profileincludes\plugins\class-boomdevs-swiss-toolkit-username.php:51

actionuser_profile_update_errorsincludes\plugins\class-boomdevs-swiss-toolkit-username.php:52

actionadmin_menuoptimizations\class-boomdevs-swiss-toolkit-optimizations.php:43

Maintenance & Trust

Swiss Toolkit For WP Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 9, 2026

PHP min version7.4

Downloads17K

Community Trust

Rating100/100

Number of ratings1

Active installs1K

Alternatives

Swiss Toolkit For WP Alternatives

Big File Uploads – Increase Maximum File Upload Size

tuxedo-big-file-uploads

Enable large file uploads in the built-in WordPress media uploader via file chunking, and set maximum upload file size to any value based on user role …

100K 2 CVEs

EasyMedia – Increase Media Upload File Size | Role-Based Upload Limit | Increase Execution Time

wp-maximum-upload-file-size

EasyMedia - Increase the maximum upload file size limit to any value. Increase upload limit - upload large files effortlessly.

80K 2 CVEs

Increase Maximum Upload File Size

upload-max-file-size

Increase maximum upload file size limit to any value. Increase upload limit - upload large files.

40K No CVEs

Themx Maximum Upload File Size | Increase Maximum Upload File Size

themx-maximum-upload-file-size

Increase maximum upload file size limit to larger value. Increase upload limit, upload big files. Increase maximum execution time.

1K No CVEs

Increase Maximum Upload file Size Limit

increase-maximum-upload-file-size-limit

Increase Maximum file size Upload Limit. Control Post Max Size, Max upload size, Increase Upload limit, execution time, big file upload from WordPress …

100 No CVEs

Developer Profile

Swiss Toolkit For WP Developer Profile

WP Messiah

12 plugins · 26K total installs

trust score

Avg Security Score

89/100

Avg Patch Time

132 days

View full developer profile

Detection Fingerprints

How We Detect Swiss Toolkit For WP

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/swiss-toolkit-for-wp/admin/css/boomdevs-swiss-toolkit-admin.css/wp-content/plugins/swiss-toolkit-for-wp/admin/img/default-avatar.png/wp-content/plugins/swiss-toolkit-for-wp/admin/js/boomdevs-swiss-toolkit-admin.js/wp-content/plugins/swiss-toolkit-for-wp/admin/js/boomdevs-swiss-toolkit-admin-db.js

Script Paths

/wp-content/plugins/swiss-toolkit-for-wp/admin/js/boomdevs-swiss-toolkit-admin.js/wp-content/plugins/swiss-toolkit-for-wp/admin/js/boomdevs-swiss-toolkit-admin-db.js

Version Parameters

swiss-toolkit-for-wp/admin/css/boomdevs-swiss-toolkit-admin.css?ver=swiss-toolkit-for-wp/admin/js/boomdevs-swiss-toolkit-admin.js?ver=swiss-toolkit-for-wp/admin/js/boomdevs-swiss-toolkit-admin-db.js?ver=

HTML / DOM Fingerprints

CSS Classes

user-user-login-wrapuser-profile-picture

JS Globals

localize_objectswiss_toolkit_delete_post_revisions

FAQ