Does Taily have any unpatched vulnerabilities?

No. All known vulnerabilities in Taily have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Taily compatible with WordPress 6.8.5?

According to WordPress.org data, Taily 2.0.06 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Taily compatible with PHP 7.4+?

Taily requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Taily updated?

Taily was last updated on Aug 24, 2025. Frequent updates are generally a positive security signal.

What is Taily's security score?

Taily has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Taily Security & Risk Analysis

wordpress.org/plugins/taily

Tailwind-Framework for Wordpress (Fast & Optimized),Unparalleled Versatility, Advanced Elementor & Gutenberg integration and etc...

30 active installs v2.0.06 PHP 7.4+ WP + Updated Aug 24, 2025

tailtailwindtailwind-csstailywordpress-tailwind

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Taily Safe to Use in 2026?

Generally Safe

Score 100/100

Taily has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago

Risk Assessment

The taily v2.0.06 plugin demonstrates a generally good security posture with several positive attributes. It effectively implements prepared statements for all SQL queries, indicating a strong defense against SQL injection. Furthermore, all identified AJAX endpoints have associated nonce and capability checks, which is a crucial security practice for preventing unauthorized actions. The absence of external HTTP requests and bundled libraries further simplifies the attack surface and reduces potential vulnerabilities from third-party code. The plugin also has a clean vulnerability history with no recorded CVEs, suggesting diligent development and maintenance in the past.

However, the static analysis does reveal areas of concern. The presence of the `unserialize` function seven times is a significant risk. If the data being unserialized originates from an untrusted source without proper validation and sanitization, it can lead to Remote Code Execution (RCE) vulnerabilities. The taint analysis confirms this concern, showing two flows with unsanitized paths that are flagged as high severity, directly correlating with the potential risks of `unserialize` usage.

In conclusion, while taily v2.0.06 benefits from good practices like secure SQL queries and authenticated AJAX handlers, the identified `unserialize` usage and associated high-severity taint flows present a notable risk. The lack of past vulnerabilities is a positive indicator, but the current code analysis highlights specific areas that require immediate attention to maintain a robust security profile. Addressing the `unserialize` risks is paramount.

Key Concerns

High severity taint flows with unsanitized paths
Dangerous function 'unserialize' used 7 times
54% of outputs properly escaped

Vulnerabilities

None known

Taily Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Taily Code Analysis

Dangerous Functions

Raw SQL Queries

13 prepared

Unescaped Output

176

205 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$old_settings = unserialize($old_settings);core\admin-ajax.php:74

unserialize$sample = unserialize($sample);core\admin.php:539

unserialize$opt = unserialize($opt);core\class-core.php:91

unserialize$all_settings = unserialize($all_settings);taily.php:71

unserialize$all_settings = unserialize($all_settings);taily.php:80

unserialize$all_settings = unserialize($all_settings);uninstall.php:18

unserialize$all_settings = unserialize($all_settings);uninstall.php:27

SQL Query Safety

100% prepared13 total queries

Output Escaping

54% escaped381 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

tailybymdz_proccess_css (core\front-ajax.php:78)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Taily Attack Surface

Entry Points6

Unprotected0

AJAX Handlers 6

authwp_ajax_tailybymdz_save_settingscore\admin-ajax.php:364

authwp_ajax_tailybymdz_setallto_prodcore\admin-ajax.php:476

authwp_ajax_tailybymdz_setsingle_nonprodcore\admin-ajax.php:510

authwp_ajax_tailybymdz_clearall_cssfilescore\admin-ajax.php:545

authwp_ajax_tailybymdz_proccess_csscore\front-ajax.php:270

noprivwp_ajax_tailybymdz_proccess_csscore\front-ajax.php:271

WordPress Hooks 25

actionenqueue_block_editor_assetsblck-1.php:22

filterrender_blockblck-1.php:59

actionadmin_headcore\admin.php:33

actionadmin_menucore\admin.php:104

actioncurrent_screencore\admin.php:177

actionadmin_headcore\admin.php:202

actionadmin_headcore\admin.php:221

actionadmin_headcore\admin.php:244

actionadmin_headcore\admin.php:260

actionadmin_headcore\admin.php:302

actionadmin_enqueue_scriptscore\admin.php:311

actionwp_loadedcore\admin.php:324

actionadd_meta_boxescore\admin.php:333

actionsave_postcore\admin.php:335

actionwp_headcore\front.php:27

actionwp_enqueue_scriptscore\front.php:87

actionelementor/element/container/section_layout/after_section_endelementor\taily-textarea.php:23

actionelementor/element/column/section_advanced/after_section_endelementor\taily-textarea.php:24

actionelementor/element/section/section_advanced/after_section_endelementor\taily-textarea.php:25

actionelementor/element/common/_section_style/after_section_endelementor\taily-textarea.php:26

actionelementor/frontend/before_renderelementor\taily-textarea.php:28

actionelementor/documents/register_controlselementor\taily-textarea.php:30

actionelementor/document/before_saveelementor\taily-textarea.php:32

filterelementor/document/configelementor\taily-textarea.php:34

actioninittaily.php:51

Maintenance & Trust

Taily Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 24, 2025

PHP min version7.4

Downloads67K

Community Trust

Rating100/100

Number of ratings1

Active installs30

Alternatives

Taily Alternatives

WindPress – Tailwind CSS integration for WordPress

windpress

100

Integrate Tailwind CSS 3 or 4 into WordPress easily, in seconds. Works well with the block editor, page builders, plugins, themes, and custom code.

3K No CVEs

Draft – Tailwind CSS for WordPress.

website-builder

Add Tailwind CSS to WordPress, in seconds.

700 1 unpatched

Yabe Bricksbender

yabe-bricksbender

The Bricks builder extension

10 No CVEs

Aspect Blocks

aspect-blocks

🌐 Aspect Blocks is a Gutenberg plugin that leverages Tailwind CSS for seamless style customization, providing a modern and responsive design. 🌟

0 No CVEs

TailPress – Tailwind for WordPress

tailpress

Seamless integration of Tailwind for WordPress.

600 1 unpatched

Developer Profile

Taily Developer Profile

MDZ

4 plugins · 730 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

87 days

View full developer profile

Detection Fingerprints

How We Detect Taily

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/taily/blocks-taily-settings/build/index.js

Script Paths