WP-Safety

Taqnix Security & Risk Analysis

wordpress.org/plugins/taqnix

Build AI-powered mobile apps for WordPress/WooCommerce. No code, 100+ templates, push alerts, payments. Launch in minutes.

40 active installs v1.0.3 PHP 7.4+ WP 5.0+ Updated May 28, 2025
ai-app-builderapp-builder-pluginwoocommerce-appmobile-app-builderno-code-app-builder
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Taqnix Safe to Use in 2026?

Generally Safe

Score 100/100

Taqnix has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago
Risk Assessment

The 'taqnix' plugin version 1.0.3 presents a concerning security posture primarily due to its massive attack surface that lacks authentication checks. With 100 out of 102 entry points being unprotected, this plugin is highly susceptible to unauthorized access and manipulation. The taint analysis further exacerbates this concern, revealing 4 high-severity flows with unsanitized paths, indicating potential for various injection vulnerabilities. While the plugin demonstrates good practices in using prepared statements for SQL queries and proper output escaping, these strengths are overshadowed by the critical lack of authorization on almost all its entry points.

The vulnerability history for 'taqnix' is clean, with no recorded CVEs. This might suggest a lack of prior exploitation or a relatively new plugin. However, it does not negate the immediate risks identified in the static and taint analysis. The significant number of unprotected AJAX handlers and REST API routes create a broad entry point for attackers to potentially exploit the high-severity taint flows. Therefore, despite the absence of known vulnerabilities, the inherent design flaws make this plugin a significant security risk.

In conclusion, while 'taqnix' has some positive coding practices regarding data handling (SQL preparation and output escaping), its overall security is severely compromised by the overwhelming presence of unprotected entry points and high-severity taint flows. The absence of historical vulnerabilities should not lead to complacency, as the analyzed code exhibits significant weaknesses that could be easily leveraged by an attacker. Immediate attention is required to implement proper authentication and authorization checks.

Key Concerns

  • AJAX handlers without auth checks
  • REST API routes without permission callbacks
  • High severity taint flows
  • Flows with unsanitized paths
  • Nonce checks missing on AJAX
  • Capability checks missing
Vulnerabilities
None known

Taqnix Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Taqnix Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
12 prepared
Unescaped Output
1
113 escaped
Nonce Checks
1
Capability Checks
3
File Operations
4
External Requests
10
Bundled Libraries
0

SQL Query Safety

92% prepared13 total queries

Output Escaping

99% escaped114 total outputs
Data Flows
10 unsanitized

Data Flow Analysis

12 flows10 with unsanitized paths
taqnix_upload_file_callback (admin\class-taqnix-admin.php:663)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
100 unprotected

Taqnix Attack Surface

Entry Points102
Unprotected100

AJAX Handlers 96

authwp_ajax_taqnix_fetch_detailsadmin\class-taqnix-admin.php:459
noprivwp_ajax_taqnix_fetch_detailsadmin\class-taqnix-admin.php:460
authwp_ajax_taqnix_save_detailsadmin\class-taqnix-admin.php:525
noprivwp_ajax_taqnix_save_detailsadmin\class-taqnix-admin.php:526
authwp_ajax_taqnix_build_androidadmin\class-taqnix-admin.php:603
noprivwp_ajax_taqnix_build_androidadmin\class-taqnix-admin.php:604
authwp_ajax_taqnix_upload_fileadmin\class-taqnix-admin.php:661
noprivwp_ajax_taqnix_upload_fileadmin\class-taqnix-admin.php:662
authwp_ajax_taqnix_upload_google_service_fileadmin\class-taqnix-admin.php:742
noprivwp_ajax_taqnix_upload_google_service_fileadmin\class-taqnix-admin.php:743
authwp_ajax_taqnix_cartpublic\class-taqnix-cart.php:16
noprivwp_ajax_taqnix_cartpublic\class-taqnix-cart.php:17
authwp_ajax_taqnix_add_to_cartpublic\class-taqnix-cart.php:20
noprivwp_ajax_taqnix_add_to_cartpublic\class-taqnix-cart.php:21
authwp_ajax_taqnix_remove_from_cartpublic\class-taqnix-cart.php:24
noprivwp_ajax_taqnix_remove_from_cartpublic\class-taqnix-cart.php:25
authwp_ajax_taqnix_update_cartpublic\class-taqnix-cart.php:28
noprivwp_ajax_taqnix_update_cartpublic\class-taqnix-cart.php:29
authwp_ajax_taqnix_apply_couponpublic\class-taqnix-cart.php:32
noprivwp_ajax_taqnix_apply_couponpublic\class-taqnix-cart.php:33
authwp_ajax_taqnix_remove_couponpublic\class-taqnix-cart.php:35
noprivwp_ajax_taqnix_remove_couponpublic\class-taqnix-cart.php:36
authwp_ajax_taqnix_update_order_reviewpublic\class-taqnix-cart.php:39
noprivwp_ajax_taqnix_update_order_reviewpublic\class-taqnix-cart.php:40
authwp_ajax_taqnix_update_shipping_methodpublic\class-taqnix-cart.php:43
noprivwp_ajax_taqnix_update_shipping_methodpublic\class-taqnix-cart.php:44
authwp_ajax_taqnix_couponspublic\class-taqnix-cart.php:47
noprivwp_ajax_taqnix_couponspublic\class-taqnix-cart.php:48
authwp_ajax_taqnix_checkout_formpublic\class-taqnix-checkout.php:12
noprivwp_ajax_taqnix_checkout_formpublic\class-taqnix-checkout.php:13
authwp_ajax_taqnix_update_order_reviewpublic\class-taqnix-checkout.php:16
noprivwp_ajax_taqnix_update_order_reviewpublic\class-taqnix-checkout.php:17
authwp_ajax_taqnix_save_app_configpublic\class-taqnix-config.php:13
authwp_ajax_taqnix_site_detailspublic\class-taqnix-config.php:15
noprivwp_ajax_taqnix_site_detailspublic\class-taqnix-config.php:16
authwp_ajax_taqnix_get_app_configpublic\class-taqnix-config.php:19
noprivwp_ajax_taqnix_get_app_configpublic\class-taqnix-config.php:20
authwp_ajax_taqnix_categoriespublic\class-taqnix-config.php:23
noprivwp_ajax_taqnix_categoriespublic\class-taqnix-config.php:24
authwp_ajax_taqnix_brandspublic\class-taqnix-config.php:27
noprivwp_ajax_taqnix_brandspublic\class-taqnix-config.php:28
authwp_ajax_taqnix_noncepublic\class-taqnix-config.php:31
noprivwp_ajax_taqnix_noncepublic\class-taqnix-config.php:32
authwp_ajax_taqnix_get_backupspublic\class-taqnix-config.php:35
authwp_ajax_taqnix_delete_backuppublic\class-taqnix-config.php:36
authwp_ajax_taqnix_restore_backuppublic\class-taqnix-config.php:37
authwp_ajax_taqnix_verify_otppublic\class-taqnix-otp.php:277
noprivwp_ajax_taqnix_verify_otppublic\class-taqnix-otp.php:278
authwp_ajax_taqnix_create_pagepublic\class-taqnix-page.php:30
authwp_ajax_taqnix_pagespublic\class-taqnix-page.php:31
authwp_ajax_taqnix_pagepublic\class-taqnix-page.php:32
authwp_ajax_taqnix_update_pagepublic\class-taqnix-page.php:33
authwp_ajax_taqnix_delete_pagepublic\class-taqnix-page.php:34
noprivwp_ajax_taqnix_pagepublic\class-taqnix-page.php:38
authwp_ajax_taqnix_verify_paymentpublic\class-taqnix-payments.php:27
noprivwp_ajax_taqnix_verify_paymentpublic\class-taqnix-payments.php:29
authwp_ajax_taqnix_get_razorpay_order_idpublic\class-taqnix-payments.php:34
noprivwp_ajax_taqnix_get_razorpay_order_idpublic\class-taqnix-payments.php:36
authwp_ajax_taqnix_get_wishlistpublic\class-taqnix-products.php:13
authwp_ajax_taqnix_productspublic\class-taqnix-products.php:15
noprivwp_ajax_taqnix_productspublic\class-taqnix-products.php:16
authwp_ajax_taqnix_productpublic\class-taqnix-products.php:18
noprivwp_ajax_taqnix_productpublic\class-taqnix-products.php:19
authwp_ajax_taqnix_product_attributespublic\class-taqnix-products.php:22
noprivwp_ajax_taqnix_product_attributespublic\class-taqnix-products.php:23
authwp_ajax_taqnix_product_detailpublic\class-taqnix-products.php:26
noprivwp_ajax_taqnix_product_detailpublic\class-taqnix-products.php:27
noprivwp_ajax_taqnix_product_reviewspublic\class-taqnix-products.php:30
authwp_ajax_taqnix_product_reviewspublic\class-taqnix-products.php:31
authwp_ajax_taqnix_current_userpublic\class-taqnix-user.php:15
noprivwp_ajax_taqnix_current_userpublic\class-taqnix-user.php:16
authwp_ajax_taqnix_user_orderspublic\class-taqnix-user.php:19
noprivwp_ajax_taqnix_user_orderspublic\class-taqnix-user.php:20
authwp_ajax_taqnix_user_logoutpublic\class-taqnix-user.php:23
noprivwp_ajax_taqnix_user_logoutpublic\class-taqnix-user.php:24
authwp_ajax_taqnix_registerpublic\class-taqnix-user.php:27
noprivwp_ajax_taqnix_registerpublic\class-taqnix-user.php:28
authwp_ajax_taqnix_user_loginpublic\class-taqnix-user.php:31
noprivwp_ajax_taqnix_user_loginpublic\class-taqnix-user.php:32
authwp_ajax_taqnix_subscriptionspublic\class-taqnix-user.php:40
noprivwp_ajax_taqnix_subscriptionspublic\class-taqnix-user.php:41
authwp_ajax_taqnix_walletpublic\class-taqnix-user.php:44
noprivwp_ajax_taqnix_walletpublic\class-taqnix-user.php:45
authwp_ajax_taqnix_reward_pointspublic\class-taqnix-user.php:48
noprivwp_ajax_taqnix_reward_pointspublic\class-taqnix-user.php:49
authwp_ajax_taqnix_downloadspublic\class-taqnix-user.php:52
authwp_ajax_taqnix_empty_cartpublic\class-taqnix-user.php:55
noprivwp_ajax_taqnix_empty_cartpublic\class-taqnix-user.php:57
authwp_ajax_taqnix_user_orderpublic\class-taqnix-user.php:60
authwp_ajax_taqnix_update_addresspublic\class-taqnix-user.php:64
authwp_ajax_taqnix_delete_my_accountpublic\class-taqnix-user.php:67
authwp_ajax_taqnix_get_wishlistidspublic\class-taqnix-wishlist.php:35
authwp_ajax_taqnix_update_wishlistpublic\class-taqnix-wishlist.php:36
authwp_ajax_taqnix_fetch_wishlistpublic\class-taqnix-wishlist.php:37
authwp_ajax_taqnix_add_wishlistpublic\class-taqnix-wishlist.php:38
authwp_ajax_taqnix_remove_wishlistpublic\class-taqnix-wishlist.php:39

REST API Routes 6

GET/wp-json/taqnix/v1/get_app_configpublic\class-taqnix-config.php:89
GET/wp-json/taqnix/v1/categoriespublic\class-taqnix-config.php:95
GET/wp-json/taqnix/v1/send_sms_otppublic\class-taqnix-otp.php:305
GET/wp-json/taqnix/v1/productspublic\class-taqnix-products.php:37
POST/wp-json/taqnix/v1/user/lostpasswordpublic\class-taqnix-user.php:75
GET/wp-json/taqnix/v1/user/lostpasswordpublic\class-taqnix-user.php:81
WordPress Hooks 22
actionadmin_enqueue_scriptsincludes\class-taqnix.php:151
actionadmin_enqueue_scriptsincludes\class-taqnix.php:152
actionadmin_menuincludes\class-taqnix.php:155
actionadmin_initincludes\class-taqnix.php:158
actionwp_enqueue_scriptsincludes\class-taqnix.php:173
actionwp_enqueue_scriptsincludes\class-taqnix.php:174
actionwoocommerce_add_to_cartpublic\class-taqnix-cart.php:527
actionrest_api_initpublic\class-taqnix-config.php:11
actionrest_api_initpublic\class-taqnix-otp.php:274
actionrest_api_initpublic\class-taqnix-products.php:11
filterposts_clausespublic\class-taqnix-products.php:122
filterposts_clausespublic\class-taqnix-products.php:231
filterposts_clausespublic\class-taqnix-products.php:234
filterposts_clausespublic\class-taqnix-products.php:237
actionrest_api_initpublic\class-taqnix-user.php:10
actionadmin_enqueue_scriptstaqnix.php:103
actionproduct_cat_add_form_fieldstaqnix.php:129
actionproduct_cat_edit_form_fieldstaqnix.php:170
actioncreated_product_cattaqnix.php:183
actionedited_product_cattaqnix.php:184
actionadmin_enqueue_scriptstaqnix.php:209
actionwp_headtaqnix.php:216
Maintenance & Trust

Taqnix Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedMay 28, 2025
PHP min version7.4
Downloads899

Community Trust

Rating0/100
Number of ratings0
Active installs40
Alternatives

Taqnix Alternatives

MStore API – Create Native Android & iOS Apps On The Cloud

MStore API – Create Native Android & iOS Apps On The Cloud

mstore-api

B
81

Take your WordPress store mobile with MStore API! This plugin bridges the gap between your WordPress website and the powerful FluxBuilder app builder.

3K 28 CVEs
B2App – Android & iOS native apps builder without using code

B2App – Android & iOS native apps builder without using code

b2app-no-code-mobile-app-builder

A
85

This Plugin is used for convert WooCommerce store to Android & iOS mobile app without using code.

10 No CVEs
AppMySite – WordPress & WooCommerce Mobile App Builder (No-Code Android & iOS App Maker)

AppMySite – WordPress & WooCommerce Mobile App Builder (No-Code Android & iOS App Maker)

appmysite

A
98

Turn your WordPress or WooCommerce site into a native Android & iOS app in minutes — no coding required.

8K 2 CVEs
Hippoo Mobile App for WooCommerce

Hippoo Mobile App for WooCommerce

hippoo

A
96

Hippoo helps you manage WooCommerce orders, inventory, and analytics from your mobile. Receive real-time notifications and control your store on the g …

1K 2 CVEs
WappPress – Convert Site to App Fast – WordPress to Mobile App Builder

WappPress – Convert Site to App Fast – WordPress to Mobile App Builder

wapppress-builds-android-app-for-website

A
95

Short Description:Convert your website into Mobile App in just one click – no coding needed. Instantly generate an APK or AAB.

1K 3 CVEs
Developer Profile

Taqnix Developer Profile

taqnix

1 plugin · 40 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Taqnix

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/taqnix/assets/css/taqnix-otp-style.css/wp-content/plugins/taqnix/assets/js/taqnix-otp-script.js
Script Paths
/wp-content/plugins/taqnix/assets/js/taqnix-otp-script.js
Version Parameters
taqnix-otp-style.css?ver=taqnix-otp-script.js?ver=

HTML / DOM Fingerprints

JS Globals
taqnix_otp_send_otp_urltaqnix_otp_verify_otp_url
REST Endpoints
/wp-json/taqnix-otp/v1/send-otp/wp-json/taqnix-otp/v1/verify-otp
FAQ

Frequently Asked Questions about Taqnix