Tika Doc PDF Indexer Security & Risk Analysis
wordpress.org/plugins/tika-doc-pdf-indexerThis plugin will automatically index pdf uploaded files from the media manager.
Is Tika Doc PDF Indexer Safe to Use in 2026?
Generally Safe
Score 100/100Tika Doc PDF Indexer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "tika-doc-pdf-indexer" v1.2.0 plugin demonstrates several strong security practices, including the complete absence of SQL injection vulnerabilities due to prepared statements and proper output escaping across all detected outputs. The plugin also correctly implements nonce and capability checks, suggesting a deliberate effort to secure its functionality. Furthermore, the lack of any recorded CVEs indicates a history of responsible development or limited exposure to known attack vectors.
However, the static analysis reveals a critical risk related to taint analysis. Specifically, there is a flow with an unsanitized path identified as critical severity. This indicates a potential vulnerability where user-supplied input could be used to construct a file path in an unsafe manner, potentially leading to directory traversal or arbitrary file access. Additionally, the presence of the `proc_open` function, a powerful but potentially dangerous function if not handled with extreme care, warrants attention, especially in conjunction with the unsanitized path flow.
Overall, while the plugin exhibits good fundamental security hygiene, the critical taint flow represents a significant and actionable security concern that needs immediate remediation. The lack of historical vulnerabilities is positive, but it does not negate the importance of addressing the identified critical issue.
Key Concerns
- Critical severity unsanitized path in taint analysis
- Use of potentially dangerous function 'proc_open'
Tika Doc PDF Indexer Security Vulnerabilities
Tika Doc PDF Indexer Code Analysis
Dangerous Functions Found
Output Escaping
Data Flow Analysis
Tika Doc PDF Indexer Attack Surface
WordPress Hooks 11
Maintenance & Trust
Tika Doc PDF Indexer Maintenance & Trust
Maintenance Signals
Community Trust
Tika Doc PDF Indexer Alternatives
Čeština: zalomení řádků
cestina-zalomeni-radku
Grammar rules for Czech language with related to word wrapping at the end of line.
Sinbyte Indexer
sinbyte-indexer
Plugin will help you index links of post/page to Google Search in within 1-3 hours.
Rapid URL Indexer for WP – Index Websites in Google
rapidurlindexer-wp
Get your URLs indexed on Google quickly and reliably with Rapid URL Indexer. Pay only for successfully indexed URLs or get your credits back.
Zalomení řádků v češtině a slovenčine
zalomeni-radku-czsk
Inteligentní plugin pro správné typografické zalomování českého a slovenského textu podle Pravidel českého pravopisu.
Awesome Ads – Google Adsense and Others
awesome-ads
Awesome Ads is the easiest way to show Google Adsense and Chitika ads in your wordpress. You don't need to copy and paste codes.
Tika Doc PDF Indexer Developer Profile
6 plugins · 400 total installs
How We Detect Tika Doc PDF Indexer
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/tika-doc-pdf-indexer/js/tdpi.js/wp-content/plugins/tika-doc-pdf-indexer/css/tdpi.css/wp-content/plugins/tika-doc-pdf-indexer/js/tdpi.jstika-doc-pdf-indexer/js/tdpi.js?ver=tika-doc-pdf-indexer/css/tdpi.css?ver=HTML / DOM Fingerprints
<!-- TODO: immediately exit if not supported cpt. --><!-- phpcs:disable -- finding a proper way to include document_root $server variable --><!-- phpcs:enable --><!-- TODO: add custom error logging location. -->+4 moretdpi_noncetdpi_filetdpi_file_uploadtdpi_extract_datatdpi_save_indexed_datatdpi_add_upload_file_metaboxestdpi_restrict_mimetypestdpi_file_upload