WP-Safety

Tish WordPress Theme AI Customizer Security & Risk Analysis

wordpress.org/plugins/tish-theme-ai-customizer-lite

Customize any WordPress theme with GPT-5 — describe it, preview it, approve it.

0 active installs v1.0.0 PHP 7.4+ WP 6.2+ Updated Dec 10, 2025
aicsscustomizergpt-5theme
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Tish WordPress Theme AI Customizer Safe to Use in 2026?

Generally Safe

Score 100/100

Tish WordPress Theme AI Customizer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The tish-theme-ai-customizer-lite plugin v1.0.0 exhibits a generally good security posture with some areas for improvement. The plugin demonstrates strong adherence to secure coding practices, with a high percentage of SQL queries using prepared statements and a majority of output being properly escaped. The absence of any known CVEs or past vulnerabilities is a positive indicator of the developers' attention to security. Furthermore, the plugin does not bundle any external libraries, reducing the risk associated with outdated or vulnerable dependencies.

However, the presence of three AJAX handlers without authentication checks presents a notable attack surface. While the static analysis did not reveal any critical or high-severity taint flows, these unprotected AJAX endpoints could potentially be exploited if they process user-supplied data in an insecure manner, especially if combined with other vulnerabilities or logic flaws. The absence of shortcodes, cron events, and REST API routes, along with the presence of nonce and capability checks in other areas, mitigates some of the overall risk, but the unprotected AJAX handlers remain the primary concern in this assessment.

Key Concerns

  • 3 AJAX handlers without auth checks
Vulnerabilities
None known

Tish WordPress Theme AI Customizer Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Tish WordPress Theme AI Customizer Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
6 prepared
Unescaped Output
8
93 escaped
Nonce Checks
9
Capability Checks
12
File Operations
1
External Requests
2
Bundled Libraries
0

SQL Query Safety

86% prepared7 total queries

Output Escaping

92% escaped101 total outputs
Attack Surface
3 unprotected

Tish WordPress Theme AI Customizer Attack Surface

Entry Points5
Unprotected3

AJAX Handlers 5

authwp_ajax_tish_ai_store_snippetincludes\api\class-selector.php:54
authwp_ajax_tish_ai_fetch_snippetincludes\api\class-selector.php:55
authwp_ajax_tish_ai_test_openai_keyincludes\class-plugin.php:13
authwp_ajax_tish_ai_generate_cssincludes\class-plugin.php:14
authwp_ajax_tish_ai_approve_cssincludes\class-plugin.php:15
WordPress Hooks 9
actionadmin_menuincludes\admin-pages\class-admin-menu.php:6
actionadmin_initincludes\admin-pages\class-page-settings.php:118
actionadmin_enqueue_scriptsincludes\class-plugin.php:17
actioninitincludes\class-plugin.php:23
actionwp_headincludes\class-plugin.php:24
actionwp_headincludes\class-plugin.php:26
actionwp_headincludes\class-plugin.php:27
filtershow_admin_barincludes\class-plugin.php:78
actionplugins_loadedtish-wp-theme-ai-customizer.php:50
Maintenance & Trust

Tish WordPress Theme AI Customizer Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 10, 2025
PHP min version7.4
Downloads209

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Tish WordPress Theme AI Customizer Alternatives

TJ Custom CSS

TJ Custom CSS

theme-junkie-custom-css

A
85

Easily to add any Custom CSS code to your WordPress website.

8K No CVEs
Color Scheme every Theme

Color Scheme every Theme

color-scheme-every-theme

A
85

This plugin lets you change the entire color scheme of the current theme via the

50 No CVEs
SPM Show Colors for Elementor

SPM Show Colors for Elementor

spm-show-colors-for-elementor

A
100

Copies Elementor global or custom HEX color value to clipboard.

0 No CVEs
Simple Custom CSS and JS

Simple Custom CSS and JS

custom-css-js

A
100

Easily add Custom CSS or JS to your website with an awesome editor.

700K 1 CVE
Kirki Customizer Framework

Kirki Customizer Framework

kirki

A
100

The Ultimate Customizer Framework for WordPress Theme Developers

500K No CVEs
Developer Profile

Tish WordPress Theme AI Customizer Developer Profile

tishonator

54 plugins · 3K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Tish WordPress Theme AI Customizer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/tish-theme-ai-customizer-lite/assets/css/admin.css/wp-content/plugins/tish-theme-ai-customizer-lite/assets/js/admin.js/wp-content/plugins/tish-theme-ai-customizer-lite/assets/js/selector.js
Script Paths
assets/js/admin.jsassets/js/selector.js
Version Parameters
tish-ai-admintish-ai-selector

HTML / DOM Fingerprints

HTML Comments
<!-- Tish AI Preview CSS --><!-- Tish AI Approved CSS -->
Data Attributes
id='tish-ai-preview-css'id='tish-ai-approved-css'id='tish-ai-selector-hide-adminbar'
JS Globals
TISH_AI
REST Endpoints
/wp-json/tish-ai/v1/test-openai-key/wp-json/tish-ai/v1/generate-css/wp-json/tish-ai/v1/approve-css
FAQ

Frequently Asked Questions about Tish WordPress Theme AI Customizer