Traktivity Security & Risk Analysis
wordpress.org/plugins/traktivityAre you a TV addict, and want to keep track of all the shows you've binge-watched and movies you saw? Traktivity is for you!
Is Traktivity Safe to Use in 2026?
Generally Safe
Score 100/100Traktivity has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'traktivity' v2.3.5 plugin exhibits a generally good security posture, with several positive indicators. The absence of dangerous functions, file operations, and the consistent use of prepared statements for SQL queries are strong points. Furthermore, the plugin demonstrates a high rate of proper output escaping, which significantly reduces the risk of cross-site scripting (XSS) vulnerabilities. The vulnerability history is also a positive sign, showing no recorded CVEs, which suggests a history of stable and secure development.
However, there are a few areas of concern. The presence of one REST API route without a permission callback is a significant vulnerability. This unprotected endpoint could potentially be exploited by unauthenticated users to access or manipulate data, depending on its functionality. While taint analysis found no issues, the limited scope (0 flows analyzed) means this doesn't provide a comprehensive assurance. The lack of nonce checks on any entry points is another concern, as nonces are crucial for preventing cross-site request forgery (CSRF) attacks.
In conclusion, 'traktivity' v2.3.5 has a strong foundation in secure coding practices, particularly in data handling. The lack of historical vulnerabilities is commendable. Nevertheless, the unprotected REST API route and the absence of nonce checks represent tangible risks that require immediate attention to ensure the plugin's overall security.
Key Concerns
- Unprotected REST API route
- No nonce checks on entry points
Traktivity Security Vulnerabilities
Traktivity Code Analysis
SQL Query Safety
Output Escaping
Traktivity Attack Surface
REST API Routes 6
WordPress Hooks 30
Scheduled Events 4
Maintenance & Trust
Traktivity Maintenance & Trust
Maintenance Signals
Community Trust
Traktivity Alternatives
Simple History – Track, Log, and Audit WordPress Changes
simple-history
Track changes and user activities on your WordPress site. See who created a page, uploaded an attachment, and more, for a complete audit trail.
WP Activity Log
wp-security-audit-log
The #1 user-rated activity log plugin for event logging, activity monitoring and change tracking.
Stream
stream
With Stream, you’re never left in the dark about changes to your WordPress site.
User Activity Tracking and Log
user-activity-tracking-and-log
Track time and monitor user activity & history on your website, LMS online learning system, membership or WooCommerce site.
MAS Videos
masvideos
MAS Videos is a free plugin that allows you to to create and list movies, videos and TV shows.
Traktivity Developer Profile
11 plugins · 2K total installs
How We Detect Traktivity
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/traktivity/_build/admin.js/wp-content/plugins/traktivity/_build/admin.jstraktivity/_build/admin.js?ver=HTML / DOM Fingerprints
data-traktivity-api_urldata-traktivity-site_urldata-traktivity-api_noncedata-traktivity-dash_urldata-traktivity-trakt_usernamedata-traktivity-trakt_key+20 moretraktivity_dashboard_page