Does Vectoron have any unpatched vulnerabilities?

No. All known vulnerabilities in Vectoron have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Vectoron compatible with WordPress 6.9.4?

According to WordPress.org data, Vectoron 2.11.7 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Vectoron compatible with PHP 7.4+?

Vectoron requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Vectoron updated?

Vectoron was last updated on Mar 12, 2026. Frequent updates are generally a positive security signal.

What is Vectoron's security score?

Vectoron has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Vectoron Security & Risk Analysis

wordpress.org/plugins/vectoron

A WordPress REST API plugin for external content management with authenticated API endpoints, GA4 tracking shortcodes, and ACF integration.

0 active installs v2.11.7 PHP 7.4+ WP 5.6+ Updated Mar 12, 2026

analyticscontent-managementga4rest-apishortcode

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Vectoron Safe to Use in 2026?

Generally Safe

Score 100/100

Vectoron has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 22d ago

Risk Assessment

The "vectoron" plugin v2.11.7 exhibits a generally good security posture with several positive indicators. The code demonstrates strong practices regarding SQL queries, utilizing prepared statements for all queries, which significantly mitigates SQL injection risks. Furthermore, output escaping is nearly perfect, with only a negligible percentage of outputs not properly escaped, reducing the likelihood of cross-site scripting (XSS) vulnerabilities. The plugin also has a clean vulnerability history, with no known CVEs, suggesting a commitment to security or simply a lack of past exploitable issues. However, the plugin presents a significant concern regarding its attack surface. Out of five identified entry points, four are unprotected AJAX handlers, meaning they lack authentication and authorization checks. This exposes a substantial portion of the plugin's functionality to unauthenticated users, creating a high risk of unauthorized actions or privilege escalation if these handlers are not inherently benign. While taint analysis shows no critical or high-severity flows, the unprotected AJAX handlers are a critical oversight that overshadows the otherwise positive security practices.

Key Concerns

Unprotected AJAX handlers
Large attack surface without auth

Vulnerabilities

None known

Vectoron Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Vectoron Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

182 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

99% escaped183 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

vectoron_settings_page_html (includes\settings-page.php:141)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Vectoron Attack Surface

Entry Points5

Unprotected4

AJAX Handlers 4

authwp_ajax_vectoron_apiincludes\ajax-proxy.php:164

noprivwp_ajax_vectoron_apiincludes\ajax-proxy.php:165

authwp_ajax_vectoron_statusincludes\ajax-proxy.php:180

noprivwp_ajax_vectoron_statusincludes\ajax-proxy.php:181

Shortcodes 1

[vectoron_article] includes\shortcodes.php:332

WordPress Hooks 36

filterapplication_password_is_api_requestincludes\ajax-proxy.php:64

actionadmin_menuincludes\settings-page.php:30

actionadmin_initincludes\settings-page.php:107

actionadmin_enqueue_scriptsincludes\settings-page.php:136

filterthe_contentincludes\shortcodes.php:72

filterthe_contentincludes\shortcodes.php:88

actionwp_enqueue_scriptsincludes\shortcodes.php:323

actionsave_postintegrations\acf.php:260

actionsave_postintegrations\acf.php:262

filtervectoron_status_responseintegrations\acf.php:524

filteracf/format_value/type=wysiwygintegrations\acf.php:538

actionadmin_initintegrations\acf.php:568

actionsave_postintegrations\beaver-builder.php:252

actionsave_postintegrations\beaver-builder.php:255

filtervectoron_status_responseintegrations\beaver-builder.php:271

actionsave_postintegrations\divi.php:318

actionsave_postintegrations\divi.php:321

filtervectoron_status_responseintegrations\divi.php:338

actionsave_postintegrations\elementor.php:321

actionsave_postintegrations\elementor.php:324

actionsave_postintegrations\elementor.php:347

filtervectoron_status_responseintegrations\elementor.php:369

filtervectoron_status_responseintegrations\rankmath.php:69

actionsave_postintegrations\schema-sync.php:104

filterthe_contentintegrations\schema-sync.php:182

actionwp_headintegrations\schema-sync.php:233

filtervectoron_status_responseintegrations\schema-sync.php:252

filtervectoron_status_responseintegrations\seopress.php:70

actionsave_postintegrations\wp-bakery.php:318

actionsave_postintegrations\wp-bakery.php:321

filtervectoron_status_responseintegrations\wp-bakery.php:338

filtervectoron_status_responseintegrations\yoast.php:70

actionrest_api_initvectoron-api.php:15

filterdetermine_current_uservectoron-api.php:16

actionrest_after_insert_postvectoron-api.php:20

actionplugins_loadedvectoron-api.php:1297

Maintenance & Trust

Vectoron Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 12, 2026

PHP min version7.4

Downloads402

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Vectoron Alternatives

GTM Kit – Google Tag Manager & GA4 integration

gtm-kit

Google Tag Manager and GA4 integration. Including WooCommerce data for Google Analytics 4 and support for server side GTM.

30K 1 CVE

HT Easy GA4 – Google Analytics WordPress Plugin

ht-easy-google-analytics

HT Easy GA4 - Google Analytics WordPress Plugin enables tracking user behavior and viewing Google Analytics dashboard reports from your website.

5K 3 CVEs

Goal Tracker – Custom Event Tracking for GA4

goal-tracker-ga

Goal Tracker - Custom Events Tracking for Google Analytics 4

2K No CVEs

Analytics Tracker

analytics-tracker

100

Analytics Tracker makes it super easy to add Google Analytics tracking code on your site

1K 1 CVE

Datalayer for WooCommerce FREE

datalayer-for-ecommerce-free

100

The Data Layer is an object that makes available in real time the information that is executed by users while browsing the WooCommerce Store.

700 No CVEs

Developer Profile

Vectoron Developer Profile

Vectoron

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Vectoron

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/vectoron/assets/css/admin-style.css/wp-content/plugins/vectoron/assets/css/frontend-style.css/wp-content/plugins/vectoron/assets/js/frontend-script.js/wp-content/plugins/vectoron/assets/js/admin-script.js

Script Paths

/wp-content/plugins/vectoron/vectoron-api.php/wp-content/plugins/vectoron/includes/ajax-proxy.php

Version Parameters

vectoron/assets/css/admin-style.css?ver=vectoron/assets/css/frontend-style.css?ver=vectoron/assets/js/frontend-script.js?ver=vectoron/assets/js/admin-script.js?ver=

HTML / DOM Fingerprints

CSS Classes

vectoron-settings-pagevectoron-admin-navvectoron-admin-wrap

HTML Comments

Data Attributes

data-vectoron-iddata-vectoron-type

JS Globals

vectoron_ajax_object

REST Endpoints

/wp-json/vectoron/v1/get-content/wp-json/vectoron/v1/save-content/wp-json/vectoron/v1/get-schema/wp-json/vectoron/v1/update-schema

Shortcode Output

[vectoron_article]

FAQ