微信群发助手(WeChat Helper) Security & Risk Analysis
wordpress.org/plugins/weixin-helper使用微信公众号、微博粉丝服务的[高级群发接口]实现WordPress自动群发给用户
Is 微信群发助手(WeChat Helper) Safe to Use in 2026?
Generally Safe
Score 85/100微信群发助手(WeChat Helper) has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The weixin-helper v1.0.1 plugin presents a concerning security posture despite a clean vulnerability history and an absence of identified taint flows. The static analysis reveals a significant weakness in output escaping, with 0% of 38 outputs being properly escaped. This is a critical oversight, as unescaped output can lead to cross-site scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into web pages viewed by other users. Furthermore, the complete lack of nonce checks and capability checks on any potential entry points, while the attack surface is reported as zero, is still a point of vigilance. If any functionality were to be inadvertently exposed, these checks would be absent, leaving it vulnerable to unauthorized actions.
Key Concerns
- All outputs are unescaped
- No nonce checks found
- No capability checks found
微信群发助手(WeChat Helper) Security Vulnerabilities
微信群发助手(WeChat Helper) Code Analysis
Output Escaping
微信群发助手(WeChat Helper) Attack Surface
WordPress Hooks 2
Maintenance & Trust
微信群发助手(WeChat Helper) Maintenance & Trust
Maintenance Signals
Community Trust
微信群发助手(WeChat Helper) Alternatives
Payment gateway for WooCommerce – Woo WeChatPay
woo-wechatpay
WeChat Pay payment gateway for WooCommerce.
![[Aotuman] Grab WeChat Articles](https://ps.w.org/apoyl-grabweixin/assets/icon-128x128.png){kind=icon}
[Aotuman] Grab WeChat Articles
apoyl-grabweixin
Enter the WeChat Official Account article link in the editor, click "Grab WeChat Articles," and the content will be automatically captured i …
![[凹凸曼]一键微信登录](https://ps.w.org/apoyl-weixin/assets/icon-128x128.png){kind=icon}
[凹凸曼]一键微信登录
apoyl-weixin
这是一款实现微信互联一键登录网站,让用户不在繁琐去注册用户,一键实现微信登录,可以让电脑版网站扫描登录和手机微信登录,多个公众号,甚至以后需要移动APP应用微信登录,统一用户账号的需求,极大的方便用户登录网站.
zhanzhangb-share
zhanzhangb-share
插件功能:支持微信分享:带缩略图与摘要、朋友圈分享带缩略图与摘要(均支持未认证公众号);QQ分享:带缩略图;QQ空间分享:带缩略图与摘要;微博分享:带缩略图与摘要;LinkedIn分享:带缩略图与摘要;邮件分享:调起系统默认邮箱客户端
微信二维码登陆
qrcode-login-for-weixin
请注意:
微信群发助手(WeChat Helper) Developer Profile
6 plugins · 150 total installs
How We Detect 微信群发助手(WeChat Helper)
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/weixin-helper/images/icon_weixin.png/wp-content/plugins/weixin-helper/images/weixin-logo.pngweixin-helper/style.css?ver=weixin-helper/js/admin.js?ver=HTML / DOM Fingerprints
wptao-containerwptao-gridwptao-mainwptao-sidebarwptao-boxwptao-box.yellowinput-panel<!-- end of inside --><!-- end of postbox --><!-- end of group -->upid="helper_image"name="helper[post_types][]"name="helper[item]"name="helper[nopic]"name="helper[image]"name="helper[top]"+9 moreweixin_url