Does Wise Analytics have any unpatched vulnerabilities?

No. All known vulnerabilities in Wise Analytics have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Wise Analytics compatible with WordPress 6.9.4?

According to WordPress.org data, Wise Analytics 1.1.20 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Wise Analytics compatible with PHP 7.4.0+?

Wise Analytics requires PHP 7.4.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Wise Analytics updated?

Wise Analytics was last updated on Jan 25, 2026. Frequent updates are generally a positive security signal.

What is Wise Analytics's security score?

Wise Analytics has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Wise Analytics Security & Risk Analysis

wordpress.org/plugins/wise-analytics

Your stats are private thing. No need to store them outside your server or give it for free! Wise Analytics is an advanced web traffic tracking and an …

40 active installs v1.1.20 PHP 7.4.0+ WP 6.2.0+ Updated Jan 25, 2026

analyticsstatisticsstatstrackingtraffic

A · Safe

CVEs total1

Unpatched0

Last CVEJan 23, 2026

Plugin page Download

Safety Verdict

Is Wise Analytics Safe to Use in 2026?

Generally Safe

Score 99/100

Wise Analytics has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 23, 2026Updated 2mo ago

Risk Assessment

The wise-analytics plugin v1.1.20 exhibits a generally strong security posture based on the provided static analysis. The absence of unprotected entry points, a very high percentage of prepared SQL statements, and near-perfect output escaping suggest good development practices regarding common vulnerabilities. The presence of nonce and capability checks, though limited in number, is also a positive sign.

However, the vulnerability history raises a concern. While there are no currently unpatched CVEs, the plugin has a known medium severity vulnerability from 2026-01-23, specifically a "Missing Authorization" type. This indicates a potential for past weaknesses in access control, and while it's patched, it suggests that authorization logic should be a focal point for future audits. The lack of taint analysis results means that more complex vulnerabilities involving data flow could potentially be missed by this static analysis alone.

In conclusion, wise-analytics v1.1.20 demonstrates a solid foundation with good secure coding practices in place. The main area of caution stems from its past "Missing Authorization" vulnerability, which warrants continued vigilance and thorough review of authorization mechanisms. The limited attack surface and robust output handling are significant strengths.

Key Concerns

Past medium severity vulnerability (Missing Authorization)

Vulnerabilities

Wise Analytics Security Vulnerabilities

CVEs by Year

1 CVE in 2026

2026

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-14609medium · 5.3Missing Authorization

Wise Analytics <= 1.1.9 - Missing Authorization to Unauthenticated Arbitrary Analytics Database Disclosure via 'name' Parameter

Jan 23, 2026 Patched in 1.1.20 (11d)

Code Analysis

Analyzed Mar 16, 2026

Wise Analytics Code Analysis

Dangerous Functions

Raw SQL Queries

27 prepared

Unescaped Output

150 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

93% prepared29 total queries

Output Escaping

99% escaped151 total outputs

Attack Surface

Wise Analytics Attack Surface

Entry Points1

Unprotected0

REST API Routes 1

GET/wp-json/wise-analytics/v1/reportsrc\Endpoints\ReportsEndpoint.php:39

WordPress Hooks 16

actionadmin_menusrc\Admin\Settings.php:42

actionadmin_enqueue_scriptssrc\Admin\Settings.php:43

actionadmin_initsrc\Admin\Settings.php:44

actionwpmu_new_blogsrc\Installer.php:27

actiondelete_blogsrc\Installer.php:28

actionadmin_initsrc\Installer.php:29

actionwpcf7_before_send_mailsrc\Integrations\Plugins\ContactForm7.php:40

actionwp_loginsrc\Integrations\WordPressIntegrations.php:34

actionwp_enqueue_scriptssrc\Tracking\Core.php:17

actionwp_enqueue_scriptswise-analytics-core.php:41

actionadmin_menuwise-analytics-core.php:44

actionrest_api_initwise-analytics-core.php:45

actioninitwise-analytics-core.php:48

actioninitwise-analytics-core.php:49

actionpre_get_postswise-analytics-core.php:50

actionadmin_enqueue_scriptswise-analytics-core.php:54

Maintenance & Trust

Wise Analytics Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 25, 2026

PHP min version7.4.0

Downloads2K

Community Trust

Rating100/100

Number of ratings2

Active installs40

Alternatives

Wise Analytics Alternatives

Connect Matomo – Analytics Dashboard for WordPress

wp-piwik

Adds Matomo (former Piwik) statistics to your WordPress dashboard and is also able to add the Matomo Tracking Code to your blog.

60K 5 CVEs

Visitor Traffic Real Time Statistics

visitors-traffic-real-time-statistics

This plugin will help you to track your visitors, browsers, operating systems, visits and much more in one dashboard page.

40K 8 CVEs

User Activity Tracking and Log

user-activity-tracking-and-log

Track time and monitor user activity & history on your website, LMS online learning system, membership or WooCommerce site.

3K 2 CVEs

WP Post Statistics (Visitors & Visits Counter)

wp-post-real-time-statistics

a simple tool to know your post statistics

2K 1 CVE

Trace My IP – Visitor IP Tracker, Stats Analytics & Page Views Counter with Email Alerts

tracemyip-visitor-analytics-ip-tracking-control

100

Comprehensive visitor IP tracking and website analytics solution with real-time statistics, page view counting, and customizable email alerts.

1K No CVEs

Developer Profile

Wise Analytics Developer Profile

Marcin

2 plugins · 6K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

565 days

View full developer profile

Detection Fingerprints

How We Detect Wise Analytics

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wise-analytics/assets/css/settings/wise-analytics-settings.css/wp-content/plugins/wise-analytics/assets/js/settings/wise-analytics-settings.js

Script Paths

/wp-content/plugins/wise-analytics/assets/js/settings/wise-analytics-settings.js

Version Parameters

wise-analytics/assets/css/settings/wise-analytics-settings.css?ver=wise-analytics/assets/js/settings/wise-analytics-settings.js?ver=

HTML / DOM Fingerprints

CSS Classes

wcAdminTabContainerwcAdminMenuwcAdminFlhndlewcAdminCb

Data Attributes

data-section-id

JS Globals

wise_analytics_append_tab

REST Endpoints

/wp-json/wise-analytics

FAQ