Does Worddown have any unpatched vulnerabilities?

No. All known vulnerabilities in Worddown have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Worddown compatible with WordPress 6.9.4?

According to WordPress.org data, Worddown 1.1.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Worddown compatible with PHP 8.1+?

Worddown requires PHP 8.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Worddown updated?

Worddown was last updated on Feb 11, 2026. Frequent updates are generally a positive security signal.

What is Worddown's security score?

Worddown has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Worddown Security & Risk Analysis

wordpress.org/plugins/worddown

Export WordPress pages and posts to markdown files for AI chatbots with support for custom page builders and multilingual content.

20 active installs v1.1.3 PHP 8.1+ WP 5.0+ Updated Feb 11, 2026

aichatbotcontentexportmarkdown

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Worddown Safe to Use in 2026?

Generally Safe

Score 100/100

Worddown has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The plugin 'worddown' v1.1.3 exhibits a strong security posture based on the provided static analysis. The absence of direct vulnerabilities in SQL queries, the consistent 100% output escaping, and the robust use of capability checks across all identified REST API routes are commendable practices. The plugin also avoids common pitfalls like bundled libraries and external HTTP requests, further reducing its attack surface. The vulnerability history being completely clear of any recorded CVEs is a significant positive indicator of past security diligence.

While the static analysis reveals a clean slate regarding dangerous functions and taint flows, and no unpatched vulnerabilities are known, the data does present some areas for consideration. The lack of nonce checks across the identified entry points (though they are protected by capability checks for REST API) could be a potential, albeit minor, concern in specific scenarios if the capability checks were to be bypassed or misconfigured. The presence of file operations, while not inherently risky, warrants attention to ensure these operations are performed securely and do not introduce vulnerabilities. Overall, 'worddown' v1.1.3 appears to be a well-secured plugin with minimal immediate risks, but continued vigilance and review of file operation implementations are advisable.

Key Concerns

No nonce checks on entry points
Presence of file operations

Vulnerabilities

None known

Worddown Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Worddown Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

32 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

67% prepared3 total queries

Output Escaping

100% escaped32 total outputs

Attack Surface

Worddown Attack Surface

Entry Points12

Unprotected0

REST API Routes 12

GET/wp-json/worddown/v1/dashboardapp\Admin\Dashboard.php:70

GET/wp-json/worddown/v1/settings-schemaapp\Admin\Settings.php:291

GET/wp-json/worddown/v1/settingsapp\Admin\Settings.php:299

POST/wp-json/worddown/v1/settingsapp\Admin\Settings.php:307

GET/wp-json/worddown/v1/post-typesapp\Admin\Settings.php:315

GET/wp-json/worddown/v1/adaptersapp\Admin\Settings.php:333

GET/wp-json/worddown/v1/filesapp\Export\Api.php:49

GET/wp-json/worddown/v1/files/(?P<id>\d+)app\Export\Api.php:56

POST/wp-json/worddown/v1/exportapp\Export\Api.php:71

POST/wp-json/worddown/v1/local-exportapp\Export\Api.php:78

GET/wp-json/worddown/v1/export-statusapp\Export\Api.php:87

POST/wp-json/worddown/v1/cancel-exportapp\Export\Api.php:96

WordPress Hooks 19

actionworddown_before_exportapp\Adapters\Modularity.php:15

actionworddown_after_exportapp\Adapters\Modularity.php:16

filterthe_contentapp\Adapters\Modularity.php:50

actionadmin_menuapp\Admin\Dashboard.php:26

actionrest_api_initapp\Admin\Dashboard.php:69

actionin_admin_headerapp\Admin\Header.php:14

actioninitapp\Admin\Settings.php:26

actionadmin_menuapp\Admin\Settings.php:27

actionadmin_initapp\Admin\Settings.php:28

filtercron_schedulesapp\Admin\Settings.php:29

actionrest_api_initapp\Admin\Settings.php:33

actionplugins_loadedapp\Application\App.php:57

actionadmin_menuapp\Application\App.php:58

actionadmin_body_classapp\Application\App.php:59

actionadmin_enqueue_scriptsapp\Assets\Assets.php:14

actionadmin_enqueue_scriptsapp\Assets\Assets.php:15

actionrest_api_initapp\Export\Api.php:33

actionworddown_export_cronapp\Export\Export.php:76

actionworddown_process_export_chunkapp\Export\Export.php:77

Scheduled Events 3

worddown_export_cron

worddown_process_export_chunk

Maintenance & Trust

Worddown Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 11, 2026

PHP min version8.1

Downloads714

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

Worddown Alternatives

LLM Markdown – Expose Content as .md

llm-markdown

100

Expose WordPress posts and pages as real .md URLs with YAML front matter for LLMs, AI ingestion, and headless workflows.

10 No CVEs

AI Bud – AI Content Generator, AI Chatbot, ChatGPT, Gemini, GPT-4o

aibuddy-openai-chatgpt

100

AI Bud an AI Content & Image Generation, AI ChatBot, ChatGPT, OpenAI, Perplexity, Gemini, GPT-4o, LLAMA, Mistral

3K No CVEs

MxChat – AI Chatbot & Content Generation for WordPress

mxchat-basic

The best free AI chatbot and content generation plugin for WordPress. Train ChatGPT, Claude, Gemini, or Grok on your website content.

1K 2 CVEs

AI Product Tools – Bulk Product Content Generator & AI Toolkit for WooCommerce

ai-product-tools

100

All-in-One AI Suite for WooCommerce: Bulk generate descriptions, titles, tags, FAQs, SEO Meta & AI Chatbot via OpenAI, Gemini, Claude & OpenRouter

400 No CVEs

StoreAgent – WooCommerce AI Chatbot & AI Content Tools

storeagent-ai-for-woocommerce

100

WooCommerce AI Chatbot for stores with built-in AI content tools. Generate product descriptions, answer customer questions & more with AI.

200 No CVEs

Developer Profile

Worddown Developer Profile

Adam Alexandersson

2 plugins · 40 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Worddown

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/worddown/dist/resources/assets/js/admin.tsx

Script Paths

/wp-content/plugins/worddown/dist/

Version Parameters

config('app.version')

HTML / DOM Fingerprints

JS Globals

worddown_variables

REST Endpoints

/worddown/v1/dashboard

FAQ