WP-Safety

WP 404 Auto Redirect to Similar Post Security & Risk Analysis

wordpress.org/plugins/wp-404-auto-redirect-to-similar-post

Automatically Redirect any 404 page to a Similar Post based on the Title Post Type & Taxonomy using 301 or 302 Redirects!

30K active installs v1.0.6 PHP 5.6+ WP 4.0+ Updated Nov 21, 2025
301404redirectseosimilar
95
A · Safe
CVEs total4
Unpatched0
Last CVEFeb 17, 2026
Download
Safety Verdict

Is WP 404 Auto Redirect to Similar Post Safe to Use in 2026?

Generally Safe

Score 95/100

WP 404 Auto Redirect to Similar Post has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

4 known CVEsLast CVE: Feb 17, 2026Updated 5mo ago
Risk Assessment

The plugin exhibits a mixed security posture. While it demonstrates good practices in its use of prepared statements for SQL queries and includes nonce and capability checks, there are significant concerns regarding its attack surface and output escaping. The presence of an unprotected AJAX handler is a critical vulnerability, providing an easily exploitable entry point for attackers. Furthermore, the low percentage of properly escaped output suggests a high likelihood of cross-site scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the site. The plugin's vulnerability history, with four known CVEs including a high-severity XSS vulnerability, reinforces these concerns. The pattern of past vulnerabilities, predominantly XSS, indicates a recurring weakness in how user input is handled. Despite the secure SQL handling, the unprotected AJAX handler and widespread output escaping issues, coupled with past vulnerabilities, indicate a significant risk.

Key Concerns

  • Unprotected AJAX handler
  • Low output escaping percentage
  • Unsanitized path in taint flow
  • One high severity vulnerability history
  • Three medium severity vulnerabilities history
Vulnerabilities
4 published

WP 404 Auto Redirect to Similar Post Security Vulnerabilities

CVEs by Year

1 CVE in 2023
2023
2 CVEs in 2024
2024
1 CVE in 2026
2026
Patched Has unpatched

Severity Breakdown

Medium
4

4 total CVEs

CVE-2025-12037medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WP 404 Auto Redirect <= 1.0.5 - Authenticated (Admin+) Stored Cross-Site Scripting

Feb 17, 2026 Patched in 1.0.6 (1d)
CVE-2024-32559medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WP 404 Auto Redirect to Similar Post <= 1.0.4 - Reflected Cross-Site Scripting via Debug Mode URI

Apr 16, 2024 Patched in 1.0.5 (105d)
CVE-2024-0509medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WP 404 Auto Redirect to Similar Post <= 1.0.3 - Reflected Cross-Site Scripting via request

Feb 5, 2024 Patched in 1.0.4 (176d)
CVE-2023-40206medium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WP 404 Auto Redirect to Similar Post <= 1.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting

Aug 11, 2023 Patched in 1.0.4 (959d)
Version History

WP 404 Auto Redirect to Similar Post Release Timeline

v1.0.6Current
v1.0.51 CVE
CVE-2025-12037
v1.0.42 CVEs
CVE-2024-32559 CVE-2025-12037
v1.0.34 CVEs
CVE-2024-32559 CVE-2023-40206 CVE-2024-0509 +1 more
v1.0.24 CVEs
CVE-2024-32559 CVE-2023-40206 CVE-2024-0509 +1 more
v1.0.14 CVEs
CVE-2024-32559 CVE-2023-40206 CVE-2024-0509 +1 more
v1.04 CVEs
CVE-2024-32559 CVE-2023-40206 CVE-2024-0509 +1 more
v0.9.0.24 CVEs
CVE-2024-32559 CVE-2023-40206 CVE-2024-0509 +1 more
v0.9.0.14 CVEs
CVE-2024-32559 CVE-2023-40206 CVE-2024-0509 +1 more
v0.94 CVEs
CVE-2024-32559 CVE-2023-40206 CVE-2024-0509 +1 more
v0.7.74 CVEs
CVE-2024-32559 CVE-2023-40206 CVE-2024-0509 +1 more
v0.7.64 CVEs
CVE-2024-32559 CVE-2023-40206 CVE-2024-0509 +1 more
v0.7.24 CVEs
CVE-2024-32559 CVE-2023-40206 CVE-2024-0509 +1 more
v0.7.14 CVEs
CVE-2024-32559 CVE-2023-40206 CVE-2024-0509 +1 more
v0.74 CVEs
CVE-2024-32559 CVE-2023-40206 CVE-2024-0509 +1 more
v0.4.0.24 CVEs
CVE-2024-32559 CVE-2023-40206 CVE-2024-0509 +1 more
v0.44 CVEs
CVE-2024-32559 CVE-2023-40206 CVE-2024-0509 +1 more
v0.3.24 CVEs
CVE-2024-32559 CVE-2023-40206 CVE-2024-0509 +1 more
v0.34 CVEs
CVE-2024-32559 CVE-2023-40206 CVE-2024-0509 +1 more
Code Analysis
Analyzed Mar 16, 2026

WP 404 Auto Redirect to Similar Post Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
1 prepared
Unescaped Output
35
4 escaped
Nonce Checks
1
Capability Checks
3
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared1 total queries

Output Escaping

10% escaped39 total outputs
Data Flows · Security
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<index> (index.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

WP 404 Auto Redirect to Similar Post Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_wp404arsp_ajax_previewwp-404-auto-redirect-similar-post.php:97
WordPress Hooks 13
actionwp404arsp/search/initclass\class-engines.php:19
filterwp404arsp/search/engine/default_fix_urlclass\class-engines.php:22
filterwp404arsp/search/engine/default_directclass\class-engines.php:23
filterwp404arsp/search/engine/default_postclass\class-engines.php:24
filterwp404arsp/search/engine/default_termclass\class-engines.php:25
filterwp404arsp/search/engine/default_post_fallbackclass\class-engines.php:26
actionwp404arsp/search/initclass\class-groups.php:19
actionadmin_menuwp-404-auto-redirect-similar-post.php:88
filterplugin_action_linkswp-404-auto-redirect-similar-post.php:89
actionadmin_initwp-404-auto-redirect-similar-post.php:90
actionadmin_enqueue_scriptswp-404-auto-redirect-similar-post.php:91
actiontemplate_redirectwp-404-auto-redirect-similar-post.php:94
actionwp404arsp/after_redirectwp-404-auto-redirect-similar-post.php:100
Maintenance & Trust

WP 404 Auto Redirect to Similar Post Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedNov 21, 2025
PHP min version5.6
Downloads397K

Community Trust

Rating98/100
Number of ratings113
Active installs30K
Alternatives

WP 404 Auto Redirect to Similar Post Alternatives

SEO Redirection Plugin – 301 Redirect Manager

SEO Redirection Plugin – 301 Redirect Manager

seo-redirection

A
96

SEO Redirection is a powerful redirect manager to manage 301 redirects without requiring knowledge of Apache .htaccess files.

10K 9 CVEs
404 ReDirector

404 ReDirector

404-redirector

A
92

Simple, SEO friendly, permanent (301) and automatic redirect of 404 errors.

80 No CVEs
CeeWP Redirect 404 to Home

CeeWP Redirect 404 to Home

ceewp-redirect-404-to-home

A
100

Automatically redirects 404 (not found) pages to your homepage with a 301 permanent redirect.

80 No CVEs
SEO404

SEO404

seo404

A
85

SEO404 redirects to the Blog front page with a 301. No more 404 errors on Google/Bing/etc.

70 No CVEs
Post Redirection – 301, 404 Redirects

Post Redirection – 301, 404 Redirects

advance-wp-redirect

A
100

Post Redirection – 301, 404 Redirects lets you quickly redirect pages, posts, custom types, and URLs to new locations for seamless navigation.

40 No CVEs
Developer Profile

WP 404 Auto Redirect to Similar Post Developer Profile

Konrad Chmielewski

5 plugins · 130K total installs

70
trust score
Avg Security Score
87/100
Avg Patch Time
236 days
View full developer profile
Detection Fingerprints

How We Detect WP 404 Auto Redirect to Similar Post

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-404-auto-redirect-to-similar-post/css/admin.css/wp-content/plugins/wp-404-auto-redirect-to-similar-post/css/style.css/wp-content/plugins/wp-404-auto-redirect-to-similar-post/js/admin.js
Version Parameters
wp-404-auto-redirect-to-similar-post/css/admin.css?ver=wp-404-auto-redirect-to-similar-post/css/style.css?ver=wp-404-auto-redirect-to-similar-post/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
wp404arsp-admin-wrapperwp404arsp-debug-wrapperwp404arsp-settings-wrapper
HTML Comments
<!-- WP 404 Auto Redirect to Similar Post by hwk-fr -->
Data Attributes
data-wp404arsp-ajax-nonce
JS Globals
wp404arsp_settings
FAQ

Frequently Asked Questions about WP 404 Auto Redirect to Similar Post