Does Content Pilot – Autoblogging & Affiliate Marketing Suite have any unpatched vulnerabilities?

No. All known vulnerabilities in Content Pilot – Autoblogging & Affiliate Marketing Suite have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Content Pilot – Autoblogging & Affiliate Marketing Suite compatible with WordPress 6.9.4?

According to WordPress.org data, Content Pilot – Autoblogging & Affiliate Marketing Suite 2.2.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Content Pilot – Autoblogging & Affiliate Marketing Suite compatible with PHP 8.0+?

Content Pilot – Autoblogging & Affiliate Marketing Suite requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

Content Pilot – Autoblogging & Affiliate Marketing Suite Security & Risk Analysis

wordpress.org/plugins/wp-content-pilot

Automatically post contents, create news feeds, import and display unlimited RSS feeds from various sources in a few clicks!

1K active installs v2.2.0 PHP 8.0+ WP 5.2+ Updated Feb 10, 2026

autoblognews-aggregatorrss-aggregatorrss-importyoutube-feed

A · Safe

CVEs total2

Unpatched0

Last CVENov 8, 2025

Plugin page Download

Safety Verdict

Is Content Pilot – Autoblogging & Affiliate Marketing Suite Safe to Use in 2026?

Generally Safe

Score 98/100

Content Pilot – Autoblogging & Affiliate Marketing Suite has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Nov 8, 2025Updated 1mo ago

Risk Assessment

The wp-content-pilot plugin, version 2.2.1, exhibits a mixed security posture. On the positive side, it demonstrates good practices with a high percentage of properly escaped outputs and a significant number of SQL queries using prepared statements. The absence of critical or high-severity vulnerabilities in its history, and the fact that all past CVEs are currently patched, are also encouraging signs. However, there are notable concerns that warrant attention.

The static analysis reveals a total of 7 AJAX handlers, with one explicitly lacking authentication checks. This unprotected AJAX handler represents a direct entry point that could be exploited by unauthenticated users, potentially leading to unauthorized actions or information disclosure. While the taint analysis did not uncover critical or high-severity issues, one flow with an unsanitized path indicates a potential for injection vulnerabilities if not handled carefully in downstream components.

The vulnerability history, although currently clear of active issues, has previously included medium-severity vulnerabilities related to Missing Authorization and Injection. This pattern suggests that while the developers have addressed past issues, these types of vulnerabilities have been a recurring concern, implying a need for continued vigilance in these areas. The presence of bundled libraries, like Select2, also introduces a dependency that, if outdated or vulnerable, could introduce risks.

Key Concerns

AJAX handler without authentication checks
Taint flow with unsanitized path
Past medium vulnerabilities (Missing Auth, Injection)
Bundled library (Select2)

Vulnerabilities

Content Pilot – Autoblogging & Affiliate Marketing Suite Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2025-64263medium · 4.3Missing Authorization

Content Pilot <= 2.1.7 - Missing Authorization

Nov 8, 2025 Patched in 2.1.8 (10d)

CVE-2023-45053medium · 4.3Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

WP Content Pilot – Autoblogging & Affiliate Marketing Plugin <= 1.3.3 - Authenticated (Contributor+) Content Injection

Oct 3, 2023 Patched in 1.3.4 (112d)

Code Analysis

Analyzed Mar 16, 2026

Content Pilot – Autoblogging & Affiliate Marketing Suite Code Analysis

Dangerous Functions

Raw SQL Queries

26 prepared

Unescaped Output

388 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

43% prepared61 total queries

Output Escaping

80% escaped485 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

3 flows1 with unsanitized paths

<action-metabox> (includes\admin\views\metabox\action-metabox.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Content Pilot – Autoblogging & Affiliate Marketing Suite Attack Surface

Entry Points7

Unprotected1

AJAX Handlers 7

authwp_ajax_wpcp_delete_all_campaign_postsincludes\action-functions.php:94

authwp_ajax_wpcp_clear_logsincludes\action-functions.php:112

authwp_ajax_wpcp_remove_cached_linkincludes\action-functions.php:141

authwp_ajax_wpcp_pro_get_keyword_suggestionincludes\action-functions.php:195

authwp_ajax_wpcp_run_manual_campaignincludes\action-functions.php:356

authwp_ajax_wpcp_get_campaign_instance_logincludes\action-functions.php:402

authwp_ajax_wpcp_dismiss_noticeincludes\class-wpcp-notices.php:74

WordPress Hooks 65

actionwpcp_per_minute_scheduled_eventsincludes\action-functions.php:55

actionwp_wpcp_automatic_campaign_cronincludes\action-functions.php:56

actionwp_privacy_delete_old_export_filesincludes\action-functions.php:57

actionwpcp_after_post_publishincludes\action-functions.php:237

actionwp_scheduled_deleteincludes\action-functions.php:251

actionadmin_post_wpcp_campaign_reset_searchincludes\action-functions.php:276

actionwp_trash_postincludes\action-functions.php:422

actionadmin_enqueue_scriptsincludes\admin\class-settings-framework.php:38

actionadmin_menuincludes\admin\class-wpcp-admin.php:52

actionadmin_menuincludes\admin\class-wpcp-admin.php:53

actionadmin_initincludes\admin\class-wpcp-admin.php:54

actionadmin_initincludes\admin\class-wpcp-admin.php:55

actionadmin_footer_textincludes\admin\class-wpcp-admin.php:56

actionadmin_menuincludes\admin\class-wpcp-help.php:9

actionadmin_initincludes\admin\class-wpcp-settings.php:19

actionadmin_menuincludes\admin\class-wpcp-settings.php:20

actionadd_meta_boxes_wp_content_pilotincludes\admin\metabox-functions.php:41

actiondo_meta_boxesincludes\admin\metabox-functions.php:59

actionsave_post_wp_content_pilotincludes\admin\metabox-functions.php:218

actionwpcp_campaign_options_meta_fieldsincludes\admin\metabox-functions.php:357

actionwpcp_campaign_options_meta_fieldsincludes\admin\metabox-functions.php:358

actionwpcp_campaign_options_meta_fieldsincludes\admin\metabox-functions.php:359

actionwpcp_campaign_options_meta_fieldsincludes\admin\metabox-functions.php:360

actionwpcp_campaign_options_meta_fieldsincludes\admin\metabox-functions.php:361

actionwpcp_campaign_options_meta_fieldsincludes\admin\metabox-functions.php:362

actionwpcp_campaign_options_meta_fieldsincludes\admin\metabox-functions.php:363

actionwpcp_campaign_options_meta_fieldsincludes\admin\metabox-functions.php:364

actionwpcp_campaign_options_meta_fieldsincludes\admin\metabox-functions.php:365

actionwpcp_campaign_options_meta_fieldsincludes\admin\metabox-functions.php:366

actionwpcp_campaign_options_meta_fieldsincludes\admin\metabox-functions.php:368

actionwpcp_advanced_settings_metaboxincludes\admin\metabox-functions.php:396

actionwpcp_advanced_settings_metaboxincludes\admin\metabox-functions.php:425

filterwpcp_modulesincludes\class-wpcp-module.php:78

filterwpcp_settings_sectionsincludes\class-wpcp-module.php:86

filterwpcp_settings_fieldsincludes\class-wpcp-module.php:87

actioninitincludes\class-wpcp-modules.php:48

actionadmin_enqueue_scriptsincludes\class-wpcp-notices.php:71

actionadmin_noticesincludes\class-wpcp-notices.php:77

actionadmin_initincludes\class-wpcp-notices.php:80

actionshutdownincludes\class-wpcp-notices.php:83

actionadmin_initincludes\class-wpcp-notices.php:358

filterwpcp_skip_duplicate_titleincludes\core-functions.php:550

actionwpcp_article_campaign_options_meta_fieldsincludes\modules\class-wpcp-article.php:48

actionwpcp_article_campaign_options_meta_fieldsincludes\modules\class-wpcp-article.php:49

actionwpcp_envato_campaign_options_meta_fieldsincludes\modules\class-wpcp-envato.php:18

actionwpcp_envato_campaign_options_meta_fieldsincludes\modules\class-wpcp-envato.php:19

actionwp_feed_optionsincludes\modules\class-wpcp-feed.php:19

actionhttp_responseincludes\modules\class-wpcp-feed.php:20

actionwp_feed_optionsincludes\modules\class-wpcp-feed.php:241

actionwpcp_flickr_campaign_options_meta_fieldsincludes\modules\class-wpcp-flickr.php:17

actionwpcp_flickr_campaign_options_meta_fieldsincludes\modules\class-wpcp-flickr.php:18

actionwpcp_youtube_campaign_options_meta_fieldsincludes\modules\class-wpcp-youtube.php:19

actionwpcp_youtube_campaign_options_meta_fieldsincludes\modules\class-wpcp-youtube.php:20

actionadmin_noticesincludes\modules\class-wpcp-youtube.php:25

actioninitincludes\post-types.php:57

filterpost_updated_messagesincludes\post-types.php:93

filterenter_title_hereincludes\post-types.php:112

actionmanage_wp_content_pilot_posts_columnsincludes\post-types.php:133

actionmanage_wp_content_pilot_posts_custom_columnincludes\post-types.php:198

actionadmin_enqueue_scriptsincludes\script-functions.php:47

filterhttp_request_argswp-content-pilot.php:191

actionplugins_loadedwp-content-pilot.php:225

actioninitwp-content-pilot.php:226

filtercron_scheduleswp-content-pilot.php:227

filterplugin_row_metawp-content-pilot.php:229

Scheduled Events 2

wpcp_per_minute_scheduled_events

wpcp_daily_scheduled_events

Maintenance & Trust

Content Pilot – Autoblogging & Affiliate Marketing Suite Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 10, 2026

PHP min version8.0

Downloads112K

Community Trust

Rating72/100

Number of ratings36

Active installs1K

Alternatives

Content Pilot – Autoblogging & Affiliate Marketing Suite Alternatives

RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging

wp-rss-aggregator

The #1 WordPress RSS aggregator to quickly import RSS feeds, build a news aggregator, and for easy autoblogging.

50K 13 CVEs

RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator

feedzy-rss-feeds

The most powerful WordPress RSS aggregator, helping you curate content, autoblog, import RSS & display unlimited RSS feeds within a few minutes.

40K 11 CVEs

RSS Feed Retriever

wp-rss-retriever

The fastest RSS feeds plugin for WordPress. Includes excerpt & thumbnail image. Use as a news aggregator, autoblog, or RSS parsing.

8K 2 CVEs

WP Autoblog

wp-autoblog

WP Autoblog lets you import content from various sources. Import posts from multiple sources to fill your blog with content! Custom content filter: …

100 No CVEs

Feeds for YouTube (YouTube video, channel, and gallery plugin)

feeds-for-youtube

The Feeds for YouTube plugin allows you to display customizable YouTube feeds from any YouTube channel.

100K 4 CVEs

Developer Profile

Content Pilot – Autoblogging & Affiliate Marketing Suite Developer Profile

PluginEver

12 plugins · 14K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

317 days

View full developer profile

Detection Fingerprints

How We Detect Content Pilot – Autoblogging & Affiliate Marketing Suite

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-content-pilot/assets/css/wpcp-frontend.css/wp-content/plugins/wp-content-pilot/assets/css/wpcp-backend.css/wp-content/plugins/wp-content-pilot/assets/js/wpcp-frontend.js/wp-content/plugins/wp-content-pilot/assets/js/wpcp-backend.js/wp-content/plugins/wp-content-pilot/assets/js/wpcp-modal.js/wp-content/plugins/wp-content-pilot/assets/js/wpcp-shortcode.js/wp-content/plugins/wp-content-pilot/assets/js/wpcp-editor.js/wp-content/plugins/wp-content-pilot/assets/js/wpcp-tinymce-button.js+5 more

Script Paths

/wp-content/plugins/wp-content-pilot/assets/js/wpcp-frontend.js/wp-content/plugins/wp-content-pilot/assets/js/wpcp-backend.js/wp-content/plugins/wp-content-pilot/assets/js/wpcp-modal.js/wp-content/plugins/wp-content-pilot/assets/js/wpcp-shortcode.js/wp-content/plugins/wp-content-pilot/assets/js/wpcp-editor.js/wp-content/plugins/wp-content-pilot/assets/js/wpcp-tinymce-button.js+5 more

Version Parameters

/wp-content/plugins/wp-content-pilot/assets/css/wpcp-frontend.css?ver=/wp-content/plugins/wp-content-pilot/assets/css/wpcp-backend.css?ver=/wp-content/plugins/wp-content-pilot/assets/js/wpcp-frontend.js?ver=/wp-content/plugins/wp-content-pilot/assets/js/wpcp-backend.js?ver=/wp-content/plugins/wp-content-pilot/assets/js/wpcp-modal.js?ver=/wp-content/plugins/wp-content-pilot/assets/js/wpcp-shortcode.js?ver=/wp-content/plugins/wp-content-pilot/assets/js/wpcp-editor.js?ver=/wp-content/plugins/wp-content-pilot/assets/js/wpcp-tinymce-button.js?ver=/wp-content/plugins/wp-content-pilot/assets/js/wpcp-admin.js?ver=/wp-content/plugins/wp-content-pilot/assets/js/wpcp-modules-feed.js?ver=/wp-content/plugins/wp-content-pilot/assets/js/wpcp-modules-youtube.js?ver=/wp-content/plugins/wp-content-pilot/assets/js/wpcp-modules-envato.js?ver=/wp-content/plugins/wp-content-pilot/assets/js/wpcp-modules-flickr.js?ver=

HTML / DOM Fingerprints

CSS Classes

wpcp-content-pilot-wrapperwpcp-modal-contentwpcp-modal-headerwpcp-modal-bodywpcp-modal-footerwpcp-source-listwpcp-source-itemwpcp-log-list+9 more

HTML Comments

+9 more

Data Attributes

data-wpcp-source-iddata-wpcp-module-typedata-wpcp-action

JS Globals

WPCPAjaxUrlWPCPSettingsWPCP_VarswpContentPilotFrontendWPCPScriptsWPCPEditor

REST Endpoints

/wp-json/wpcp/v1/get_sources/wp-json/wpcp/v1/save_source/wp-json/wpcp/v1/delete_source/wp-json/wpcp/v1/get_logs/wp-json/wpcp/v1/get_items/wp-json/wpcp/v1/save_item/wp-json/wpcp/v1/delete_item/wp-json/wpcp/v1/run_module/wp-json/wpcp/v1/get_module_data

Shortcode Output

[content_pilot_feed][content_pilot_youtube][content_pilot_envato][content_pilot_flickr]

FAQ