Does Wp-Insert have any unpatched vulnerabilities?

No. All known vulnerabilities in Wp-Insert have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Wp-Insert compatible with WordPress 6.1.10?

According to WordPress.org data, Wp-Insert 2.5.1 has been tested up to WordPress 6.1.10. Check the plugin's changelog for the latest compatibility information.

How often is Wp-Insert updated?

Wp-Insert was last updated on Feb 8, 2023. Frequent updates are generally a positive security signal.

What is Wp-Insert's security score?

Wp-Insert has a WP-Safety security score of 83/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Wp-Insert Security & Risk Analysis

wordpress.org/plugins/wp-insert

The Ultimate Adsense / Ad-Management Plugin for Wordpress

10K active installs v2.5.1 PHP + WP + Updated Feb 8, 2023

adsensegoogle-adsgoogle-adsensegoogle-analyticsprivacy-policy

B · Generally Safe

CVEs total2

Unpatched0

Last CVEFeb 15, 2023

Plugin page Download

Safety Verdict

Is Wp-Insert Safe to Use in 2026?

Mostly Safe

Score 83/100

Wp-Insert is generally safe to use though it hasn't been updated recently. 2 past CVEs were resolved. Keep it updated.

2 known CVEsLast CVE: Feb 15, 2023Updated 3yr ago

Risk Assessment

The 'wp-insert' plugin v2.5.1 presents a mixed security posture. While it demonstrates strengths in using prepared statements for all SQL queries and has a significant number of nonce checks, it also exhibits notable weaknesses. The presence of 15 AJAX handlers without authentication checks significantly expands the attack surface, presenting a direct route for unauthorized actions. Furthermore, the taint analysis reveals 4 flows with unsanitized paths, indicating potential for various injection vulnerabilities if not properly handled downstream. The plugin's vulnerability history is a significant concern, with 2 known CVEs, including a past critical vulnerability, and a history of Cross-site Scripting and Unrestricted File Uploads. Although there are currently no unpatched CVEs, this history suggests a recurring pattern of input validation and sanitization issues.

Key Concerns

15 AJAX handlers without auth checks
4 flows with unsanitized paths
11% of output properly escaped
1 critical CVE in history
1 medium CVE in history
Vulnerability types: XSS, Unrestricted Upload

Vulnerabilities

Wp-Insert Security Vulnerabilities

CVEs by Year

1 CVE in 2018

2018

1 CVE in 2023

2023

Patched Has unpatched

Severity Breakdown

Critical

Medium

2 total CVEs

CVE-2023-25461medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Wp-Insert <= 2.5.0 Authenticated (Admin+) Stored Cross Site Scripting

Feb 15, 2023 Patched in 2.5.1 (342d)

CVE-2018-17573critical · 9.8Unrestricted Upload of File with Dangerous Type

Wp-Insert <= 2.4.2 - Arbitrary File Upload

Sep 27, 2018 Patched in 2.4.3 (1944d)

Code Analysis

Analyzed Mar 16, 2026

Wp-Insert Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

135

17 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

11% escaped152 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

15 flows4 with unsanitized paths

wp_insert_google_adunit_get_stats (includes\modules\general\google\functions.php:128)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

15 unprotected

Wp-Insert Attack Surface

Entry Points60

Unprotected15

AJAX Handlers 56

authwp_ajax_wp_insert_abtesting_configuration_form_get_contentincludes\modules\core\abtesting\module.php:21

authwp_ajax_wp_insert_abtesting_configuration_form_save_actionincludes\modules\core\abtesting\module.php:44

authwp_ajax_wp_insert_adstxt_adsense_admin_notice_dismissincludes\modules\core\adstxt\adsense.php:52

authwp_ajax_wp_insert_adstxt_adsense_auto_updateincludes\modules\core\adstxt\adsense.php:61

authwp_ajax_wp_insert_adstxt_generate_form_get_contentincludes\modules\core\adstxt\module.php:33

authwp_ajax_wp_insert_adstxt_generate_form_save_actionincludes\modules\core\adstxt\module.php:68

authwp_ajax_wp_insert_admin_notice_dismissincludes\modules\core\controlpanel\module.php:96

authwp_ajax_wp_insert_gutenberg_get_ad_dataincludes\modules\core\gutenberg\module.php:17

authwp_ajax_wp_insert_google_login_form_get_contentincludes\modules\general\google\functions.php:3

authwp_ajax_wp_insert_google_login_generate_auth_urlincludes\modules\general\google\functions.php:86

authwp_ajax_wp_insert_google_login_form_save_actionincludes\modules\general\google\functions.php:99

authwp_ajax_wp_insert_google_logout_actionincludes\modules\general\google\functions.php:116

authwp_ajax_wp_insert_google_adunit_get_statsincludes\modules\general\google\functions.php:127

authwp_ajax_wp_insert_google_get_ad_unitsincludes\modules\general\google\module.php:79

authwp_ajax_wp_insert_google_get_chartincludes\modules\general\google\module.php:112

authwp_ajax_wp_insert_inpostads_get_ad_formincludes\modules\general\inpost\module.php:21

authwp_ajax_wp_insert_inpostads_save_ad_dataincludes\modules\general\inpost\module.php:25

authwp_ajax_wp_insert_inpostads_delete_ad_dataincludes\modules\general\inpost\module.php:26

authwp_ajax_wp_insert_inthemeads_get_ad_formincludes\modules\general\intheme\module.php:13

authwp_ajax_wp_insert_inthemeads_save_ad_dataincludes\modules\general\intheme\module.php:14

authwp_ajax_wp_insert_inthemeads_delete_ad_dataincludes\modules\general\intheme\module.php:15

authwp_ajax_wp_insert_legalpages_privacy_policy_form_get_contentincludes\modules\general\legalpages\functions.php:3

authwp_ajax_wp_insert_legalpages_privacy_policy_form_save_actionincludes\modules\general\legalpages\functions.php:49

authwp_ajax_wp_insert_legalpages_privacy_policy_form_generate_page_actionincludes\modules\general\legalpages\functions.php:60

authwp_ajax_wp_insert_legalpages_terms_conditions_form_get_contentincludes\modules\general\legalpages\functions.php:84

authwp_ajax_wp_insert_legalpages_terms_conditions_form_save_actionincludes\modules\general\legalpages\functions.php:130

authwp_ajax_wp_insert_legalpages_terms_conditions_form_generate_page_actionincludes\modules\general\legalpages\functions.php:141

authwp_ajax_wp_insert_legalpages_disclaimer_form_get_contentincludes\modules\general\legalpages\functions.php:165

authwp_ajax_wp_insert_legalpages_disclaimer_form_save_actionincludes\modules\general\legalpages\functions.php:211

authwp_ajax_wp_insert_legalpages_disclaimer_form_generate_page_actionincludes\modules\general\legalpages\functions.php:222

authwp_ajax_wp_insert_legalpages_copyright_form_get_contentincludes\modules\general\legalpages\functions.php:246

authwp_ajax_wp_insert_legalpages_copyright_form_save_actionincludes\modules\general\legalpages\functions.php:292

authwp_ajax_wp_insert_legalpages_copyright_form_generate_page_actionincludes\modules\general\legalpages\functions.php:303

authwp_ajax_wp_insert_pagelevelads_get_ad_formincludes\modules\general\pagelevel\module.php:13

authwp_ajax_wp_insert_pagelevelads_save_ad_dataincludes\modules\general\pagelevel\module.php:14

authwp_ajax_wp_insert_pagelevelads_delete_ad_dataincludes\modules\general\pagelevel\module.php:15

authwp_ajax_wp_insert_shortcodeads_get_ad_formincludes\modules\general\shortcode\module.php:13

authwp_ajax_wp_insert_shortcodeads_save_ad_dataincludes\modules\general\shortcode\module.php:14

authwp_ajax_wp_insert_shortcodeads_delete_ad_dataincludes\modules\general\shortcode\module.php:15

authwp_ajax_wp_insert_trackingcodes_google_analytics_form_get_contentincludes\modules\general\trackingcodes\functions.php:3

authwp_ajax_wp_insert_trackingcodes_google_analytics_form_save_actionincludes\modules\general\trackingcodes\functions.php:20

authwp_ajax_wp_insert_trackingcodes_header_form_get_contentincludes\modules\general\trackingcodes\functions.php:49

authwp_ajax_wp_insert_trackingcodes_header_form_save_actionincludes\modules\general\trackingcodes\functions.php:66

authwp_ajax_wp_insert_trackingcodes_footer_form_get_contentincludes\modules\general\trackingcodes\functions.php:91

authwp_ajax_wp_insert_trackingcodes_footer_form_save_actionincludes\modules\general\trackingcodes\functions.php:108

authwp_ajax_wp_insert_vi_signup_form_get_contentincludes\modules\general\videointelligence\functions.php:3

authwp_ajax_wp_insert_vi_login_form_get_contentincludes\modules\general\videointelligence\functions.php:25

authwp_ajax_wp_insert_vi_login_form_save_actionincludes\modules\general\videointelligence\functions.php:41

authwp_ajax_wp_insert_vi_update_adstxtincludes\modules\general\videointelligence\functions.php:74

authwp_ajax_wp_insert_vi_logout_actionincludes\modules\general\videointelligence\functions.php:128

authwp_ajax_wp_insert_vi_customize_adcode_form_get_contentincludes\modules\general\videointelligence\functions.php:139

authwp_ajax_wp_insert_vi_customize_adcode_form_save_actionincludes\modules\general\videointelligence\functions.php:197

authwp_ajax_wp_insert_vi_get_chartincludes\modules\general\videointelligence\module.php:78

authwp_ajax_wp_insert_adwidgets_get_ad_formincludes\modules\general\widgets\module.php:13

authwp_ajax_wp_insert_adwidgets_save_ad_dataincludes\modules\general\widgets\module.php:14

authwp_ajax_wp_insert_adwidgets_delete_ad_dataincludes\modules\general\widgets\module.php:15

Shortcodes 4

[wpinsertinpostad] includes\modules\general\inpost\module.php:259

[sitename] includes\modules\general\legalpages\functions.php:378

[wpshortcodead] includes\modules\general\shortcode\module.php:36

[wpinsertshortcodead] includes\modules\general\shortcode\module.php:37

WordPress Hooks 75

actionwp_insert_plugin_cardincludes\modules\core\abtesting\module.php:3

actioninitincludes\modules\core\adstxt\adsense.php:3

actionadmin_noticesincludes\modules\core\adstxt\adsense.php:16

actionwp_insert_modules_jsincludes\modules\core\adstxt\module.php:5

actionwp_insert_plugin_cardincludes\modules\core\adstxt\module.php:13

actionadmin_menuincludes\modules\core\controlpanel\module.php:2

actionplugin_action_links_wp-insert/wp-insert.phpincludes\modules\core\controlpanel\module.php:3

actionadmin_enqueue_scriptsincludes\modules\core\controlpanel\module.php:16

actionwp_insert_plugin_cardincludes\modules\core\controlpanel\module.php:58

actioninitincludes\modules\core\gutenberg\module.php:2

actionadmin_footer-post-new.phpincludes\modules\core\gutenberg\module.php:10

actionadmin_footer-post.phpincludes\modules\core\gutenberg\module.php:11

actioninitincludes\modules\core\misc\module.php:3

actionthe_contentincludes\modules\core\units\adunit.php:158

actionwpincludes\modules\core\units\adunit.php:173

actioninitincludes\modules\core\units\geo-targeting.php:290

actionwp_insert_modules_jsincludes\modules\core\units\module.php:15

actionwp_insert_modules_cssincludes\modules\general\google\module.php:6

actionwp_insert_modules_jsincludes\modules\general\google\module.php:12

actionwp_insert_plugin_cardincludes\modules\general\google\module.php:20

actionwp_insert_modules_jsincludes\modules\general\inpost\module.php:3

actionwp_insert_plugin_cardincludes\modules\general\inpost\module.php:11

filterwp_insert_inpostads_form_accordion_tabsincludes\modules\general\inpost\module.php:28

filterwp_insert_inpostads_form_accordion_tabsincludes\modules\general\inpost\module.php:92

filterwp_insert_inpostads_form_accordion_tabsincludes\modules\general\inpost\module.php:93

filterwp_insert_inpostads_form_accordion_tabsincludes\modules\general\inpost\module.php:94

filterwp_insert_inpostads_form_accordion_tabsincludes\modules\general\inpost\module.php:95

filterwp_insert_inpostads_form_accordion_tabsincludes\modules\general\inpost\module.php:96

filterwp_insert_inpostads_form_accordion_tabsincludes\modules\general\inpost\module.php:97

filterwp_insert_inpostads_form_accordion_tabsincludes\modules\general\inpost\module.php:98

filterthe_contentincludes\modules\general\inpost\module.php:125

actionwp_insert_plugin_cardincludes\modules\general\intheme\module.php:3

filterwp_insert_inthemeads_form_accordion_tabsincludes\modules\general\intheme\module.php:17

filterwp_insert_inthemeads_form_accordion_tabsincludes\modules\general\intheme\module.php:28

filterwp_insert_inthemeads_form_accordion_tabsincludes\modules\general\intheme\module.php:29

filterwp_insert_inthemeads_form_accordion_tabsincludes\modules\general\intheme\module.php:30

filterwp_insert_inthemeads_form_accordion_tabsincludes\modules\general\intheme\module.php:31

filterwp_insert_inthemeads_form_accordion_tabsincludes\modules\general\intheme\module.php:32

actionwp_insert_upgrade_databaseincludes\modules\general\legalpages\functions.php:327

filterthe_contentincludes\modules\general\legalpages\functions.php:355

actionwp_insert_modules_jsincludes\modules\general\legalpages\module.php:5

actionwp_insert_plugin_cardincludes\modules\general\legalpages\module.php:13

actionwp_insert_plugin_cardincludes\modules\general\pagelevel\module.php:3

filterwp_insert_pagelevelads_form_accordion_tabsincludes\modules\general\pagelevel\module.php:17

filterwp_insert_pagelevelads_form_accordion_tabsincludes\modules\general\pagelevel\module.php:18

filterwp_insert_pagelevelads_form_accordion_tabsincludes\modules\general\pagelevel\module.php:19

filterwp_insert_pagelevelads_form_accordion_tabsincludes\modules\general\pagelevel\module.php:20

actionwp_headincludes\modules\general\pagelevel\module.php:24

actionwp_insert_plugin_cardincludes\modules\general\shortcode\module.php:3

filterwp_insert_shortcodeads_form_accordion_tabsincludes\modules\general\shortcode\module.php:17

filterwp_insert_shortcodeads_form_accordion_tabsincludes\modules\general\shortcode\module.php:28

filterwp_insert_shortcodeads_form_accordion_tabsincludes\modules\general\shortcode\module.php:29

filterwp_insert_shortcodeads_form_accordion_tabsincludes\modules\general\shortcode\module.php:30

filterwp_insert_shortcodeads_form_accordion_tabsincludes\modules\general\shortcode\module.php:31

filterwp_insert_shortcodeads_form_accordion_tabsincludes\modules\general\shortcode\module.php:32

actionwp_footerincludes\modules\general\trackingcodes\functions.php:31

actionwp_headincludes\modules\general\trackingcodes\functions.php:81

actionwp_footerincludes\modules\general\trackingcodes\functions.php:123

actionwp_insert_modules_jsincludes\modules\general\trackingcodes\module.php:5

actionwp_insert_plugin_cardincludes\modules\general\trackingcodes\module.php:13

actioninitincludes\modules\general\videointelligence\gdpr.php:3

actionwp_enqueue_scriptsincludes\modules\general\videointelligence\gdpr.php:7

actionwp_enqueue_scriptsincludes\modules\general\videointelligence\gdpr.php:8

actionwp_footerincludes\modules\general\videointelligence\gdpr.php:9

actioninitincludes\modules\general\videointelligence\gdpr.php:89

filteruser_can_richeditincludes\modules\general\videointelligence\gdpr.php:139

actionwp_insert_modules_cssincludes\modules\general\videointelligence\module.php:8

actionwp_insert_modules_jsincludes\modules\general\videointelligence\module.php:14

actionwp_insert_plugin_cardincludes\modules\general\widgets\module.php:3

filterwp_insert_adwidgets_form_accordion_tabsincludes\modules\general\widgets\module.php:17

filterwp_insert_adwidgets_form_accordion_tabsincludes\modules\general\widgets\module.php:18

filterwp_insert_adwidgets_form_accordion_tabsincludes\modules\general\widgets\module.php:19

filterwp_insert_adwidgets_form_accordion_tabsincludes\modules\general\widgets\module.php:20

filterwp_insert_adwidgets_form_accordion_tabsincludes\modules\general\widgets\module.php:21

actionwidgets_initincludes\modules\general\widgets\module.php:25

Maintenance & Trust

Wp-Insert Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10

Last updatedFeb 8, 2023

PHP min version

Downloads762K

Community Trust

Rating90/100

Number of ratings143

Active installs10K

Alternatives

Wp-Insert Alternatives

Ad Auto Insert H

ad-auto-insert-h

Automatically inserts Google AdSense ad codes before H tags, before the first H tag and at the end of a post or a page. Lazy Load of ads to speed up p …

1K No CVEs

AdRedux – Insert Ads & Analytics Codes

adredux

Plugin to insert codes (eg: Google Analytics, Google Tags) and advertisements (eg: Google Adsense). Easily connect Google Analytics & Google Tags …

100 No CVEs

Quick Adsense

quick-adsense

Quick Adsense offers a quicker & flexible way to insert Google Adsense or any Ads code into a blog post.

20K 1 CVE

In-feed ads for Google AdSense

advanced-ads-adsense-in-feed

100

Display Google AdSense In-feed ads between posts.

7K No CVEs

Easy Google AdSense

easy-google-adsense

100

Easily add Google AdSense ad code to your WordPress site. Automatically show Google ads optimized for your site at optimal times and increase revenue.

5K No CVEs

Developer Profile

Wp-Insert Developer Profile

Namith Jawahar

5 plugins · 30K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

982 days

View full developer profile

Detection Fingerprints

How We Detect Wp-Insert

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-insert/includes/modules/core/adstxt/js/module.js

Script Paths

/wp-content/plugins/wp-insert/includes/modules/core/adstxt/js/module.js

Version Parameters

wp-insert/includes/modules/core/adstxt/js/module.js?ver=

HTML / DOM Fingerprints

CSS Classes

adstxt-card

Data Attributes

id="wp_insert_adstxt_generate"id="wp_insert_adstxt_accordion"id="wp_insert_adstxt_content"name="wp_insert_adstxt_content"id="wp_insert_adstxt_new_entry_domain"name="wp_insert_adstxt_new_entry_domain"+8 more

JS Globals

window.wp_insert_adstxt_add_entry

REST Endpoints

/wp-ajax.php?action=wp_insert_adstxt_generate_form_get_content/wp-ajax.php?action=wp_insert_adstxt_generate_form_save_action

FAQ