WP-Safety

Parse.ly Security & Risk Analysis

wordpress.org/plugins/wp-parsely

The Parse.ly plugin facilitates real-time and historical analytics to your content through a platform designed and built for digital publishing.

1K active installs v3.23.1 PHP 7.4+ WP 6.0+ Updated Apr 14, 2026
analyticscontent-marketingparselystatisticsstats
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Parse.ly Safe to Use in 2026?

Generally Safe

Score 100/100

Parse.ly has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The wp-parsely plugin version 3.22.0 exhibits a strong security posture based on the provided static analysis and vulnerability history. The code demonstrates excellent security practices, with all identified SQL queries utilizing prepared statements, a high percentage of outputs properly escaped, and robust implementation of nonce and capability checks. The complete absence of critical or high-severity taint flows further reinforces its secure design. Furthermore, the plugin's clean vulnerability history, with no recorded CVEs, indicates a consistent commitment to security by its developers.

While the attack surface is minimal with only one AJAX handler, it's noteworthy that this handler is not explicitly mentioned as being unprotected. However, given the overall positive indicators, the risk associated with this single entry point is likely low, especially if it implements necessary server-side validation and authorization checks. The plugin also performs external HTTP requests and file operations, which are common for such integrations, but without specific details on how these are handled, it's difficult to assess potential risks. Overall, wp-parsely v3.22.0 appears to be a well-secured plugin with a strong track record, making it a relatively safe choice for WordPress users.

Vulnerabilities
None known

Parse.ly Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Parse.ly Release Timeline

v3.23.1Current
v3.23.0
v3.22.1
v3.22.0
v3.21.2
v3.21.1
v3.21.0
v3.20.8
v3.20.7
v3.20.6
v3.20.5
v3.20.4
v3.20.3
v3.20.2
v3.20.1
v3.20.0
v3.19.3
v3.19.2
v3.19.1
v3.19.0
Code Analysis
Analyzed Mar 16, 2026

Parse.ly Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
5 prepared
Unescaped Output
15
272 escaped
Nonce Checks
2
Capability Checks
8
File Operations
2
External Requests
2
Bundled Libraries
0

SQL Query Safety

100% prepared5 total queries

Output Escaping

95% escaped287 total outputs
Attack Surface

Parse.ly Attack Surface

Entry Points1
Unprotected0

AJAX Handlers 1

authwp_ajax_parsely_post_previewsrc\UI\class-dashboard-page.php:54
WordPress Hooks 65
actionwp_enqueue_scriptssrc\class-headline-testing.php:56
filterscript_loader_tagsrc\class-headline-testing.php:128
actionsave_postsrc\class-parsely.php:311
filterhttp_request_host_is_externalsrc\class-parsely.php:1195
actioninitsrc\class-scripts.php:46
actionwp_enqueue_scriptssrc\class-scripts.php:47
filterscript_loader_tagsrc\class-scripts.php:116
actionwp_dashboard_setupsrc\content-helper\dashboard-widget\class-dashboard-widget.php:78
actionadmin_enqueue_scriptssrc\content-helper\dashboard-widget\class-dashboard-widget.php:79
filterwp_parsely_current_user_can_use_pch_featuresrc\content-helper\editor-sidebar\excerpt-suggestions\class-excerpt-suggestions.php:58
actiondelete_postsrc\content-helper\editor-sidebar\smart-linking\class-smart-linking.php:56
actionadmin_enqueue_scriptssrc\content-helper\editor-sidebar\smart-linking\class-smart-linking.php:57
actioncurrent_screensrc\content-helper\post-list-stats\class-post-list-stats.php:131
actionadmin_enqueue_scriptssrc\content-helper\post-list-stats\class-post-list-stats.php:132
filtermanage_posts_columnssrc\content-helper\post-list-stats\class-post-list-stats.php:133
actionmanage_posts_custom_columnsrc\content-helper\post-list-stats\class-post-list-stats.php:134
filtermanage_pages_columnssrc\content-helper\post-list-stats\class-post-list-stats.php:135
actionmanage_pages_custom_columnsrc\content-helper\post-list-stats\class-post-list-stats.php:136
actionadmin_footersrc\content-helper\post-list-stats\class-post-list-stats.php:137
actiongraphql_register_typessrc\Endpoints\class-graphql-metadata.php:41
actiontemplate_redirectsrc\Integrations\class-amp.php:55
filteramp_post_template_analyticssrc\Integrations\class-amp.php:95
filteramp_analytics_entriessrc\Integrations\class-amp.php:96
actionweb_stories_print_analyticssrc\Integrations\class-google-web-stories.php:27
actionwp_headsrc\Metadata\class-metadata-renderer.php:55
actionrest_api_initsrc\rest-api\class-base-endpoint.php:88
actionadmin_enqueue_scriptssrc\Telemetry\class-telemetry-system.php:103
filterwp_parsely_enable_telemetry_backendsrc\Telemetry\telemetry-init.php:18
actioninitsrc\Telemetry\telemetry-init.php:21
actionadmin_initsrc\Telemetry\telemetry-init.php:71
actionadmin_footersrc\Telemetry\Tracks\class-tracks-pixel.php:48
actionshutdownsrc\Telemetry\Tracks\class-tracks-pixel.php:51
actionadmin_bar_menusrc\UI\class-admin-bar.php:58
actionadmin_noticessrc\UI\class-admin-warning.php:43
actionadmin_menusrc\UI\class-dashboard-page.php:51
actionadmin_enqueue_scriptssrc\UI\class-dashboard-page.php:52
filterparent_filesrc\UI\class-dashboard-page.php:53
filterthe_contentsrc\UI\class-dashboard-page.php:55
actionadmin_headsrc\UI\class-dashboard-page.php:212
filtermanage_sites_action_linkssrc\UI\class-network-admin-sites-list.php:46
filterwpmu_blogs_columnssrc\UI\class-network-admin-sites-list.php:47
actionmanage_sites_custom_columnsrc\UI\class-network-admin-sites-list.php:48
filterwidget_titlesrc\UI\class-recommended-widget.php:128
filterpost_row_actionssrc\UI\class-row-actions.php:55
filterpage_row_actionssrc\UI\class-row-actions.php:56
filterpost_row_actionssrc\UI\class-row-actions.php:57
filterpage_row_actionssrc\UI\class-row-actions.php:58
actionadmin_menusrc\UI\class-settings-page.php:155
actionadmin_initsrc\UI\class-settings-page.php:156
actionadmin_enqueue_scriptssrc\UI\class-settings-page.php:157
filtermedia_library_months_with_filessrc\UI\class-settings-page.php:170
filtersite_status_testssrc\UI\class-site-health.php:56
filterdebug_informationsrc\UI\class-site-health.php:57
actionplugins_loadedwp-parsely.php:80
actionadmin_initwp-parsely.php:107
actionadmin_initwp-parsely.php:122
actioninitwp-parsely.php:170
actionrest_api_initwp-parsely.php:194
actioninitwp-parsely.php:208
actionenqueue_block_editor_assetswp-parsely.php:217
actionadmin_initwp-parsely.php:228
actionrest_api_initwp-parsely.php:229
actionwidgets_initwp-parsely.php:250
actioninitwp-parsely.php:260
actionadmin_initwp-parsely.php:286
Maintenance & Trust

Parse.ly Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 14, 2026
PHP min version7.4
Downloads93K

Community Trust

Rating100/100
Number of ratings1
Active installs1K
Alternatives

Parse.ly Alternatives

Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative)

Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative)

burst-statistics

A
89

Analytics you'll actually use. Privacy-friendly, zero config, and designed to be actionable. Get insights, not just raw data.

200K 4 CVEs
Statify

Statify

statify

A
100

Visitor statistics for WordPress with focus on data protection, transparency and clarity. Perfect as a widget in your WordPress Dashboard.

100K No CVEs
Koko Analytics – Privacy Friendly Statistics for WordPress

Koko Analytics – Privacy Friendly Statistics for WordPress

koko-analytics

A
96

Koko Analytics is a privacy-friendly statistics plugin for WordPress that is an easy to use alternative to Google Analytics.

60K 2 CVEs
Connect Matomo – Analytics Dashboard for WordPress

Connect Matomo – Analytics Dashboard for WordPress

wp-piwik

A
97

Adds Matomo (former Piwik) statistics to your WordPress dashboard and is also able to add the Matomo Tracking Code to your blog.

60K 5 CVEs
Visitor Traffic Real Time Statistics

Visitor Traffic Real Time Statistics

visitors-traffic-real-time-statistics

A
90

This plugin will help you to track your visitors, browsers, operating systems, visits and much more in one dashboard page.

30K 8 CVEs
Developer Profile

Parse.ly Developer Profile

Parse.ly

1 plugin · 1K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Parse.ly

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-parsely/css/admin.css/wp-content/plugins/wp-parsely/css/public.css/wp-content/plugins/wp-parsely/js/admin.js/wp-content/plugins/wp-parsely/js/parsely.min.js/wp-content/plugins/wp-parsely/js/recommendations.js
Script Paths
/wp-content/plugins/wp-parsely/js/admin.js/wp-content/plugins/wp-parsely/js/parsely.min.js/wp-content/plugins/wp-parsely/js/recommendations.js
Version Parameters
wp-parsely/css/admin.css?ver=wp-parsely/css/public.css?ver=wp-parsely/js/admin.js?ver=wp-parsely/js/parsely.min.js?ver=wp-parsely/js/recommendations.js?ver=

HTML / DOM Fingerprints

CSS Classes
parsely-recommendationsparsely-post-list-stats
HTML Comments
<!-- Parsely Configuration --><!-- Parsely Post List Stats --><!-- Parsely Recommended Posts -->
Data Attributes
data-parsely-iddata-parsely-site-iddata-parsely-post-id
JS Globals
parsely
REST Endpoints
/wp-json/wp-parsely/v1/metadata
FAQ

Frequently Asked Questions about Parse.ly