WP Personalizer – Personalize your content to your visitor Security & Risk Analysis
wordpress.org/plugins/wp-personalizerShow personalized content to your visitors and turn them into engaged fans. You can personalize things like browser, country, IP and more.
Is WP Personalizer – Personalize your content to your visitor Safe to Use in 2026?
Generally Safe
Score 100/100WP Personalizer – Personalize your content to your visitor has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "wp-personalizer" v1.0.0 plugin presents a mixed security posture. While it boasts a clean vulnerability history with no recorded CVEs and a significant percentage of properly escaped outputs, there are concerning areas related to its attack surface. Specifically, a notable number of AJAX handlers lack proper authentication checks, creating potential entry points for unauthorized actions. The presence of direct SQL queries, with 50% not utilizing prepared statements, also introduces a risk of SQL injection vulnerabilities, although the taint analysis did not reveal any immediate exploitable flows in this specific scan. The lack of file operations and external HTTP requests is a positive sign, reducing certain attack vectors.
Key Concerns
- Unprotected AJAX handlers
- SQL queries without prepared statements
- Limited capability checks
- Limited nonce checks
WP Personalizer – Personalize your content to your visitor Security Vulnerabilities
WP Personalizer – Personalize your content to your visitor Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
WP Personalizer – Personalize your content to your visitor Attack Surface
AJAX Handlers 7
Shortcodes 10
WordPress Hooks 8
Maintenance & Trust
WP Personalizer – Personalize your content to your visitor Maintenance & Trust
Maintenance Signals
Community Trust
WP Personalizer – Personalize your content to your visitor Alternatives
Hide Broken Shortcodes
hide-broken-shortcodes
Prevent broken shortcodes from appearing in posts and pages.
Website Content in Page or Post – Embed website content in posts and pages
show-website-content-in-wordpress-page-or-post
Fetches the content of another webpage or URL to display inside the current post or page.
BNS Inline Asides
bns-inline-asides
This plugin will allow you to style sections of the post, or page, content with added emphasis by leveraging a style element from the active theme.
Dynamic Text
dynamic-text
Dynamic Text is a localization plugin that allows you to have dynamic text and content on your Wordpress pages and posts. To use this plugin, set an …
Timed content show or hide
timed-content-show-or-hide
This plugin show or hide the content after a specified time.
WP Personalizer – Personalize your content to your visitor Developer Profile
7 plugins · 60 total installs
How We Detect WP Personalizer – Personalize your content to your visitor
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/wp-personalizer/asset/css/wppersona.css/wp-content/plugins/wp-personalizer/asset/css/bootstrap/css/bootstrap.min.css/wp-content/plugins/wp-personalizer/asset/css/bootstrap/js/popper.min.js/wp-content/plugins/wp-personalizer/asset/css/bootstrap/js/bootstrap.min.jsHTML / DOM Fingerprints
lead_finder_fb_headinglead_finder_fblimitlead_finder_fbpersonalizer_ppuridata-toggledata-targetwppwesonalizer_licenseAjaxRunWPPersonalizer_register_meta_boxesWPPersonalizer_my_display_callbackWPPersonalizer_register_meta_boxes1WPPersonalizer_my_display_callback1[wppersonalizer_[wppersonalizer_page][wppersonalizer_post]