Does WPRaiz Content API Tool have any unpatched vulnerabilities?

No. All known vulnerabilities in WPRaiz Content API Tool have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WPRaiz Content API Tool compatible with WordPress 7.0?

According to WordPress.org data, WPRaiz Content API Tool 2.0.0 has been tested up to WordPress 7.0. Check the plugin's changelog for the latest compatibility information.

Is WPRaiz Content API Tool compatible with PHP 7.4+?

WPRaiz Content API Tool requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WPRaiz Content API Tool updated?

WPRaiz Content API Tool was last updated on Mar 14, 2026. Frequent updates are generally a positive security signal.

What is WPRaiz Content API Tool's security score?

WPRaiz Content API Tool has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WPRaiz Content API Tool Security & Risk Analysis

wordpress.org/plugins/wpraiz-content-api-tool

REST API + MCP Server for WordPress. Create, update, and manage posts programmatically. AI content generation with your own API keys (BYOK).

60 active installs v2.0.0 PHP 7.4+ WP 5.0+ Updated Mar 14, 2026

ai-contentclaudecontent-automationmcprest-api

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WPRaiz Content API Tool Safe to Use in 2026?

Generally Safe

Score 100/100

WPRaiz Content API Tool has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 20d ago

Risk Assessment

The wpraiz-content-api-tool plugin version 2.0.0 exhibits a mixed security posture. On the positive side, it demonstrates strong adherence to output escaping best practices, with 99% of outputs properly handled. Furthermore, the absence of known CVEs and dangerous functions suggests a generally well-maintained codebase. However, several significant concerns emerge from the static analysis. The plugin exposes a considerable attack surface with 7 unprotected entry points across AJAX handlers and REST API routes. Crucially, all SQL queries are performed without the use of prepared statements, presenting a high risk of SQL injection vulnerabilities. The taint analysis reveals two flows with unsanitized paths, which, while not classified as critical or high severity in this analysis, warrant careful investigation due to their potential to be exploited. The lack of historical vulnerabilities, while seemingly positive, could also indicate a lack of rigorous security auditing or a history of not being a target, rather than a testament to inherent security. Overall, the plugin has strengths in output handling but weaknesses in input validation for SQL queries and the overall protection of its exposed endpoints.

Key Concerns

All SQL queries lack prepared statements
2 flows with unsanitized paths found
7 unprotected entry points (AJAX/REST)

Vulnerabilities

None known

WPRaiz Content API Tool Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WPRaiz Content API Tool Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

82 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared4 total queries

Output Escaping

99% escaped83 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths

ajax_save_settings (includes\admin\class-admin-page.php:278)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

7 unprotected

WPRaiz Content API Tool Attack Surface

Entry Points19

Unprotected7

AJAX Handlers 3

authwp_ajax_wpraiz_save_settingsincludes\admin\class-admin-page.php:14

authwp_ajax_wpraiz_activate_licenseincludes\admin\class-license.php:27

authwp_ajax_wpraiz_deactivate_licenseincludes\admin\class-license.php:28

REST API Routes 16

POST/wp-json/wpraiz/v2/generate-contentincludes\ai\class-ai-manager.php:17

POST/wp-json/wpraiz/v2/rewrite-postincludes\ai\class-ai-manager.php:24

POST/wp-json/wpraiz/v2/auth/tokenincludes\class-auth.php:19

POST/wp-json/wpraiz/v2/create-postincludes\class-content-manager.php:17

POST/wp-json/wpraiz/v2/create-postsincludes\class-content-manager.php:25

POST/wp-json/wpraiz/v2/update-postincludes\class-content-manager.php:32

GET/wp-json/wpraiz/v2/check-statusincludes\class-content-manager.php:39

POST/wp-json/api-post-creator/v1/create-postincludes\class-content-manager.php:46

GET/wp-json/api-post-creator/v1/check-statusincludes\class-content-manager.php:51

POST/wp-json/wpraiz/v2/quick-seo/(?P<post_id>\d+)includes\class-gutenberg-sidebar.php:29

GET/wp-json/wpraiz/v2/search-similarincludes\class-search-engine.php:17

GET/wp-json/wpraiz/v2/categoriesincludes\class-search-engine.php:41

GET/wp-json/api-post-creator/v1/search-similar-postsincludes\class-search-engine.php:48

GET/wp-json/api-post-creator/v1/get-categoriesincludes\class-search-engine.php:53

POST/wp-json/wpraiz-mcp/v1/mcpincludes\mcp\class-mcp-server.php:23

GET/wp-json/wpraiz-mcp/v1/sseincludes\mcp\class-mcp-server.php:30

WordPress Hooks 16

actionadmin_menuincludes\admin\class-admin-page.php:12

actionadmin_enqueue_scriptsincludes\admin\class-admin-page.php:13

actionwpraiz_revalidate_licenseincludes\admin\class-license.php:31

actionrest_api_initincludes\ai\class-ai-manager.php:12

filtercontent_save_preincludes\ai\class-ai-manager.php:278

actionrest_api_initincludes\class-auth.php:15

actionrest_api_initincludes\class-content-manager.php:12

filtercontent_save_preincludes\class-content-manager.php:147

filtercontent_save_preincludes\class-content-manager.php:310

actionenqueue_block_editor_assetsincludes\class-gutenberg-sidebar.php:20

actionrest_api_initincludes\class-gutenberg-sidebar.php:21

actionrest_api_initincludes\class-search-engine.php:12

actionwpraiz_fire_webhookincludes\class-webhooks.php:13

actioncli_initincludes\mcp\class-mcp-cli.php:126

actionrest_api_initincludes\mcp\class-mcp-server.php:18

actionplugins_loadedwpraiz-content.php:86

Scheduled Events 3

wpraiz_revalidate_license

wpraiz_fire_webhook

Maintenance & Trust

WPRaiz Content API Tool Maintenance & Trust

Maintenance Signals

WordPress version tested7.0

Last updatedMar 14, 2026

PHP min version7.4

Downloads1K

Community Trust

Rating100/100

Number of ratings3

Active installs60

Alternatives

WPRaiz Content API Tool Alternatives

AI Workflow Automation

ai-workflow-automation-lite

100

Transform your WordPress site with AI-powered automation for content, customer support, data analysis, research, and business processes.

100 No CVEs

Royal MCP

royal-mcp

100

WordPress MCP plugin that connects AI platforms like Claude, ChatGPT, and Gemini to your site using Model Context Protocol for secure content access.

90 No CVEs

AI Content Writer & Auto Post Generator for WordPress by RapidTextAI

ai-text-block

100

Generate AI-powered articles using GPT-4, GPT-5, Claude, DeepSeek & Grok with automatic images for WordPress.

70 No CVEs

JournalAi

journalai

JournalAi provides a custom REST API for WordPress, enabling advanced functionality for blog automation and AI integration.

10 No CVEs

Lovarank

lovarank

100

Lovarank automatically researches keywords, generates SEO-optimized articles, and publishes them to your WordPress site as posts or drafts.

10 No CVEs

Developer Profile

WPRaiz Content API Tool Developer Profile

José Ícaro - WPRaiz

1 plugin · 60 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WPRaiz Content API Tool

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wpraiz-content-api-tool/assets/css/admin.css/wp-content/plugins/wpraiz-content-api-tool/assets/js/admin.js

Script Paths

/wp-content/plugins/wpraiz-content-api-tool/assets/js/admin.js

Version Parameters

wpraiz-content-api-tool/assets/css/admin.css?ver=wpraiz-content-api-tool/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

wpraiz-wrapwpraiz-headerwpraiz-versionwpraiz-pro-badgewpraiz-tabswpraiz-tabwpraiz-panelwpraiz-tier-pro+1 more

Data Attributes

data-tab

JS Globals

wpraizAdmin

REST Endpoints

/wpraiz/v2//wpraiz/v2/create-post/wpraiz/v2/update-post/wpraiz/v2/create-posts/wpraiz/v2/generate-content/wpraiz/v2/rewrite-post/wpraiz/v2/search-similar?title=/wpraiz/v2/categories/wpraiz/v2/check-status/wpraiz/v2/auth/token/wpraiz-mcp/v1/mcp

FAQ