WP-Safety

Zyflora Analytics Security & Risk Analysis

wordpress.org/plugins/zyflora-analytics

Track AI search traffic (ChatGPT, Claude, Perplexity) vs traditional search (Google, Bing). Privacy-friendly, all data stays on your server.

0 active installs v1.0.0 PHP 7.0+ WP 5.0+ Updated Feb 22, 2026
ai-searchanalyticschatgptperformancetraffic
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Zyflora Analytics Safe to Use in 2026?

Generally Safe

Score 100/100

Zyflora Analytics has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The zyflora-analytics v1.0.0 plugin exhibits a generally strong security posture based on the provided static analysis. It effectively utilizes prepared statements for all SQL queries and implements a nonce check and two capability checks, which are positive indicators of secure coding practices. The absence of dangerous functions, file operations, and external HTTP requests further bolsters its security. Furthermore, the plugin has no recorded vulnerability history, suggesting a mature and well-maintained codebase. However, a minor concern arises from the taint analysis, which identified one flow with unsanitized paths. While this did not result in a critical or high severity finding, it warrants attention as it represents a potential vector for unexpected behavior or data manipulation. Additionally, only 72% of output escaping is considered proper, indicating a small but present risk of cross-site scripting (XSS) vulnerabilities if the unescaped outputs are user-controllable.

Key Concerns

  • Flow with unsanitized paths found
  • Output escaping not fully proper
Vulnerabilities
None known

Zyflora Analytics Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Zyflora Analytics Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
10 prepared
Unescaped Output
18
46 escaped
Nonce Checks
1
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared10 total queries

Output Escaping

72% escaped64 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

3 flows1 with unsanitized paths
<class-tracker> (includes\class-tracker.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Zyflora Analytics Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 12
filtermanage_posts_columnsincludes\class-admin-columns.php:21
filtermanage_pages_columnsincludes\class-admin-columns.php:22
actionmanage_posts_custom_columnincludes\class-admin-columns.php:25
actionmanage_pages_custom_columnincludes\class-admin-columns.php:26
filtermanage_edit-post_sortable_columnsincludes\class-admin-columns.php:29
filtermanage_edit-page_sortable_columnsincludes\class-admin-columns.php:30
actionpre_get_postsincludes\class-admin-columns.php:33
actionadd_meta_boxesincludes\class-admin-columns.php:36
actionadmin_enqueue_scriptsincludes\class-dashboard.php:20
actionshutdownincludes\class-tracker.php:84
actionzyflora_cleanup_old_dataincludes\class-tracker.php:87
actionadmin_menuzyflora-analytics.php:50

Scheduled Events 1

zyflora_cleanup_old_data
Maintenance & Trust

Zyflora Analytics Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 22, 2026
PHP min version7.0
Downloads112

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Zyflora Analytics Alternatives

Profound Agent Analytics

Profound Agent Analytics

profound-agent-analytics

A
100

Profound Agent Analytics sends lightweight HTTP request logs to Profound's analytics platform for advanced bot detection and traffic analysis.

100 No CVEs
AI Agent Analytics by Salespeak

AI Agent Analytics by Salespeak

salespeak-llm-optimizer

A
100

See which AI agents (ChatGPT, Claude, Perplexity) visit your site, what they read, and optimize what they see. Real-time AI traffic analytics + LLM co &hellip;

10 No CVEs
Visitor Traffic Real Time Statistics

Visitor Traffic Real Time Statistics

visitors-traffic-real-time-statistics

A
97

This plugin will help you to track your visitors, browsers, operating systems, visits and much more in one dashboard page.

40K 7 CVEs
Web Worker Offloading

Web Worker Offloading

web-worker-offloading

A
100

Offloads select JavaScript execution to a Web Worker to reduce work on the main thread and improve the Interaction to Next Paint (INP) metric.

20K No CVEs
WP Post Statistics (Visitors & Visits Counter)

WP Post Statistics (Visitors & Visits Counter)

wp-post-real-time-statistics

A
91

a simple tool to know your post statistics

2K 1 CVE
Developer Profile

Zyflora Analytics Developer Profile

Bjjoha

5 plugins · 10 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Zyflora Analytics

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/zyflora-analytics/assets/css/admin.css
Version Parameters
zyflora-analytics/assets/css/admin.css?ver=

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Zyflora Analytics