API WordPress Plugins with Most Issues
26 indexed plugins
Plugins
26
Active Installs
587k+
Average Score
70
Audited
26
Most Issues
| Rank | Plugin | Score | Errors | Warnings | Installs | Added | Updated | Top Issue |
|---|---|---|---|---|---|---|---|---|
| #1 | Simple JWT Login – Allows you to use JWT on REST endpoints. | 38 | 712 | 95 | 4k+ | Output is not escaped | ||
| #2 | WordPress REST API (Version 2) | 82 | 476 | 13 | 10k+ | Missing Arg Domain | ||
| #3 | Envato Toolkit | 33 | 219 | 69 | 6k+ | Output is not escaped | ||
| #4 | Mailgun for WordPress | 31 | 144 | 78 | 80k+ | Unsafe printing function | ||
| #5 | Custom API for WP | 59 | 173 | 16 | 1k+ | wp function not compatible with requires wp | ||
| #6 | WP REST API – OAuth 1.0a Server | 38 | 100 | 85 | 8k+ | Text Domain Mismatch | ||
| #7 | REST API Log | 51 | 44 | 95 | 5k+ | Non-prefixed hook name | ||
| #8 | WP REST Cache | 64 | 11 | 113 | 10k+ | Direct Query | ||
| #9 | WPGraphQL Smart Cache | 70 | 88 | 9 | 7k+ | Text Domain Mismatch | ||
| #10 | Air WP Sync – Airtable to WordPress | 35 | 38 | 42 | 1k+ | Non-prefixed hook name | ||
| #11 | WP Sync for Notion – Notion to WordPress | 94 | 14 | 47 | 1k+ | Non-prefixed hook name | ||
| #12 | WP REST API Meta Endpoints | 88 | 50 | 3 | 1k+ | Missing Arg Domain | ||
| #13 | WPGet API – Connect to any external REST API | 89 | 15 | 19 | 10k+ | Missing direct file access protection | ||
| #14 | WP REST API Controller | 64 | 8 | 22 | 8k+ | Nonce verification recommended | ||
| #15 | Disable REST API | 65 | 12 | 15 | 90k+ | Output is not escaped | ||
| #16 | WPGraphQL for ACF | 35 | 8 | 18 | 10k+ | Hidden files included | ||
| #17 | Log HTTP Requests | 35 | 7 | 18 | 2k+ | Interpolated SQL is not prepared | ||
| #18 | Taxonomy Metadata | 89 | 4 | 9 | 4k+ | Direct Query | ||
| #19 | WP Consent API | 86 | 2 | 10 | 200k+ | Input is not sanitized | ||
| #20 | Make Connector | 94 | 1 | 9 | 80k+ | Non-prefixed constant | ||
| #21 | WP REST Yoast Meta | 97 | 2 | 8 | 1k+ | trademarked term | ||
| #22 | WP-REST-API V2 Menus | 96 | 5 | 4 | 3k+ | trademarked term | ||
| #23 | Disable WP REST API | 93 | 7 | 30k+ | Missing nonce verification | |||
| #24 | Health Endpoint | 92 | 3 | 2 | 3k+ | Missing Arg Domain | ||
| #25 | Maps from Yandex for Elementor | 99 | 1 | 2 | 7k+ | missing composer json file | ||
| #26 | Get Use APIs – JSON Content Importer | 99 | 1 | 1 | 5k+ | upgrade notice limit |
