Benchmarks
Plugin footprint Passed 16 tests
Installer Passed 1 test
🔺 Critical test (weight: 50) | The install procedure must perform silently
Install script ran successfully
Server metrics [RAM: ▲0.92MB] [CPU: ▼140.78ms] Passed 4 tests
Server-side resources used by Plugin Security Checker
This plugin has minimal impact on server resources
| Page | Memory (MB) | CPU Time (ms) |
|---|---|---|
| Home / | 2.89 ▲0.17 | 30.90 ▲12.52 |
| Dashboard /wp-admin | 4.39 ▲1.33 | 46.63 ▲9.30 |
| Posts /wp-admin/edit.php | 4.44 ▲1.34 | 39.99 ▼7.02 |
| Add New Post /wp-admin/post-new.php | 6.30 ▲0.86 | 90.86 ▼562.77 |
| Media Library /wp-admin/upload.php | 4.39 ▲1.39 | 31.42 ▼2.64 |
| Plugin Checker /wp-admin/options-general.php?page=baw-wordpress-plugin-security-checker | 4.37 | 31.17 |
Server storage [IO: ▲0.29MB] [DB: ▲0.00MB] Passed 3 tests
Input-output and database impact of this plugin
This plugin installed successfully
Filesystem: 8 new files
Database: no new tables, no new options
Browser metrics Passed 4 tests
Checking browser requirements for Plugin Security Checker
There were no issues detected in relation to browser resource usage
| Page | Nodes | Memory (MB) | Script (ms) | Layout (ms) |
|---|---|---|---|---|
| Home / | 3,684 ▲88 | 15.88 ▲0.37 | 11.08 ▲1.15 | 48.51 ▼2.40 |
| Dashboard /wp-admin | 2,972 ▲38 | 5.96 ▼0.02 | 135.32 ▼26.76 | 107.47 ▼9.84 |
| Posts /wp-admin/edit.php | 2,744 ▲5 | 2.72 ▼0.00 | 63.37 ▼6.90 | 94.81 ▲0.42 |
| Add New Post /wp-admin/post-new.php | 1,675 ▲175 | 18.89 ▲0.33 | 380.14 ▲1.17 | 117.33 ▲13.17 |
| Media Library /wp-admin/upload.php | 1,812 ▲2 | 5.02 ▲0.00 | 163.75 ▲17.54 | 121.31 ▲4.56 |
| Plugin Checker /wp-admin/options-general.php?page=baw-wordpress-plugin-security-checker | 1,294 | 2.10 | 55.33 | 67.03 |
Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] Passed 4 tests
🔸 Tests weight: 35 | The uninstall procedure must remove all plugin files and extra database tables
Uninstaller ran successfully
Smoke tests 25% from 4 tests
Server-side errors Passed 1 test
🔹 Test weight: 20 | Just a short smoke test targeting errors on the server (in the Apache logs)
Even though everything seems fine, this is not an exhaustive test
SRP 0% from 2 tests
🔹 Tests weight: 20 | It is important to ensure that your PHP files perform no action when accessed directly, respecting the single-responsibility principle
The following issues need your attention
- 3× PHP files perform the action of outputting non-empty strings when accessed directly:
- > /wp-content/plugins/baw-wordpress-plugin-security-checker/inc/removed.inc.php
- > /wp-content/plugins/baw-wordpress-plugin-security-checker/inc/about.inc.php
- > /wp-content/plugins/baw-wordpress-plugin-security-checker/inc/vulnerables.inc.php
- 1× PHP files trigger errors when accessed directly with GET requests:
- > PHP Fatal error
Uncaught Error: Call to undefined function is_admin() in wp-content/plugins/baw-wordpress-plugin-security-checker/sppc.php:12
- > PHP Fatal error
User-side errors 0% from 1 test
🔹 Test weight: 20 | A shallow check that no browser errors were triggered
There are user-side issues you should fix
- > GET request to /wp-admin/options-general.php?page=baw-wordpress-plugin-security-checker
- > Network (severe)
https://dl.dropbox.com/u/45956904/plugins/paypal_big.png - Failed to load resource: the server responded with a status of 404 ()
- > GET request to /wp-admin/options-general.php?page=baw-wordpress-plugin-security-checker
- > Network (severe)
https://dl.dropbox.com/u/45956904/plugins/bawlogo.png - Failed to load resource: the server responded with a status of 404 ()
Optimizations
Plugin configuration 93% from 29 tests
readme.txt Passed 16 tests
Perhaps the most important file in your plugin readme.txt gets parsed in order to generate the public listing of your plugin
5 plugin tags: secure, protection, exploit, security, guard
baw-wordpress-plugin-security-checker/sppc.php 85% from 13 tests
The principal PHP file in "Plugin Security Checker" v. 2.2.1 is loaded by WordPress automatically on each request
You should first fix the following items:
- Main file name: The principal plugin file should be the same as the plugin slug ("baw-wordpress-plugin-security-checker.php" instead of "sppc.php")
- Description: The description should be shorter than 140 characters (currently 153 characters long)
Code Analysis Passed 3 tests
File types Passed 1 test
🔸 Test weight: 35 | This is a short overview of programming languages used in this plugin, detecting executable files
Everything looks great! No dangerous files found in this plugin12,067 lines of code in 5 files:
| Language | Files | Blank lines | Comment lines | Lines of code |
|---|---|---|---|---|
| PHP | 4 | 22 | 17 | 12,001 |
| PO File | 1 | 20 | 21 | 66 |
PHP code Passed 2 tests
This plugin's cyclomatic complexity and code structure detailed below
Everything seems fine, there were no complexity issues found
| Cyclomatic complexity | |
|---|---|
| Average complexity per logical line of code | 0.55 |
| Average class complexity | 0.00 |
| ▷ Minimum class complexity | 0.00 |
| ▷ Maximum class complexity | 0.00 |
| Average method complexity | 0.00 |
| ▷ Minimum method complexity | 0.00 |
| ▷ Maximum method complexity | 0.00 |
| Code structure | ||
|---|---|---|
| Namespaces | 0 | |
| Interfaces | 0 | |
| Traits | 0 | |
| Classes | 0 | |
| ▷ Abstract classes | 0 | 0.00% |
| ▷ Concrete classes | 0 | 0.00% |
| ▷ Final classes | 0 | 0.00% |
| Methods | 0 | |
| ▷ Static methods | 0 | 0.00% |
| ▷ Public methods | 0 | 0.00% |
| ▷ Protected methods | 0 | 0.00% |
| ▷ Private methods | 0 | 0.00% |
| Functions | 8 | |
| ▷ Named functions | 8 | 100.00% |
| ▷ Anonymous functions | 0 | 0.00% |
| Constants | 4 | |
| ▷ Global constants | 4 | 100.00% |
| ▷ Class constants | 0 | 0.00% |
| ▷ Public constants | 0 | 0.00% |
Plugin size Passed 2 tests
Image compression Passed 2 tests
Using a strong compression for your PNG files is a great way to speed-up your plugin
There are no PNG files in this plugin