84% bp-security-check

Code Review | BuddyPress Security Check

WordPress plugin BuddyPress Security Check scored84%from 54 tests.

About plugin

  • Plugin page: bp-security-check
  • Plugin version: 3.2.2
  • PHP version: 7.4.16
  • WordPress version: 6.3.1
  • First release: Jan 30, 2013
  • Latest release: Jan 25, 2018
  • Number of updates: 38
  • Update frequency: every 47.9 days
  • Top authors: bungeshea (100%)

Code review

54 tests

User reviews

14 reviews

Install metrics

600+ active /49,894 total downloads


Plugin footprint 83% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | Checking the installer triggered no errors
Installer ran successfully

Server metrics [RAM: ▲0.13MB] [CPU: ▼7.70ms] Passed 4 tests

This is a short check of server-side resources used by BuddyPress Security Check
This plugin has minimal impact on server resources
PageMemory (MB)CPU Time (ms)
Home /3.61 ▲0.1445.54 ▲8.85
Dashboard /wp-admin3.45 ▲0.1047.63 ▼14.54
Posts /wp-admin/edit.php3.56 ▲0.2043.59 ▼3.23
Add New Post /wp-admin/post-new.php6.03 ▲0.1484.48 ▼20.40
Media Library /wp-admin/upload.php3.37 ▲0.1438.79 ▲7.39

Server storage [IO: ▲0.28MB] [DB: ▲0.00MB] Passed 3 tests

How much does this plugin use your filesystem and database?
This plugin installed successfully
Filesystem: 158 new files
Database: no new tables, 6 new options
New WordPress options

Browser metrics Passed 4 tests

This is an overview of browser requirements for BuddyPress Security Check
This plugin renders optimally with no browser resource issues detected
PageNodesMemory (MB)Script (ms)Layout (ms)
Home /2,789 ▲1814.36 ▲0.121.69 ▼0.2243.60 ▲2.75
Dashboard /wp-admin2,198 ▲175.63 ▼0.0692.83 ▼7.1342.17 ▼1.69
Posts /wp-admin/edit.php2,100 ▼02.03 ▼0.0034.22 ▼2.8833.58 ▼5.82
Add New Post /wp-admin/post-new.php1,531 ▲323.07 ▼0.13679.06 ▲18.5058.72 ▲7.38
Media Library /wp-admin/upload.php1,394 ▼04.21 ▲0.0695.59 ▼4.5044.16 ▼0.72

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | Verifying that this plugin uninstalls completely without leaving any traces
These items require your attention
  • Zombie WordPress options detected upon uninstall: 6 options
    • can_compress_scripts
    • widget_recent-posts
    • db_upgraded
    • theysaidso_admin_options
    • widget_theysaidso_widget
    • widget_recent-comments

Smoke tests 75% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | A smoke test targeting server-side errors
Even though everything seems fine, this is not an exhaustive test

SRP 50% from 2 tests

🔹 Tests weight: 20 | SRP (Single-Responsibility Principle) - PHP files must act as libraries and never output text or perform any action when accessed directly in a browser
Please fix the following
  • 98× GET requests to PHP files trigger server-side errors or Error 500 responses (only 10 are shown):
    • > PHP Fatal error
      Uncaught Error: Class 'Composer\\Installers\\BaseInstaller' not found in wp-content/plugins/bp-security-check/vendor/composer/installers/src/Composer/Installers/DrupalInstaller.php:4
    • > PHP Fatal error
      Uncaught Error: Interface 'ReCaptcha\\RequestMethod' not found in wp-content/plugins/bp-security-check/vendor/google/recaptcha/src/ReCaptcha/RequestMethod/CurlPost.php:37
    • > PHP Fatal error
      Uncaught Error: Class 'Composer\\Installers\\BaseInstaller' not found in wp-content/plugins/bp-security-check/vendor/composer/installers/src/Composer/Installers/MicroweberInstaller.php:4
    • > PHP Fatal error
      Uncaught Error: Class 'Composer\\Installers\\BaseInstaller' not found in wp-content/plugins/bp-security-check/vendor/composer/installers/src/Composer/Installers/BitrixInstaller.php:26
    • > PHP Fatal error
      Uncaught Error: Class 'Composer\\Installers\\BaseInstaller' not found in wp-content/plugins/bp-security-check/vendor/composer/installers/src/Composer/Installers/LaravelInstaller.php:4
    • > PHP Fatal error
      Uncaught Error: Class 'Composer\\Installers\\BaseInstaller' not found in wp-content/plugins/bp-security-check/vendor/composer/installers/src/Composer/Installers/JoomlaInstaller.php:4
    • > PHP Fatal error
      Uncaught Error: Class 'PHPUnit_Framework_TestCase' not found in wp-content/plugins/bp-security-check/vendor/google/recaptcha/tests/ReCaptcha/RequestMethod/SocketPostTest.php:31
    • > PHP Fatal error
      Uncaught Error: Class 'Composer\\Installers\\BaseInstaller' not found in wp-content/plugins/bp-security-check/vendor/composer/installers/src/Composer/Installers/MediaWikiInstaller.php:4
    • > PHP Fatal error
      Uncaught Error: Class 'Composer\\Installer\\LibraryInstaller' not found in wp-content/plugins/bp-security-check/vendor/composer/installers/src/Composer/Installers/Installer.php:9
    • > PHP Fatal error
      Uncaught Error: Call to undefined function Shea\\BP_Security_Check\\add_action() in wp-content/plugins/bp-security-check/bp-security-check.php:42

User-side errors Passed 1 test

🔹 Test weight: 20 | A shallow check that no browser errors were triggered
There were no browser issues found


Plugin configuration Passed 29 tests

readme.txt Passed 16 tests

The readme.txt file uses markdown syntax to describe your plugin to the world
5 plugin tags: registration, math, security, buddypress, anti-spam

bp-security-check/bp-security-check.php Passed 13 tests

Analyzing the main PHP file in "BuddyPress Security Check" version 3.2.2
129 characters long description:
Help combat spam registrations by forcing the user to answer a simple math sum while registering for your BuddyPress-powered site

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | There should be no dangerous file extensions present in any WordPress plugin
Success! There were no dangerous files found in this plugin4,927 lines of code in 139 files:
LanguageFilesBlank linesComment linesLines of code
PO File12117169393

PHP code Passed 2 tests

A brief analysis of cyclomatic complexity and code structure for this plugin
This plugin has no cyclomatic complexity issues
Cyclomatic complexity
Average complexity per logical line of code0.21
Average class complexity2.94
▷ Minimum class complexity1.00
▷ Maximum class complexity44.00
Average method complexity1.99
▷ Minimum method complexity1.00
▷ Maximum method complexity18.00
Code structure
▷ Abstract classes32.80%
▷ Concrete classes10497.20%
▷ Final classes00.00%
▷ Static methods52.26%
▷ Public methods18483.26%
▷ Protected methods3114.03%
▷ Private methods62.71%
▷ Named functions436.36%
▷ Anonymous functions763.64%
▷ Global constants00.00%
▷ Class constants10100.00%
▷ Public constants10100.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

Using a strong compression for your PNG files is a great way to speed-up your plugin
There were not PNG files found in your plugin