Benchmarks
Plugin footprint 83% from 16 tests
Installer Passed 1 test
🔺 Critical test (weight: 50) | Verifying that this plugin installs correctly without errors
This plugin's installer ran successfully
Server metrics [RAM: ▲0.63MB] [CPU: ▼1.69ms] Passed 4 tests
Server-side resources used by CloneGuard Security Scanning
Normal server usage
| Page | Memory (MB) | CPU Time (ms) |
|---|---|---|
| Home / | 4.08 ▲0.62 | 45.81 ▼0.49 |
| Dashboard /wp-admin | 3.98 ▲0.68 | 49.03 ▼0.19 |
| Posts /wp-admin/edit.php | 4.03 ▲0.68 | 53.58 ▲3.75 |
| Add New Post /wp-admin/post-new.php | 6.50 ▲0.62 | 90.75 ▼9.84 |
| Media Library /wp-admin/upload.php | 3.84 ▲0.62 | 40.29 ▲5.99 |
| Overview /wp-admin/admin.php?page=cgss_overview | 3.70 | 29.00 |
| Options /wp-admin/admin.php?page=cgss_options | 3.70 | 25.79 |
| Reports /wp-admin/admin.php?page=cgss_reports | 3.70 | 26.88 |
| Settings /wp-admin/admin.php?page=cgss_settings | 3.82 | 37.58 |
| Scans /wp-admin/admin.php?page=cgss_scans | 3.70 | 27.75 |
| Vulnerabilities /wp-admin/admin.php?page=cgss_vulnerabilities | 3.70 | 27.98 |
Server storage [IO: ▲2.29MB] [DB: ▲0.00MB] Passed 3 tests
Filesystem and database footprint
There were no storage issued detected upon installing this plugin
Filesystem: 65 new files
Database: no new tables, 7 new options
| New WordPress options |
|---|
| db_upgraded |
| widget_recent-comments |
| widget_theysaidso_widget |
| widget_recent-posts |
| theysaidso_admin_options |
| can_compress_scripts |
| widget_clone_guard_widget |
Browser metrics Passed 4 tests
CloneGuard Security Scanning: an overview of browser usage
Minimal impact on browser resources
| Page | Nodes | Memory (MB) | Script (ms) | Layout (ms) |
|---|---|---|---|---|
| Home / | 2,843 ▲86 | 14.80 ▲0.29 | 1.67 ▼0.77 | 44.72 ▲4.59 |
| Dashboard /wp-admin | 2,249 ▲67 | 5.90 ▲0.08 | 100.24 ▼1.15 | 38.79 ▼3.17 |
| Posts /wp-admin/edit.php | 2,132 ▲43 | 2.05 ▲0.02 | 41.00 ▲0.50 | 35.86 ▼1.88 |
| Add New Post /wp-admin/post-new.php | 1,567 ▲34 | 23.23 ▼0.03 | 638.45 ▼57.90 | 56.55 ▲5.42 |
| Media Library /wp-admin/upload.php | 1,431 ▲43 | 4.18 ▲0.01 | 94.62 ▼14.39 | 41.33 ▼2.13 |
| Overview /wp-admin/admin.php?page=cgss_overview | 971 | 2.23 | 26.44 | 41.53 |
| Options /wp-admin/admin.php?page=cgss_options | 974 | 2.08 | 27.59 | 37.59 |
| Reports /wp-admin/admin.php?page=cgss_reports | 971 | 2.05 | 27.28 | 38.78 |
| Settings /wp-admin/admin.php?page=cgss_settings | 972 | 2.08 | 24.57 | 37.21 |
| Scans /wp-admin/admin.php?page=cgss_scans | 974 | 2.05 | 24.31 | 35.42 |
| Vulnerabilities /wp-admin/admin.php?page=cgss_vulnerabilities | 971 | 2.04 | 24.77 | 37.42 |
Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests
🔸 Tests weight: 35 | All plugins must uninstall correctly, removing their source code and extra database tables they might have created
Please fix the following items
- This plugin does not fully uninstall, leaving 7 options in the database
- widget_recent-comments
- can_compress_scripts
- theysaidso_admin_options
- db_upgraded
- widget_recent-posts
- widget_clone_guard_widget
- widget_theysaidso_widget
Smoke tests 75% from 4 tests
Server-side errors Passed 1 test
🔹 Test weight: 20 | This is a shallow check for server-side errors
The smoke test was a success, however most plugin functionality was not tested
SRP 50% from 2 tests
🔹 Tests weight: 20 | The single-responsibility principle applies for WordPress plugins as well - please make sure your PHP files perform no actions when accessed directly
Please take a closer look at the following
- 21× PHP files trigger server-side errors or warnings when accessed directly (only 10 are shown):
- > PHP Fatal error
Uncaught Error: Call to undefined function esc_url() in wp-content/plugins/clone-guard-security-scanning/views/admin_vulnerabilities.php:5
- > PHP Fatal error
Uncaught Error: Call to undefined function esc_url() in wp-content/plugins/clone-guard-security-scanning/views/admin_vulnerability_view.php:6
- > PHP Fatal error
Uncaught Error: Call to undefined function esc_url() in wp-content/plugins/clone-guard-security-scanning/views/admin_settings.php:6
- > PHP Fatal error
Uncaught Error: Call to undefined function esc_url() in wp-content/plugins/clone-guard-security-scanning/views/admin_scan_create.php:5
- > PHP Fatal error
Uncaught Error: Call to undefined function esc_url() in wp-content/plugins/clone-guard-security-scanning/views/admin_overview.php:6
- > PHP Fatal error
Uncaught Error: Call to undefined function esc_url() in wp-content/plugins/clone-guard-security-scanning/views/admin_vulnerability_add_exception.php:5
- > PHP Notice
Undefined variable: action in wp-content/plugins/clone-guard-security-scanning/views/admin_overview.php on line 1
- > PHP Fatal error
Uncaught Error: Call to undefined function esc_url() in wp-content/plugins/clone-guard-security-scanning/views/admin_target_create.php:5
- > PHP Fatal error
Uncaught Error: Call to undefined function esc_url() in wp-content/plugins/clone-guard-security-scanning/views/admin_target_edit.php:5
- > PHP Fatal error
Uncaught Error: Call to undefined function esc_url() in wp-content/plugins/clone-guard-security-scanning/views/admin_schedule_create.php:6
- > PHP Fatal error
User-side errors Passed 1 test
🔹 Test weight: 20 | This is a smoke test targeting browser errors/issues
There were no browser issues found
Optimizations
Plugin configuration 96% from 29 tests
readme.txt Passed 16 tests
The readme.txt file uses markdown syntax to describe your plugin to the world
10 plugin tags: penetration testing, owasp, pci scan, vulnerability scanning, pci asv...
clone-guard-security-scanning/main.php 92% from 13 tests
The principal PHP file in "CloneGuard Security Scanning" v. 2.4 is loaded by WordPress automatically on each request
The following require your attention:
- Main file name: Even though not officially enforced, the main plugin file should be the same as the plugin slug ("clone-guard-security-scanning.php" instead of "main.php")
Code Analysis 97% from 3 tests
File types Passed 1 test
🔸 Test weight: 35 | An overview of files in this plugin; executable files are not allowed
Good job! No executable or dangerous file extensions detected7,710 lines of code in 35 files:
| Language | Files | Blank lines | Comment lines | Lines of code |
|---|---|---|---|---|
| PHP | 21 | 843 | 180 | 5,731 |
| CSS | 10 | 325 | 105 | 1,211 |
| JavaScript | 4 | 116 | 28 | 768 |
PHP code 50% from 2 tests
A short review of cyclomatic complexity and code structure
Please tend to the following items
- Method cyclomatic complexity should be reduced to less than 100 (currently 104)
| Cyclomatic complexity | |
|---|---|
| Average complexity per logical line of code | 0.28 |
| Average class complexity | 190.33 |
| ▷ Minimum class complexity | 20.00 |
| ▷ Maximum class complexity | 461.00 |
| Average method complexity | 7.60 |
| ▷ Minimum method complexity | 1.00 |
| ▷ Maximum method complexity | 104.00 |
| Code structure | ||
|---|---|---|
| Namespaces | 0 | |
| Interfaces | 0 | |
| Traits | 0 | |
| Classes | 3 | |
| ▷ Abstract classes | 0 | 0.00% |
| ▷ Concrete classes | 3 | 100.00% |
| ▷ Final classes | 0 | 0.00% |
| Methods | 86 | |
| ▷ Static methods | 0 | 0.00% |
| ▷ Public methods | 86 | 100.00% |
| ▷ Protected methods | 0 | 0.00% |
| ▷ Private methods | 0 | 0.00% |
| Functions | 0 | |
| ▷ Named functions | 0 | 0.00% |
| ▷ Anonymous functions | 0 | 0.00% |
| Constants | 0 | |
| ▷ Global constants | 0 | 0.00% |
| ▷ Class constants | 0 | 0.00% |
| ▷ Public constants | 0 | 0.00% |
Plugin size 50% from 2 tests
Image compression 50% from 2 tests
Often times overlooked, PNG files can occupy unnecessary space in your plugin
28 PNG files occupy 1.73MB with 0.90MB in potential savings
Potential savings
| Compression of 5 random PNG files using pngquant | |||
|---|---|---|---|
| File | Size - original | Size - compressed | Savings |
| img/report-screenshot2.png | 252.93KB | 139.07KB | ▼ 45.02% |
| img/generate-seals-product3.png | 83.49KB | 27.42KB | ▼ 67.16% |
| img/pci.png | 3.42KB | 3.26KB | ▼ 4.49% |
| img/vulnerabilities/qod.png | 19.29KB | 1.77KB | ▼ 90.80% |
| img/banner-772x250.png | 45.18KB | 22.01KB | ▼ 51.28% |