83% exploit-scanner-for-active-theme

Code Review | Exploit Scanner for Active Theme

WordPress plugin Exploit Scanner for Active Theme scored83%from 54 tests.

About plugin

  • Plugin page: exploit-scanner-f...
  • Plugin version: 1.0.5
  • PHP version: 7.4.16
  • WordPress compatibility: 4.4-4.8
  • WordPress version: 6.3.1
  • First release: Jul 8, 2016
  • Latest release: Sep 6, 2016
  • Number of updates: 17
  • Update frequency: every 56.3 days
  • Top authors: taunoh (100%)

Code review

54 tests

User reviews

1 review

Install metrics

30+ active /2,798 total downloads

Benchmarks

Plugin footprint 83% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | Verifying that this plugin installs correctly without errors
This plugin's installer ran successfully

Server metrics [RAM: ▲0.07MB] [CPU: ▼1.33ms] Passed 4 tests

An overview of server-side resources used by Exploit Scanner for Active Theme
Server-side resource usage in normal parameters
PageMemory (MB)CPU Time (ms)
Home /3.53 ▲0.0741.38 ▼0.84
Dashboard /wp-admin3.37 ▲0.0750.86 ▲1.29
Posts /wp-admin/edit.php3.42 ▲0.0750.73 ▲1.35
Add New Post /wp-admin/post-new.php5.97 ▲0.0993.53 ▼6.88
Media Library /wp-admin/upload.php3.30 ▲0.0738.94 ▲1.12
Theme Scanner /wp-admin/tools.php?page=px_theme_scanner3.2635.50

Server storage [IO: ▲0.07MB] [DB: ▲0.00MB] Passed 3 tests

How much does this plugin use your filesystem and database?
This plugin was installed successfully
Filesystem: 7 new files
Database: no new tables, 6 new options
New WordPress options
widget_recent-posts
theysaidso_admin_options
widget_recent-comments
can_compress_scripts
db_upgraded
widget_theysaidso_widget

Browser metrics Passed 4 tests

Exploit Scanner for Active Theme: an overview of browser usage
This plugin renders optimally with no browser resource issues detected
PageNodesMemory (MB)Script (ms)Layout (ms)
Home /2,793 ▲3214.73 ▲0.372.06 ▲0.4047.29 ▼2.20
Dashboard /wp-admin2,196 ▲195.60 ▲0.0194.13 ▼8.3743.51 ▼1.64
Posts /wp-admin/edit.php2,114 ▲142.07 ▲0.0440.78 ▲6.4134.23 ▼2.81
Add New Post /wp-admin/post-new.php6,298 ▲4,77023.17 ▲0.08911.75 ▲236.3736.96 ▼30.82
Media Library /wp-admin/upload.php1,401 ▼24.21 ▲0.04100.46 ▼8.3941.74 ▼11.80
Theme Scanner /wp-admin/tools.php?page=px_theme_scanner8311.7222.9533.95

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | It is important to correctly uninstall your plugin, without leaving any traces
These items require your attention
  • This plugin did not uninstall successfully, leaving 6 options in the database
    • db_upgraded
    • widget_theysaidso_widget
    • widget_recent-posts
    • can_compress_scripts
    • theysaidso_admin_options
    • widget_recent-comments

Smoke tests 75% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | A shallow check that no server-side errors were triggered
Everything seems fine, however this is by no means an exhaustive test

SRP 50% from 2 tests

🔹 Tests weight: 20 | SRP (Single-Responsibility Principle) - PHP files must act as libraries and never output text or perform any action when accessed directly in a browser
Please fix the following items
  • 1× PHP files perform the task of outputting text when accessed with GET requests:
    • > /wp-content/plugins/exploit-scanner-for-active-theme/index.php

User-side errors Passed 1 test

🔹 Test weight: 20 | A shallow check that no browser errors were triggered
There were no browser issues found

Optimizations

Plugin configuration 90% from 29 tests

readme.txt 94% from 16 tests

Don't ignore readme.txt as it is the file that instructs WordPress.org on how to present your plugin to the world
Attributes that require attention:
  • Screenshots: Screenshot #1 (No setup required.) image required
The official readme.txt might help

exploit-scanner-for-active-theme/index.php 85% from 13 tests

The principal PHP file in "Exploit Scanner for Active Theme" v. 1.0.5 is loaded by WordPress automatically on each request
Please make the necessary changes and fix the following:
  • Text Domain: The text domain name should consist of only dashes and lowercase characters
  • Main file name: Even though not officially enforced, the main plugin file should be the same as the plugin slug ("exploit-scanner-for-active-theme.php" instead of "index.php")

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | This is an overview of programming languages used in this plugin; dangerous file extensions are not allowed
No dangerous file extensions were detected372 lines of code in 3 files:
LanguageFilesBlank linesComment linesLines of code
PHP16231233
JavaScript1268114
CSS14025

PHP code Passed 2 tests

An overview of cyclomatic complexity and code structure
All good! No complexity issues found
Cyclomatic complexity
Average complexity per logical line of code0.23
Average class complexity27.00
▷ Minimum class complexity27.00
▷ Maximum class complexity27.00
Average method complexity3.17
▷ Minimum method complexity1.00
▷ Maximum method complexity8.00
Code structure
Namespaces0
Interfaces0
Traits0
Classes1
▷ Abstract classes00.00%
▷ Concrete classes1100.00%
▷ Final classes00.00%
Methods12
▷ Static methods00.00%
▷ Public methods12100.00%
▷ Protected methods00.00%
▷ Private methods00.00%
Functions0
▷ Named functions00.00%
▷ Anonymous functions00.00%
Constants0
▷ Global constants00.00%
▷ Class constants00.00%
▷ Public constants00.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

PNG files should be compressed to save space and minimize bandwidth usage
There are no PNG files in this plugin