Benchmarks

Plugin footprint 82% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | The install procedure must perform silently

The plugin installed gracefully, with no errors

Server metrics [RAM: ▲0.08MB] [CPU: ▼293.54ms] 75% from 4 tests

This is a short check of server-side resources used by miniOrange Penetration Testing Tool

The following require your attention

CPU: You should keep total CPU usage under 500.00ms (currently 1,652.24ms on /wp-admin/admin.php?page=moSPT_site_statistics)

Page	Memory (MB)	CPU Time (ms)
Home /	3.68 ▲0.16	55.27 ▲4.59
Dashboard /wp-admin	3.52 ▲0.11	33.99 ▼1.54
Posts /wp-admin/edit.php	3.74 ▲0.10	39.87 ▲2.81
Add New Post /wp-admin/post-new.php	6.98 ▲0.01	91.35 ▼1,175.50
Media Library /wp-admin/upload.php	3.39 ▲0.10	23.45 ▲0.07
Summary /wp-admin/admin.php?page=moSPT_site_statistics	3.42	1,652.24
Account /wp-admin/admin.php?page=moSPT_site_account	3.49	32.59
Scan /wp-admin/admin.php?page=moSPT_site_PenTest	3.39	28.87

Server storage [IO: ▲0.73MB] [DB: ▲0.00MB] Passed 3 tests

A short overview of filesystem and database impact

This plugin was installed successfully

Filesystem: 42 new files

Database: no new tables, 3 new options

New WordPress options
mo_wpns_new_registration
mo_2factor_user_registration_status
MoSPT_dbversion

Browser metrics Passed 4 tests

An overview of browser requirements for miniOrange Penetration Testing Tool

This plugin has a minimal impact on browser resources

Page	Nodes	Memory (MB)	Script (ms)	Layout (ms)
Home /	3,801 ▲57	15.93 ▲0.25	5.87 ▼0.02	2.08 ▼0.40
Dashboard /wp-admin	2,931 ▲70	6.13 ▲0.02	116.21 ▼19.79	171.61 ▲3.94
Posts /wp-admin/edit.php	2,725 ▲34	3.24 ▲0.00	62.81 ▼0.84	145.50 ▲4.14
Add New Post /wp-admin/post-new.php	1,693 ▲32	18.16 ▲1.94	376.08 ▼45.68	195.83 ▲46.70
Media Library /wp-admin/upload.php	1,741 ▲43	5.71 ▲0.25	121.53 ▼12.84	204.84 ▲13.46
Summary /wp-admin/admin.php?page=moSPT_site_statistics	1,416	3.14	65.15	211.98
Account /wp-admin/admin.php?page=moSPT_site_account	1,273	2.76	65.64	175.56
Scan /wp-admin/admin.php?page=moSPT_site_PenTest	1,310	2.98	66.09	233.72

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | The uninstall procedure must remove all plugin files and extra database tables

Please fix the following items

Zombie WordPress options detected upon uninstall: 2 options
- mo_wpns_new_registration
- mo_2factor_user_registration_status

Smoke tests 25% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | Just a short smoke test targeting errors on the server (in the Apache logs)

Even though everything seems fine, this is not an exhaustive test

SRP 0% from 2 tests

🔹 Tests weight: 20 | The single-responsibility principle applies for WordPress plugins as well - please make sure your PHP files perform no actions when accessed directly

Please fix the following

1× PHP files perform the task of outputting text when accessed with GET requests:
- > /wp-content/plugins/miniorange-penetration-testing-tool/views/SitePenTest_statistics.php
29× PHP files trigger server errors when accessed directly (only 10 are shown):
- > PHP Fatal error
  Uncaught Error: Call to undefined function add_action() in wp-content/plugins/miniorange-penetration-testing-tool/controllers/PenTest/ajax.php:7
- > PHP Fatal error
  Uncaught Error: Call to undefined function sanitize_text_field() in wp-content/plugins/miniorange-penetration-testing-tool/views/navbar.php:11
- > PHP Fatal error
  Uncaught Error: Call to undefined function site_url() in wp-content/plugins/miniorange-penetration-testing-tool/views/SitePenTest_statistics.php:100
- > PHP Fatal error
  Uncaught Error: Call to undefined function get_site_option() in wp-content/plugins/miniorange-penetration-testing-tool/controllers/PenTest/registeration.php:2
- > PHP Fatal error
  Uncaught Error: Class 'MoSPT_ajax' not found in wp-content/plugins/miniorange-penetration-testing-tool/controllers/PenTest/statistics.php:2
- > PHP Warning
  include(): Failed opening 'controllers/navbar.php' for inclusion (include_path='.:/usr/share/php') in wp-content/plugins/miniorange-penetration-testing-tool/controllers/main_controller.php on line 5
- > PHP Notice
  Undefined variable: logo_url in wp-content/plugins/miniorange-penetration-testing-tool/views/navbar.php on line 4
- > PHP Notice
  Undefined variable: midCount in wp-content/plugins/miniorange-penetration-testing-tool/views/SitePenTest_statistics.php on line 31
- > PHP Fatal error
  Uncaught Error: Call to undefined function plugin_dir_url() in wp-content/plugins/miniorange-penetration-testing-tool/controllers/navbar.php:3
- > PHP Fatal error
  Uncaught Error: Call to undefined function current_user_can() in wp-content/plugins/miniorange-penetration-testing-tool/controllers/PenTest/account.php:4

User-side errors 0% from 1 test

🔹 Test weight: 20 | A shallow check that no browser errors were triggered

Please fix the following user-side errors

- > GET request to /wp-admin/admin.php?page=moSPT_site_statistics
- > Javascript (severe) in unknown
/wp-admin/admin.php?page=moSPT_site_statistics 264:43 Uncaught SyntaxError: Unexpected token ','

Optimizations

Plugin configuration 96% from 29 tests

readme.txt Passed 16 tests

It's important to format your readme.txt file correctly as it is parsed for the public listing of your plugin

5 plugin tags: security, pentest, vulnerabilities, penetration, analysis

miniorange-penetration-testing-tool/miniorange_mospt_settings.php 92% from 13 tests

"miniOrange Penetration Testing Tool" version 1.0.4's main PHP file describes plugin functionality and also serves as the entry point to any WordPress functionality

It is important to fix the following:

Main file name: The principal plugin file should be the same as the plugin slug ("miniorange-penetration-testing-tool.php" instead of "miniorange_mospt_settings.php")

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | There should be no dangerous file extensions present in any WordPress plugin

No dangerous file extensions were detected17,047 lines of code in 31 files:

Language	Files	Blank lines	Comment lines	Lines of code
CSS	4	2,381	21	15,410
PHP	24	232	15	1,469
JavaScript	3	3	25	168

PHP code Passed 2 tests

A short review of cyclomatic complexity and code structure

This plugin has no cyclomatic complexity issues

Cyclomatic complexity
Average complexity per logical line of code	0.28
Average class complexity	6.12
▷ Minimum class complexity	1.00
▷ Maximum class complexity	22.00
Average method complexity	2.24
▷ Minimum method complexity	1.00
▷ Maximum method complexity	18.00

Code structure
Namespaces	0
Interfaces	0
Traits	0
Classes	8
▷ Abstract classes	0	0.00%
▷ Concrete classes	8	100.00%
▷ Final classes	0	0.00%
Methods	33
▷ Static methods	2	6.06%
▷ Public methods	33	100.00%
▷ Protected methods	0	0.00%
▷ Private methods	0	0.00%
Functions	13
▷ Named functions	13	100.00%
▷ Anonymous functions	0	0.00%
Constants	20
▷ Global constants	2	10.00%
▷ Class constants	18	90.00%
▷ Public constants	18	100.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

PNG files should be compressed to save space and minimize bandwidth usage

10 PNG files occupy 0.11MB with 0.05MB in potential savings

Potential savings

Compression of 5 random PNG files using pngquant
File	Size - original	Size - compressed	Savings
includes/images/normal.png	15.74KB	7.91KB	▼ 49.78%
includes/images/normal1.png	15.74KB	7.91KB	▼ 49.78%
includes/images/sad.png	18.16KB	8.79KB	▼ 51.62%
includes/images/angry.png	20.40KB	9.65KB	▼ 52.68%
includes/images/miniorange_logo.png	1.95KB	1.16KB	▼ 40.58%

Code Review | miniOrange Penetration Testing Tool

About plugin

Code review

User reviews

Install metrics