72% system-vulnerability-scanner

Code Review | System Vulnerability Scanner

WordPress plugin System Vulnerability Scanner scored72%from 54 tests.

About plugin

  • Plugin page: system-vulnerabil...
  • Plugin version: 0.1
  • PHP version: 7.4.16
  • WordPress compatibility: 4.0-4.6.1
  • WordPress version: 6.3.1
  • First release: Nov 30, 2016
  • Latest release: Dec 1, 2016
  • Number of updates: 5
  • Update frequency: every 1.6 days
  • Top authors: dano1066 (100%)

Code review

54 tests

User reviews

1 review

Install metrics

10+ active /501 total downloads


Plugin footprint 83% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | The install procedure must perform silently
This plugin's installer ran successfully

Server metrics [RAM: ▲0.03MB] [CPU: ▼6.23ms] Passed 4 tests

An overview of server-side resources used by System Vulnerability Scanner
Server-side resource usage in normal parameters
PageMemory (MB)CPU Time (ms)
Home /3.50 ▲0.0338.24 ▼0.25
Dashboard /wp-admin3.34 ▼0.0051.01 ▼14.18
Posts /wp-admin/edit.php3.39 ▲0.0451.19 ▼4.38
Add New Post /wp-admin/post-new.php5.92 ▲0.04100.14 ▼6.10
Media Library /wp-admin/upload.php3.26 ▲0.0437.95 ▲1.66
Vulnerability Scan /wp-admin/options-general.php?page=system-vul-scan3.2135.20

Server storage [IO: ▲0.04MB] [DB: ▲0.00MB] Passed 3 tests

Filesystem and database footprint
The plugin installed successfully
Filesystem: 5 new files
Database: no new tables, 6 new options
New WordPress options

Browser metrics Passed 4 tests

This is an overview of browser requirements for System Vulnerability Scanner
Minimal impact on browser resources
PageNodesMemory (MB)Script (ms)Layout (ms)
Home /2,797 ▲1114.69 ▲0.341.71 ▼0.1539.46 ▼2.72
Dashboard /wp-admin2,200 ▲205.61 ▲0.0092.24 ▼3.6945.77 ▲4.73
Posts /wp-admin/edit.php2,108 ▲82.03 ▲0.0439.13 ▼1.6034.70 ▼3.68
Add New Post /wp-admin/post-new.php1,533 ▲723.30 ▼0.35628.15 ▼53.1450.23 ▼13.01
Media Library /wp-admin/upload.php1,411 ▲114.19 ▲0.0195.78 ▼8.1042.93 ▼0.52
Vulnerability Scan /wp-admin/options-general.php?page=system-vul-scan1,2261.9638.0535.33

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | Checking the uninstaller removed all traces of the plugin
You still need to fix the following
  • This plugin does not fully uninstall, leaving 6 options in the database
    • widget_recent-posts
    • can_compress_scripts
    • widget_theysaidso_widget
    • db_upgraded
    • widget_recent-comments
    • theysaidso_admin_options

Smoke tests 25% from 4 tests

Server-side errors 0% from 1 test

🔹 Test weight: 20 | A smoke test targeting server-side errors
Please fix the following server-side errors
    • > GET request to /wp-admin/options-general.php?page=system-vul-scan
    • > Notice in wp-content/plugins/system-vulnerability-scanner/scan.php+43
    Undefined variable: passcoun

SRP 50% from 2 tests

🔹 Tests weight: 20 | The single-responsibility principle applies for WordPress plugins as well - please make sure your PHP files perform no actions when accessed directly
Almost there! Just fix the following items
  • 2× PHP files trigger errors when accessed directly with GET requests:
    • > PHP Fatal error
      Uncaught Error: Call to undefined function add_action() in wp-content/plugins/system-vulnerability-scanner/scan.php:11
    • > PHP Fatal error
      Uncaught Error: Call to undefined function add_action() in wp-content/plugins/system-vulnerability-scanner/scan.php:11

User-side errors 0% from 1 test

🔹 Test weight: 20 | A shallow check that no browser errors were triggered
Please fix the following user-side errors
    • > GET request to /wp-admin/options-general.php?page=system-vul-scan
    • > Network (severe)
    wp-content/plugins/dh-system-vul-scanner/style.css?ver=0.2 - Failed to load resource: the server responded with a status of 404 (Not Found)


Plugin configuration 90% from 29 tests

readme.txt Passed 16 tests

The readme.txt file uses markdown syntax to describe your plugin to the world
3 plugin tags: scan, security, vulnerability

system-vulnerability-scanner/system-vul-scan.php 77% from 13 tests

The principal PHP file in "System Vulnerability Scanner" v. 0.1 is loaded by WordPress automatically on each request
Please make the necessary changes and fix the following:
  • Requires at least: The required version number must match the one declared in readme.txt ("4.6" instead of "4.0")
  • Main file name: Even though not officially enforced, the main plugin file should be the same as the plugin slug ("system-vulnerability-scanner.php" instead of "system-vul-scan.php")
  • Text Domain: The text domain must be the same as the plugin slug, although optional since WordPress version 4.6

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | A short check of programming languages and file extensions; no executable files are allowed
No dangerous file extensions were detected243 lines of code in 4 files:
LanguageFilesBlank linesComment linesLines of code

PHP code Passed 2 tests

Cyclomatic complexity and code structure are the fingerprint of this plugin
All good! No complexity issues found
Cyclomatic complexity
Average complexity per logical line of code0.29
Average class complexity0.00
▷ Minimum class complexity0.00
▷ Maximum class complexity0.00
Average method complexity0.00
▷ Minimum method complexity0.00
▷ Maximum method complexity0.00
Code structure
▷ Abstract classes00.00%
▷ Concrete classes00.00%
▷ Final classes00.00%
▷ Static methods00.00%
▷ Public methods00.00%
▷ Protected methods00.00%
▷ Private methods00.00%
▷ Named functions8100.00%
▷ Anonymous functions00.00%
▷ Global constants00.00%
▷ Class constants00.00%
▷ Public constants00.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

All PNG images should be compressed to minimize bandwidth usage for end users
There are no PNG files in this plugin