Benchmarks
Plugin footprint 83% from 16 tests
Installer Passed 1 test
🔺 Critical test (weight: 50) | Checking the installer triggered no errors
The plugin installed successfully, without throwing any errors or notices
Server metrics [RAM: ▲0.00MB] [CPU: ▼0.46ms] Passed 4 tests
This is a short check of server-side resources used by WP Vulnerability Scanner
This plugin has minimal impact on server resources
| Page | Memory (MB) | CPU Time (ms) |
|---|---|---|
| Home / | 3.47 ▲0.01 | 40.87 ▼4.78 |
| Dashboard /wp-admin | 3.31 ▲0.00 | 50.97 ▼0.39 |
| Posts /wp-admin/edit.php | 3.36 ▲0.00 | 52.79 ▲0.45 |
| Add New Post /wp-admin/post-new.php | 5.89 ▲0.00 | 102.67 ▲4.12 |
| Media Library /wp-admin/upload.php | 3.23 ▲0.00 | 38.74 ▲2.89 |
Server storage [IO: ▲0.01MB] [DB: ▲0.00MB] Passed 3 tests
Filesystem and database footprint
This plugin installed successfully
Filesystem: 4 new files
Database: no new tables, 6 new options
| New WordPress options |
|---|
| widget_recent-posts |
| theysaidso_admin_options |
| can_compress_scripts |
| db_upgraded |
| widget_theysaidso_widget |
| widget_recent-comments |
Browser metrics Passed 4 tests
WP Vulnerability Scanner: an overview of browser usage
There were no issues detected in relation to browser resource usage
| Page | Nodes | Memory (MB) | Script (ms) | Layout (ms) |
|---|---|---|---|---|
| Home / | 2,802 ▼9 | 13.25 ▼0.28 | 4.84 ▲2.86 | 41.41 ▼2.56 |
| Dashboard /wp-admin | 2,202 ▼4 | 5.84 ▲0.95 | 104.54 ▼12.15 | 43.22 ▼0.16 |
| Posts /wp-admin/edit.php | 2,091 ▼1 | 2.05 ▲0.03 | 38.89 ▼18.78 | 34.46 ▼6.71 |
| Add New Post /wp-admin/post-new.php | 1,516 ▲2 | 17.65 ▲0.09 | 749.79 ▲114.62 | 60.40 ▲7.60 |
| Media Library /wp-admin/upload.php | 1,390 ▲2 | 4.28 ▲0.06 | 96.28 ▼8.71 | 42.68 ▼1.76 |
Uninstaller [IO: ✅] [DB: ▲0.00MB] 75% from 4 tests
🔸 Tests weight: 35 | It is important to correctly uninstall your plugin, without leaving any traces
You still need to fix the following
- This plugin does not fully uninstall, leaving 6 options in the database
- db_upgraded
- can_compress_scripts
- widget_theysaidso_widget
- widget_recent-comments
- widget_recent-posts
- theysaidso_admin_options
Smoke tests 75% from 4 tests
Server-side errors Passed 1 test
🔹 Test weight: 20 | A shallow check that no server-side errors were triggered
Even though no errors were found, this is by no means an exhaustive test
SRP 50% from 2 tests
🔹 Tests weight: 20 | SRP (Single-Responsibility Principle) - PHP files must act as libraries and never output text or perform any action when accessed directly in a browser
Almost there! Just fix the following items
- 1× PHP files trigger errors when accessed directly with GET requests:
- > PHP Fatal error
Uncaught Error: Call to undefined function add_action() in wp-content/plugins/wp-vulnerability-scanner/class.scanner.php:10
- > PHP Fatal error
User-side errors Passed 1 test
🔹 Test weight: 20 | A shallow check that no browser errors were triggered
Everything seems fine on the user side
Optimizations
Plugin configuration 86% from 29 tests
readme.txt Passed 16 tests
You should put a lot of thought into formatting readme.txt as it is used by WordPress.org to prepare the public listing of your plugin
5 plugin tags: wpscan vulnerability database, wpscan, vulnerability scanner, security, prevent hacking
wp-vulnerability-scanner/wp_vulnerability_scanner.php 69% from 13 tests
The principal PHP file in "WP Vulnerability Scanner" v. 1.4.0 is loaded by WordPress automatically on each request
The following require your attention:
- Domain Path: Use only dashes and lowercase characters for the domain path ("")
- Domain Path: Please prefix the domain path with a forward slash character ("/")
- Text Domain: The text domain should only use lowercase characters and dashes
- Main file name: The principal plugin file should be the same as the plugin slug ("wp-vulnerability-scanner.php" instead of "wp_vulnerability_scanner.php")
Code Analysis Passed 3 tests
File types Passed 1 test
🔸 Test weight: 35 | This is a short overview of programming languages used in this plugin, detecting executable files
Success! There were no dangerous files found in this plugin145 lines of code in 3 files:
| Language | Files | Blank lines | Comment lines | Lines of code |
|---|---|---|---|---|
| PHP | 2 | 50 | 14 | 140 |
| JavaScript | 1 | 1 | 0 | 5 |
PHP code Passed 2 tests
Cyclomatic complexity and code structure are the fingerprint of this plugin
Great job! No cyclomatic complexity issues were detected in this plugin
| Cyclomatic complexity | |
|---|---|
| Average complexity per logical line of code | 0.40 |
| Average class complexity | 18.00 |
| ▷ Minimum class complexity | 18.00 |
| ▷ Maximum class complexity | 18.00 |
| Average method complexity | 3.12 |
| ▷ Minimum method complexity | 1.00 |
| ▷ Maximum method complexity | 9.00 |
| Code structure | ||
|---|---|---|
| Namespaces | 0 | |
| Interfaces | 0 | |
| Traits | 0 | |
| Classes | 1 | |
| ▷ Abstract classes | 0 | 0.00% |
| ▷ Concrete classes | 1 | 100.00% |
| ▷ Final classes | 0 | 0.00% |
| Methods | 8 | |
| ▷ Static methods | 3 | 37.50% |
| ▷ Public methods | 8 | 100.00% |
| ▷ Protected methods | 0 | 0.00% |
| ▷ Private methods | 0 | 0.00% |
| Functions | 1 | |
| ▷ Named functions | 1 | 100.00% |
| ▷ Anonymous functions | 0 | 0.00% |
| Constants | 0 | |
| ▷ Global constants | 0 | 0.00% |
| ▷ Class constants | 0 | 0.00% |
| ▷ Public constants | 0 | 0.00% |
Plugin size Passed 2 tests
Image compression Passed 2 tests
All PNG images should be compressed to minimize bandwidth usage for end users
PNG images were not found in this plugin