Benchmarks

Plugin footprint 83% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | Verifying that this plugin installs correctly without errors

This plugin's installer ran successfully

Server metrics [RAM: ▲0.25MB] [CPU: ▼0.68ms] Passed 4 tests

This is a short check of server-side resources used by WPVulnerability

This plugin does not affect your website's performance

Page	Memory (MB)	CPU Time (ms)
Home /	3.47 ▲0.01	38.59 ▲0.82
Dashboard /wp-admin	3.64 ▲0.34	48.64 ▲1.87
Posts /wp-admin/edit.php	3.76 ▲0.40	46.44 ▼3.15
Add New Post /wp-admin/post-new.php	6.22 ▲0.33	87.22 ▼2.28
Media Library /wp-admin/upload.php	3.57 ▲0.33	37.61 ▲3.45
WPVulnerability /wp-admin/options-general.php?page=wpvulnerability-options	3.53	31.85

Server storage [IO: ▲0.37MB] [DB: ▲0.00MB] Passed 3 tests

How much does this plugin use your filesystem and database?

The plugin installed successfully

Filesystem: 26 new files

Database: no new tables, 6 new options

New WordPress options
widget_recent-comments
widget_theysaidso_widget
can_compress_scripts
db_upgraded
widget_recent-posts
theysaidso_admin_options

Browser metrics Passed 4 tests

Checking browser requirements for WPVulnerability

Normal browser usage

Page	Nodes	Memory (MB)	Script (ms)	Layout (ms)
Home /	2,850 ▲89	14.37 ▲0.01	1.69 ▲0.04	43.46 ▲5.34
Dashboard /wp-admin	2,256 ▲76	5.52 ▼0.08	81.63 ▼3.40	40.00 ▼4.31
Posts /wp-admin/edit.php	2,106 ▲3	1.98 ▼0.05	34.64 ▼8.40	35.99 ▼4.61
Add New Post /wp-admin/post-new.php	1,536 ▲7	23.19 ▼0.12	617.49 ▼61.89	58.00 ▼0.10
Media Library /wp-admin/upload.php	1,406 ▲12	4.17 ▼0.05	96.18 ▲1.57	43.27 ▼2.96
WPVulnerability /wp-admin/options-general.php?page=wpvulnerability-options	862	1.99	22.67	28.88

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | All plugins must uninstall correctly, removing their source code and extra database tables they might have created

The following items require your attention

This plugin did not uninstall successfully, leaving 6 options in the database
- can_compress_scripts
- db_upgraded
- widget_recent-posts
- widget_recent-comments
- widget_theysaidso_widget
- theysaidso_admin_options

Smoke tests 75% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | This is a shallow check for server-side errors

Everything seems fine, however this is by no means an exhaustive test

SRP 50% from 2 tests

🔹 Tests weight: 20 | A shallow check of the single-responsibility principle; PHP files should perform no action - including output of placeholder text - and trigger no errors when accessed directly

Please take a closer look at the following

11× PHP files output non-empty strings when accessed directly via GET requests (only 10 are shown):
- > /wp-content/plugins/wpvulnerability/wpvulnerability-core.php
- > /wp-content/plugins/wpvulnerability/wpvulnerability.php
- > /wp-content/plugins/wpvulnerability/wpvulnerability-sitehealth.php
- > /wp-content/plugins/wpvulnerability/wpvulnerability-admin.php
- > /wp-content/plugins/wpvulnerability/wpvulnerability-plugins.php
- > /wp-content/plugins/wpvulnerability/wpvulnerability-cli.php
- > /wp-content/plugins/wpvulnerability/wpvulnerability-notifications.php
- > /wp-content/plugins/wpvulnerability/wpvulnerability-process.php
- > /wp-content/plugins/wpvulnerability/wpvulnerability-themes.php
- > /wp-content/plugins/wpvulnerability/wpvulnerability-run.php

User-side errors Passed 1 test

🔹 Test weight: 20 | This is just a short smoke test looking for browser issues

Everything seems fine, but this is not an exhaustive test

Optimizations

Plugin configuration Passed 29 tests

readme.txt Passed 16 tests

Don't ignore readme.txt as it is the file that instructs WordPress.org on how to present your plugin to the world

6 plugin tags: theme security, vulnerability, plugin security, wordpress security, security...

wpvulnerability/wpvulnerability.php Passed 13 tests

The main file in "WPVulnerability" v. 2.2.1 serves as a complement to information provided in readme.txt and as the entry point to the plugin

120 characters long description:

Check WordPress core, plugins, and theme vulnerabilities with information from the WordPress Vulnerability Database API.

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | A short glimpse at programming languages used with this plugin and a check that no dangerous files are present

Success! There were no dangerous files found in this plugin1,967 lines of code in 13 files:

Language	Files	Blank lines	Comment lines	Lines of code
PHP	12	534	883	1,902
CSS	1	1	2	65

PHP code Passed 2 tests

This plugin's cyclomatic complexity and code structure detailed below

No cyclomatic complexity issues were detected for this plugin

Cyclomatic complexity
Average complexity per logical line of code	0.48
Average class complexity	0.00
▷ Minimum class complexity	0.00
▷ Maximum class complexity	0.00
Average method complexity	0.00
▷ Minimum method complexity	0.00
▷ Maximum method complexity	0.00

Code structure
Namespaces	0
Interfaces	0
Traits	0
Classes	0
▷ Abstract classes	0	0.00%
▷ Concrete classes	0	0.00%
▷ Final classes	0	0.00%
Methods	0
▷ Static methods	0	0.00%
▷ Public methods	0	0.00%
▷ Protected methods	0	0.00%
▷ Private methods	0	0.00%
Functions	60
▷ Named functions	60	100.00%
▷ Anonymous functions	0	0.00%
Constants	7
▷ Global constants	7	100.00%
▷ Class constants	0	0.00%
▷ Public constants	0	0.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

PNG files should be compressed to save space and minimize bandwidth usage

10 PNG files occupy 0.25MB with 0.07MB in potential savings

Potential savings

Compression of 5 random PNG files using pngquant
File	Size - original	Size - compressed	Savings
assets/screenshot-2.png	62.98KB	31.44KB	▼ 50.07%
assets/banner-772x250.png	10.91KB	11.52KB	0.00%
assets/icon-158x158.png	5.54KB	5.78KB	0.00%
assets/screenshot-3.png	71.26KB	35.23KB	▼ 50.56%
assets/logo64.png	4.43KB	2.33KB	▼ 47.32%

Code Review | WPVulnerability

About plugin

Code review

User reviews

Install metrics