WP-Safety

Additional Plugins Descriptions Security & Risk Analysis

wordpress.org/plugins/additional-plugins-descriptions

Allows you to write additional descriptions for plugins.

0 active installs v0.1.0 PHP 5.3.0+ WP 4.6+ Updated Feb 19, 2018
admincommentsdescriptionsplugins
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Additional Plugins Descriptions Safe to Use in 2026?

Generally Safe

Score 85/100

Additional Plugins Descriptions has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago
Risk Assessment

The "additional-plugins-descriptions" v0.1.0 plugin exhibits a concerning security posture primarily due to its limited attack surface and a single unprotected AJAX handler. While it demonstrates good practices by using prepared statements for SQL queries and properly escaping all outputs, the presence of the "unserialize" function is a significant red flag. This function is notoriously dangerous if not handled with extreme care, as it can lead to remote code execution if it processes untrusted user input. The lack of nonce checks and capability checks on its AJAX endpoint further amplifies this risk, allowing any authenticated user to potentially trigger the "unserialize" function with crafted input.

Despite the absence of known vulnerabilities (CVEs) and any recorded critical or high-severity taint flows, the static analysis reveals foundational security weaknesses. The single unprotected AJAX entry point coupled with a dangerous function presents a clear and present risk. The plugin's vulnerability history of "none recorded" is a positive sign, but it does not negate the inherent dangers identified in the code. Therefore, while the plugin doesn't have a history of breaches, its current implementation is risky and requires immediate attention, especially concerning the handling of serialized data.

Key Concerns

  • Unprotected AJAX handler
  • Use of unserialize()
  • Missing nonce check on AJAX
  • Missing capability check on AJAX
Vulnerabilities
None known

Additional Plugins Descriptions Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Additional Plugins Descriptions Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
0
2 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

unserialize$this->descriptions=unserialize($this->descriptions);additional-plugins-descriptions.php:165

Output Escaping

100% escaped2 total outputs
Attack Surface
1 unprotected

Additional Plugins Descriptions Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_set_plugin_descriptionsadditional-plugins-descriptions.php:29
WordPress Hooks 3
actionadmin_enqueue_scriptsadditional-plugins-descriptions.php:25
filterplugin_row_metaadditional-plugins-descriptions.php:27
actiondelete_pluginadditional-plugins-descriptions.php:31
Maintenance & Trust

Additional Plugins Descriptions Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29
Last updatedFeb 19, 2018
PHP min version5.3.0
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Additional Plugins Descriptions Alternatives

WPCore Plugin Manager

WPCore Plugin Manager

wpcore

A
100

Create plugin collections and install them in one click on any WordPress site.

10K No CVEs
One Click Close Comments

One Click Close Comments

one-click-close-comments

A
99

Conveniently close or open comments for a post or page with one click from the admin listing of posts.

6K 1 CVE
Relative URL

Relative URL

relative-url

A
85

Relative URL applies wp_make_link_relative function to links to convert them to relative URLs.

3K No CVEs
Hide Plugins

Hide Plugins

hide-plugins

C
63

Hide installed plugins from clients and other admin users.

1K 1 unpatched
Plugin Report

Plugin Report

plugin-report

A
100

A WordPress plugin that provides detailed information about currently installed plugins.

1K No CVEs
Developer Profile

Additional Plugins Descriptions Developer Profile

patanaka

1 plugin · 0 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Additional Plugins Descriptions

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/additional-plugins-descriptions/additional-plugins-descriptions.js
Script Paths
/wp-content/plugins/additional-plugins-descriptions/additional-plugins-descriptions.js
Version Parameters
additional-plugins-descriptions/additional-plugins-descriptions.js?ver=

HTML / DOM Fingerprints

CSS Classes
apd-tableapd-editableapd-editable-temporaryapd-editable-permanent
HTML Comments
яваскриптвыводить доп информацию под стандартным описанием плагинасохранять изменённое описание плагинапри удалении любого плагина удалять и временное описание для него+7 more
Data Attributes
data-plugin_namecontenteditable
REST Endpoints
/wp-admin/admin-ajax.php
FAQ

Frequently Asked Questions about Additional Plugins Descriptions