Does Asset Finder have any unpatched vulnerabilities?

No. All known vulnerabilities in Asset Finder have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Asset Finder compatible with WordPress 4.9.29?

According to WordPress.org data, Asset Finder 1.0.0 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

Is Asset Finder compatible with PHP 5.2.4+?

Asset Finder requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Asset Finder updated?

Asset Finder was last updated on Aug 27, 2018. Frequent updates are generally a positive security signal.

What is Asset Finder's security score?

Asset Finder has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Asset Finder Security & Risk Analysis

wordpress.org/plugins/asset-finder

Finds and allows late-loading and removal of the scripts and styles enqueued on your website.

0 active installs v1.0.0 PHP 5.2.4+ WP 4.6+ Updated Aug 27, 2018

enqueuescriptsstyles

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Asset Finder Safe to Use in 2026?

Generally Safe

Score 85/100

Asset Finder has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago

Risk Assessment

Based on the provided static analysis and vulnerability history, the "asset-finder" v1.0.0 plugin exhibits a strong security posture. The absence of any identified attack surface points, dangerous functions, direct SQL queries, or taint flows suggests that the plugin is well-developed with security best practices in mind. The plugin also has no recorded vulnerabilities or CVEs, which indicates a history of stable and secure operation.

While the plugin demonstrates good security practices in its current version, there are a few minor areas for attention. A portion of the output is not properly escaped, which could theoretically lead to cross-site scripting (XSS) vulnerabilities if malicious data were to be processed and displayed. However, given the lack of any identified entry points or sensitive operations, the immediate risk from this is low. The complete lack of nonce and capability checks, while not a direct issue in this version due to the absence of exploitable entry points, represents a potential future risk if new features are added without proper security considerations.

In conclusion, "asset-finder" v1.0.0 appears to be a secure plugin with no known vulnerabilities or significant security flaws identified in the provided analysis. The lack of an attack surface and reliance on prepared statements are significant strengths. The minor concern regarding unescaped output is mitigated by the current lack of exploitable pathways. Future development should focus on maintaining this secure approach and implementing proper checks if new features introduce potential attack vectors.

Key Concerns

Some output not properly escaped

Vulnerabilities

None known

Asset Finder Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Asset Finder Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

10 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

83% escaped12 total outputs

Attack Surface

Asset Finder Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actionwp_headclasses\AssetCollector.php:17

actionwp_enqueue_scriptsclasses\AssetCollector.php:85

actionwp_print_stylesclasses\DisplayWeb.php:12

actionwp_footerclasses\DisplayWeb.php:13

actionwp_enqueue_scriptsclasses\DisplayWeb.php:14

actionadmin_initclasses\Settings.php:19

actionadmin_menuclasses\Settings.php:20

actionadmin_enqueue_scriptsclasses\Settings.php:21

Maintenance & Trust

Asset Finder Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedAug 27, 2018

PHP min version5.2.4

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Asset Finder Alternatives

Context Manager

context-manager

Make your site react to users' context by changing your theme's CSS and JavaScript files, navigation menus, sidebars and the HTML body tag.

20 No CVEs

Speed Up – JavaScript To Footer

speed-up-javascript-to-footer

Move all the possible JavaScript files from head to footer and improve page load times.

1K No CVEs

WC Speed Repair

wc-speed-drain-repair

100

Make WooCommerce sites BLAZING fast by disabling unused scripts and styles with one click toggles.

1K No CVEs

Speed Up – Clean WP

speed-up-clean-wp

Clean WP remove comment-reply.min.js and jquery-migrate.js scripts, disable "embeds" and "emoji" features and clean the head from …

300 No CVEs

Enhanced Header / Footer Injections

enhanced-header-footer-injections

Add code to the header and footer sections of your site on a page-per-page basis.

100 No CVEs

Developer Profile

Asset Finder Developer Profile

Charles Jaimet

2 plugins · 0 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Asset Finder

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/asset-finder/css/af_test.css/wp-content/plugins/asset-finder/js/af_test_head.js/wp-content/plugins/asset-finder/js/af_test_foot.js

Script Paths

/wp-content/plugins/asset-finder/js/web.js

Version Parameters

asset_finder_style_test?ver=asset_finder_script_head?ver=asset_finder_script_foot?ver=asset_finder_lateload?ver=

HTML / DOM Fingerprints

JS Globals

sendMessageaf_lateload

FAQ