Does BF WPO Dequeuer have any unpatched vulnerabilities?

No. All known vulnerabilities in BF WPO Dequeuer have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is BF WPO Dequeuer compatible with WordPress 5.6.17?

According to WordPress.org data, BF WPO Dequeuer 1.1.4 has been tested up to WordPress 5.6.17. Check the plugin's changelog for the latest compatibility information.

Is BF WPO Dequeuer compatible with PHP 7.1+?

BF WPO Dequeuer requires PHP 7.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is BF WPO Dequeuer updated?

BF WPO Dequeuer was last updated on Nov 24, 2020. Frequent updates are generally a positive security signal.

What is BF WPO Dequeuer's security score?

BF WPO Dequeuer has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

BF WPO Dequeuer Security & Risk Analysis

wordpress.org/plugins/bf-wpo-dequeuer

Dequeue scripts and styles from your site's queue.

10 active installs v1.1.4 PHP 7.1+ WP 5.0+ Updated Nov 24, 2020

optimizationtestingwpo

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is BF WPO Dequeuer Safe to Use in 2026?

Generally Safe

Score 85/100

BF WPO Dequeuer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The "bf-wpo-dequeuer" plugin version 1.1.4 presents a generally strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's attack surface. Furthermore, the code shows good practices with 100% of SQL queries utilizing prepared statements and a high percentage of output being properly escaped. The lack of file operations and external HTTP requests also reduces potential attack vectors.

Concerns, however, arise from the complete absence of nonce checks. While there are two capability checks, the reliance solely on these for any authorization could be a weakness. The fact that taint analysis found no issues and there is no known vulnerability history is positive, suggesting a potentially well-maintained codebase. However, the lack of explicit authorization on any potential entry points (even if none are currently present) is a notable omission. Without nonce checks, if new entry points were added in future versions without proper authorization, it could introduce vulnerabilities.

In conclusion, the current version of "bf-wpo-dequeuer" appears to be very secure due to its minimal attack surface and good internal coding practices. The primary area for improvement is the implementation of nonce checks, which is a fundamental WordPress security practice that is currently missing. This omission, while not immediately exploitable given the current attack surface, represents a potential future risk if the plugin evolves.

Key Concerns

Missing nonce checks

Vulnerabilities

None known

BF WPO Dequeuer Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

BF WPO Dequeuer Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

27 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

77% escaped35 total outputs

Attack Surface

BF WPO Dequeuer Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actionadmin_menuadmin\class-bf-wpo-admin.php:19

actionadmin_initadmin\class-bf-wpo-admin.php:28

actionadmin_enqueue_scriptsinc\class-bf-wpo-dequeuer.php:37

actionadd_meta_boxesinc\class-bf-wpo-dequeuer.php:38

actionwp_print_stylesinc\class-bf-wpo-runner.php:16

actionwp_print_scriptsinc\class-bf-wpo-runner.php:17

actionwp_footerinc\class-bf-wpo-runner.php:20

actionwp_footerinc\class-bf-wpo-runner.php:23

Maintenance & Trust

BF WPO Dequeuer Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17

Last updatedNov 24, 2020

PHP min version7.1

Downloads1K

Community Trust

Rating100/100

Number of ratings3

Active installs10

Alternatives

BF WPO Dequeuer Alternatives

Visual Website Optimizer

visual-web-optimizer

100

VWO is the all-in-one platform that helps you conduct visitor research, build an optimization roadmap, and run continuous experimentation.

5K No CVEs

Nelio A/B Testing – AB Tests and Heatmaps for Better Conversion Optimization

nelio-ab-testing

A/B Testing, conversion rate optimization, and beautiful Heatmaps with AI Assistance.

4K 7 CVEs

Convert Experiences

convert-experiments

100

Convert Experiences provides advanced A/B and MVT Testing functionality for your website or blog.

100 No CVEs

Sigmize: A/B Testing, Session Recordings, Heatmaps & Revenue Tracking for WooCommerce, SureCart & EDD

sigmize

Powerful A/B testing for WordPress with heatmaps, session replays, and e-commerce tracking for WooCommerce, SureCart, and EDD.

100 1 CVE

ABtesting.ai – Landing Page Optimization

abtesting-ai

Automate your landing page A/B testing by using AI.

30 No CVEs

Developer Profile

BF WPO Dequeuer Developer Profile

DarioBF

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect BF WPO Dequeuer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bf-wpo-dequeuer/admin/js/settings.js

Script Paths