Does Comparisons have any unpatched vulnerabilities?

No. All known vulnerabilities in Comparisons have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Comparisons compatible with WordPress 6.9.4?

According to WordPress.org data, Comparisons 1.5 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Comparisons compatible with PHP 7.0+?

Comparisons requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Comparisons updated?

Comparisons was last updated on Jan 5, 2026. Frequent updates are generally a positive security signal.

What is Comparisons's security score?

Comparisons has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Comparisons Security & Risk Analysis

wordpress.org/plugins/comparisons

A simple way to compare things. Just one shortcode but hundreds of options.

50 active installs v1.5 PHP 7.0+ WP 6.0+ Updated Jan 5, 2026

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Comparisons Safe to Use in 2026?

Generally Safe

Score 100/100

Comparisons has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The "comparisons" plugin v1.5 exhibits a generally strong security posture based on the provided static analysis. The complete absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests is a significant strength. The high percentage of properly escaped output and the presence of nonce checks further contribute to a robust defense against common web vulnerabilities. The zero known CVEs and the lack of any recorded vulnerabilities in its history suggest a well-maintained and secure plugin.

However, a notable concern arises from the complete lack of capability checks. While nonce checks are present, this omission means that any user, regardless of their WordPress role or permissions, could potentially interact with the plugin's functionality. This broad accessibility, particularly through its single shortcode entry point, could be exploited if the shortcode itself handles sensitive data or actions that should be permission-gated. This is the primary area for improvement, as it represents a potential for privilege escalation or unauthorized data access.

In conclusion, the "comparisons" plugin v1.5 is commendably secure in many aspects, demonstrating good development practices. The primary weakness lies in the absence of capability checks, which, while not directly indicated as exploited vulnerabilities, presents a theoretical attack vector that should be addressed to achieve a more comprehensive security model.

Key Concerns

Missing capability checks

Vulnerabilities

None known

Comparisons Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Comparisons Release Timeline

v1.5Current

v1.4

v1.3

v1.2

v1.1

v1.0

Code Analysis

Analyzed Mar 16, 2026

Comparisons Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

284 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

87% escaped326 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

comparisons_data (settings.php:57)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Comparisons Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[comparisons] comparisons.php:27

WordPress Hooks 5

actionwp_enqueue_scriptscomparisons.php:24

actioninitcomparisons.php:25

filterplugin_action_linkscomparisons.php:26

actionadmin_menusettings.php:1246

actionadmin_enqueue_scriptssettings.php:1247

Maintenance & Trust

Comparisons Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 5, 2026

PHP min version7.0

Downloads67K

Community Trust

Rating0/100

Number of ratings0

Active installs50

Alternatives

Comparisons Alternatives

No alternatives data available yet.

Developer Profile

Comparisons Developer Profile

Graham

5 plugins · 2K total installs

trust score

Avg Security Score

88/100

Avg Patch Time

154 days

View full developer profile

Detection Fingerprints

How We Detect Comparisons

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/comparisons/css/comparisons.css/wp-content/plugins/comparisons/js/comparisons.js

Script Paths

/wp-content/plugins/comparisons/js/comparisons.js

Version Parameters

comparisons/css/comparisons.css?ver=comparisons/js/comparisons.js?ver=

HTML / DOM Fingerprints

CSS Classes

comparisons_slidercompany_boxcomparisons__handlecomparisons__filloutput-labelcompany_applycomparisons_form

Data Attributes

sc_rates

JS Globals