Does DebugPress: Debugger in Popup have any unpatched vulnerabilities?

No. All known vulnerabilities in DebugPress: Debugger in Popup have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is DebugPress: Debugger in Popup compatible with WordPress 6.8.5?

According to WordPress.org data, DebugPress: Debugger in Popup 4.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is DebugPress: Debugger in Popup compatible with PHP 7.4+?

DebugPress: Debugger in Popup requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is DebugPress: Debugger in Popup updated?

DebugPress: Debugger in Popup was last updated on Sep 29, 2025. Frequent updates are generally a positive security signal.

What is DebugPress: Debugger in Popup's security score?

DebugPress: Debugger in Popup has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

DebugPress: Debugger in Popup Security & Risk Analysis

wordpress.org/plugins/debugpress

Easy-to-use plugin for debugging and profiling website loading, SQL queries analysis, help with development, bug fixing, all in configurable popup.

100 active installs v4.1 PHP 7.4+ WP 5.5+ Updated Sep 29, 2025

ajax-monitordebuggingdev4pressdevelopmentquery-monitor

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is DebugPress: Debugger in Popup Safe to Use in 2026?

Generally Safe

Score 100/100

DebugPress: Debugger in Popup has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6mo ago

Risk Assessment

The "debugpress" v4.1 plugin exhibits a generally good security posture, with a limited attack surface and no recorded vulnerabilities. The static analysis indicates that all identified entry points, including AJAX handlers and REST API routes, are properly secured with authentication checks. The plugin also exclusively uses prepared statements for its SQL queries, which is a strong indicator of secure database interaction. Nonce and capability checks are present, further strengthening its defense mechanisms against common attack vectors.

Key Concerns

Dangerous function: unserialize present
Unescaped output is below recommended threshold

Vulnerabilities

None known

DebugPress: Debugger in Popup Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

DebugPress: Debugger in Popup Code Analysis

Dangerous Functions

Raw SQL Queries

7 prepared

Unescaped Output

109

130 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$this->{$key} = unserialize( serialize( $val ) ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFuncticore\main\Wrap.php:23

SQL Query Safety

100% prepared7 total queries

Output Escaping

54% escaped239 total outputs

Attack Surface

DebugPress: Debugger in Popup Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_debugpress_load_debuglogcore\main\AJAX.php:13

noprivwp_ajax_debugpress_load_debuglogcore\main\AJAX.php:14

WordPress Hooks 52

actionadmin_menucore\admin\Plugin.php:13

actionadmin_initcore\admin\Plugin.php:14

actionadmin_enqueue_scriptscore\admin\Plugin.php:15

filternetwork_admin_plugin_action_links_debugpress/debugpress.phpcore\admin\Plugin.php:17

filterplugin_action_links_debugpress/debugpress.phpcore\admin\Plugin.php:21

filterplugin_row_metacore\admin\Plugin.php:26

actionadmin_bar_menucore\display\Loader.php:29

actionadmin_enqueue_scriptscore\display\Loader.php:33

actionwp_enqueue_scriptscore\display\Loader.php:35

actionlogin_enqueue_scriptscore\display\Loader.php:36

actionadmin_footercore\display\Loader.php:45

actionwp_footercore\display\Loader.php:47

actionlogin_footercore\display\Loader.php:48

actionshutdowncore\display\Loader.php:64

actionshutdowncore\display\Loader.php:67

actionrest_api_initcore\main\Plugin.php:84

actionplugins_loadedcore\main\Plugin.php:85

actionplugins_loadedcore\main\Plugin.php:86

actioninitcore\main\Plugin.php:87

actionadmin_enqueue_scriptscore\main\Plugin.php:90

filtergform_noconflict_scriptscore\main\Plugin.php:91

filtergform_noconflict_stylescore\main\Plugin.php:92

actionwpcore\main\Plugin.php:94

actionlogin_initcore\main\Plugin.php:95

actionadmin_enqueue_scriptscore\main\Plugin.php:345

actionwp_enqueue_scriptscore\main\Plugin.php:347

actionlogin_enqueue_scriptscore\main\Plugin.php:348

actiondebugpress-tracker-getting-readycore\track\AJAX.php:15

actionshutdowncore\track\AJAX.php:17

actionsend_headerscore\track\AJAX.php:46

actiondoing_it_wrong_runcore\track\Tracker.php:120

filterdoing_it_wrong_trigger_errorcore\track\Tracker.php:122

actiondeprecated_function_runcore\track\Tracker.php:126

actiondeprecated_constructor_runcore\track\Tracker.php:127

actiondeprecated_file_includedcore\track\Tracker.php:128

actiondeprecated_argument_runcore\track\Tracker.php:129

actiondeprecated_hook_runcore\track\Tracker.php:130

filterdeprecated_function_trigger_errorcore\track\Tracker.php:132

filterdeprecated_constructor_trigger_errorcore\track\Tracker.php:133

filterdeprecated_file_trigger_errorcore\track\Tracker.php:134

filterdeprecated_argument_trigger_errorcore\track\Tracker.php:135

filterdeprecated_hook_runcore\track\Tracker.php:136

actionplugins_loadedcore\track\Tracker.php:143

filterhttp_request_argscore\track\Tracker.php:151

filterpre_http_requestcore\track\Tracker.php:152

actionhttp_api_debugcore\track\Tracker.php:153

actionrequests-curl.before_requestcore\track\Tracker.php:155

actionrequests-curl.after_requestcore\track\Tracker.php:156

actionrequests-fsockopen.before_requestcore\track\Tracker.php:157

actionrequests-fsockopen.after_requestcore\track\Tracker.php:158

actionadmin_footercore\track\Tracker.php:161

actionwp_footercore\track\Tracker.php:163

Maintenance & Trust

DebugPress: Debugger in Popup Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedSep 29, 2025

PHP min version7.4

Downloads15K

Community Trust

Rating100/100

Number of ratings5

Active installs100

Alternatives

DebugPress: Debugger in Popup Alternatives

Query Monitor – The developer tools panel for WordPress

query-monitor

100

Query Monitor is the developer tools panel for WordPress and WooCommerce.

200K No CVEs

WP PHP Console

wp-php-console

An implementation of PHP Console as a WordPress plugin. Use Chrome Dev Tools to debug your WordPress installation!

600 No CVEs

Ray

spatie-ray

100

Easily debug WordPress sites using Ray.

500 No CVEs

Where Am I

whereami

Adds a HTML comment in the head on the front-end with current server name and address. Description = Where Am I is a tiny WordPress plugin which ad …

40 No CVEs

Apermo Xdebug

apermo-xdebug

This plugin helps developers that use Xdebug.

10 No CVEs

Developer Profile

DebugPress: Debugger in Popup Developer Profile

Milan Petrovic

17 plugins · 12K total installs

trust score

Avg Security Score

94/100

Avg Patch Time

1235 days

View full developer profile

Detection Fingerprints

How We Detect DebugPress: Debugger in Popup

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/debugpress/css/adminpanel.css/wp-content/plugins/debugpress/css/adminpanel.min.css/wp-content/plugins/debugpress/js/adminpanel.js/wp-content/plugins/debugpress/js/adminpanel.min.js

Script Paths

/wp-content/plugins/debugpress/js/adminpanel.js/wp-content/plugins/debugpress/js/adminpanel.min.js

Version Parameters

debugpress/css/adminpanel.css?ver=debugpress/js/adminpanel.js?ver=

HTML / DOM Fingerprints

HTML Comments

FAQ