WP-Safety

Drug Half-Life Calculator Security & Risk Analysis

wordpress.org/plugins/drugsdb-half-life-calculator

A simple calculator to get the known half-life for medications you're taking.

10 active installs v1.1 PHP + WP 2.8+ Updated Jan 1, 2013
calculatordrugshalf-lifeprescriptionwidget
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Drug Half-Life Calculator Safe to Use in 2026?

Generally Safe

Score 85/100

Drug Half-Life Calculator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 13yr ago
Risk Assessment

The drugsdb-half-life-calculator plugin, version 1.1, exhibits a mixed security posture. On the positive side, it demonstrates good practices regarding database interactions, with 100% of SQL queries utilizing prepared statements and no file operations or external HTTP requests detected. Furthermore, there is no known vulnerability history, suggesting a generally stable and well-maintained codebase. However, significant concerns arise from the static analysis. The presence of the dangerous `create_function` function three times indicates potential for code injection if user-supplied data can influence its execution. Additionally, only 25% of output is properly escaped, leaving room for cross-site scripting (XSS) vulnerabilities. The lack of nonce checks and capability checks on the single shortcode entry point is a critical oversight, potentially allowing unauthorized execution of plugin functionality. While the attack surface is small (only one shortcode), its lack of robust security checks is concerning. Overall, while the absence of known CVEs and the use of prepared statements are strengths, the identified code signals related to `create_function` and inadequate output escaping, coupled with a lack of input validation on the shortcode, present tangible security risks that require attention.

Key Concerns

  • Use of dangerous function create_function
  • Insufficient output escaping (75% unescaped)
  • Missing nonce checks on entry point
  • Missing capability checks on entry point
Vulnerabilities
None known

Drug Half-Life Calculator Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Drug Half-Life Calculator Release Timeline

v1.1Current
v1.0
Code Analysis
Analyzed Apr 16, 2026

Drug Half-Life Calculator Code Analysis

Dangerous Functions
3
Raw SQL Queries
0
0 prepared
Unescaped Output
3
1 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

create_functionadd_action( 'widgets_init', create_function( '', 'register_widget("drugsdbHalfLife" );' ) ); // regidrugsdb-half-life-calculator.php:136
create_functionadd_action( 'wp_enqueue_scripts', create_function( '', 'wp_enqueue_script( "drugsdbHalfLife-sidebar"drugsdb-half-life-calculator.php:137
create_functionadd_action( 'wp_enqueue_scripts', create_function( '', 'wp_enqueue_script( "drugsdbHalfLife-shortcoddrugsdb-half-life-calculator.php:138

Output Escaping

25% escaped4 total outputs
Attack Surface

Drug Half-Life Calculator Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[halflife] drugsdb-half-life-calculator.php:140
WordPress Hooks 3
actionwidgets_initdrugsdb-half-life-calculator.php:136
actionwp_enqueue_scriptsdrugsdb-half-life-calculator.php:137
actionwp_enqueue_scriptsdrugsdb-half-life-calculator.php:138
Maintenance & Trust

Drug Half-Life Calculator Maintenance & Trust

Maintenance Signals

WordPress version tested3.5.2
Last updatedJan 1, 2013
PHP min version
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Drug Half-Life Calculator Alternatives

CC BMI Calculator

CC BMI Calculator

cc-bmi-calculator

A
99

Add a free simple customizable BMI Calculator to your web site.

800 2 CVEs
Calculator

Calculator

calculator

A
85

Adds a widget that display a simple calculator.

100 No CVEs
CC Canadian Mortgage Calculator

CC Canadian Mortgage Calculator

cc-canadian-mortgage-calculator

A
99

Add a free simple customizable Canadian mortgage calculator to your web site.

100 1 CVE
Elemental Calculator

Elemental Calculator

elemental-calculator

A
92

Insert a simple calculator in your WordPress website with a widget or the shortcode [elemental_calculator].

100 No CVEs
EMI Calculator

EMI Calculator

os-emi-calculator

A
85

Use EMI calculator as shortcode in post content or widget area without editing your theme files

100 No CVEs
Developer Profile

Drug Half-Life Calculator Developer Profile

Luke Mlsna

12 plugins · 12K total installs

81
trust score
Avg Security Score
81/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Drug Half-Life Calculator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/drugsdb-half-life-calc/drugsdb-half-life-calc-sidebar.js/wp-content/plugins/drugsdb-half-life-calc/drugsdb-half-life-calc-shortcode.js

HTML / DOM Fingerprints

CSS Classes
drugsdb-unitsdbdrugs-attributiondrugsdb-result
HTML Comments
<!-- Title --><!-- attrib --><!--<span id="dbdrugs-attribution" class="dbdrugs-attribution" style="font-size:0.9em;">Find the known half-life for your medication at <a href="http://www.drugsdb.com">Drugsdb.com</a></span>-->
Data Attributes
drugsdbHide()drugsdbHideSidebar()drugsdbHideShortcode()drugsdbSubmitCustomSidebar()drugsdbSubmitCustomShortcode()
Shortcode Output
<div style="max-width: 300px; border: 1px solid #000; padding: 5px; margin:5 px;">
FAQ

Frequently Asked Questions about Drug Half-Life Calculator