Does Envo Companion have any unpatched vulnerabilities?

No. All known vulnerabilities in Envo Companion have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Envo Companion compatible with WordPress 6.6.5?

According to WordPress.org data, Envo Companion 0.0.7 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is Envo Companion compatible with PHP 5.0+?

Envo Companion requires PHP 5.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Envo Companion updated?

Envo Companion was last updated on Oct 6, 2025. Frequent updates are generally a positive security signal.

What is Envo Companion's security score?

Envo Companion has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Envo Companion Security & Risk Analysis

wordpress.org/plugins/envo-companion

Envo Companion is a companion plugin for Webenvo themes.

200 active installs v0.0.7 PHP 5.0+ WP 4.0+ Updated Oct 6, 2025

adminfeaturedfrontpagetheme-pagewidgets

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Envo Companion Safe to Use in 2026?

Generally Safe

Score 100/100

Envo Companion has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The static analysis of envo-companion v0.0.7 reveals a generally strong security posture. The plugin demonstrates excellent adherence to secure coding practices, with no identified dangerous functions, file operations, or external HTTP requests. Crucially, all SQL queries are properly prepared, and a very high percentage of output is correctly escaped, significantly mitigating risks of SQL injection and cross-site scripting (XSS). The absence of any recorded vulnerabilities, including CVEs of any severity, further supports this positive assessment. The plugin also appears to have a minimal attack surface with no identifiable entry points like AJAX handlers, REST API routes, or shortcodes, and importantly, no untainted taint flows were detected. The lack of nonce checks and capability checks on the identified entry points (albeit zero) is a minor concern, but given the complete absence of these entry points in this version, the immediate risk is negligible. Overall, the plugin is well-coded from a security perspective, with its primary strengths being robust output escaping, secure SQL practices, and a clean vulnerability history. The lack of any discovered entry points is a significant positive, but the oversight in capability checks on the *potential* for entry points, however small, could be a future risk if functionality is added without proper security considerations.

Key Concerns

No capability checks on entry points
No nonce checks on entry points

Vulnerabilities

None known

Envo Companion Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Envo Companion Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

236 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

98% escaped242 total outputs

Attack Surface

Envo Companion Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actioninitenvo-companion.php:51

filterocdi/import_filesinc\webenvo\demo-content\setup.php:37

actionocdi/after_importinc\webenvo\demo-content\setup.php:78

actionadmin_enqueue_scriptsinc\webenvo\demo-content\setup.php:94

filterocdi/plugin_page_setupinc\webenvo\demo-content\setup.php:108

filterocdi/register_pluginsinc\webenvo\demo-content\setup.php:125

filterocdi/time_for_one_ajax_callinc\webenvo\demo-content\setup.php:131

actionwebenvo_frontpageinc\webenvo\webenvo.php:41

Maintenance & Trust

Envo Companion Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedOct 6, 2025

PHP min version5.0

Downloads7K

Community Trust

Rating0/100

Number of ratings0

Active installs200

Alternatives

Envo Companion Alternatives

WPFrank Companion

wpfrank-companion

100

WPFrank Companion is a companion plugin for WP Frank themes.

2K No CVEs

Avantex Companion

avantex-companion

100

tested up to 6.8 License: GPLv3 or later License URI: http://www.gnu.org/licenses/gpl-3.0.html Avantex Companion is a companion plugin for Avantex the …

1K No CVEs

Marin Companion

marin-companion

100

Marin Companion is a companion plugin for Marin theme.

500 No CVEs

Daddy Plus

daddy-plus

100

Daddy Plus is a useful plugin for WordPress theme by Themes Daddy.

9K No CVEs

Desert Companion

desert-companion

100

Desert Companion Enhances Desert Themes with additional functionality.

20K No CVEs

Developer Profile

Envo Companion Developer Profile

A WP Life

61 plugins · 64K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

267 days

View full developer profile

Detection Fingerprints

How We Detect Envo Companion

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/envo-companion/inc/webenvo/demo-content/webenvo/webenvo.xml/wp-content/plugins/envo-companion/inc/webenvo/demo-content/webenvo/webenvo.wie/wp-content/plugins/envo-companion/inc/webenvo/demo-content/webenvo/webenvo.dat/wp-content/plugins/envo-companion/inc/webenvo/img/demo-screenshots/webenvo.png/wp-content/plugins/envo-companion/inc/webenvo/img/demo-screenshots/webenvo-pro.webp

HTML / DOM Fingerprints

CSS Classes

webenvo-starter-sitesocdi__gl-itemocdi__gl-item-buttonsocdi__theme-aboutocdi__intro-textocdi__gl-item-image-containerwebenvo-starter-sites-admin-page

HTML Comments

+34 more

FAQ