Does Expenses Book Plugin for WordPress have any unpatched vulnerabilities?

No. All known vulnerabilities in Expenses Book Plugin for WordPress have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Expenses Book Plugin for WordPress compatible with WordPress 6.8.5?

According to WordPress.org data, Expenses Book Plugin for WordPress 1.1.3 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is Expenses Book Plugin for WordPress updated?

Expenses Book Plugin for WordPress was last updated on May 16, 2025. Frequent updates are generally a positive security signal.

What is Expenses Book Plugin for WordPress's security score?

Expenses Book Plugin for WordPress has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Expenses Book Plugin for WordPress Security Review

Safety Verdict

Is Expenses Book Plugin for WordPress Safe to Use in 2026?

Generally Safe

Score 100/100

Expenses Book Plugin for WordPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago

Risk Assessment

The 'expenses-book' plugin version 1.1.3 exhibits a mixed security posture. On the positive side, there are no recorded vulnerabilities (CVEs) and a strong adherence to secure coding practices, with 91% of outputs properly escaped and a significant majority of SQL queries utilizing prepared statements. The absence of external HTTP requests and bundled libraries is also reassuring. However, the static analysis reveals potential areas of concern. The presence of the 'system' dangerous function warrants investigation, as its misuse can lead to arbitrary code execution. Furthermore, three flows with unsanitized paths and one high-severity taint flow indicate potential vulnerabilities that could be exploited if not properly handled. While the current version shows no unpatched vulnerabilities, the identified code signals suggest a need for continued vigilance and thorough security testing.

Key Concerns

Presence of dangerous function 'system'
Flows with unsanitized paths identified
High severity taint flow identified

Vulnerabilities

None known

Expenses Book Plugin for WordPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Expenses Book Plugin for WordPress Code Analysis

Dangerous Functions

1

Raw SQL Queries

75

164 prepared

Unescaped Output

124

1298 escaped

Nonce Checks

57

Capability Checks

0

File Operations

1

External Requests

0

Bundled Libraries

0

Dangerous Functions Found

systemsystem($backupdetails, $myoutput);expenseszyx987_importer.php:6255

SQL Query Safety

69% prepared239 total queries

Output Escaping

91% escaped1422 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

17 flows3 with unsanitized paths

<expenseszyx987_admin> (expenseszyx987_admin.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Expenses Book Plugin for WordPress Attack Surface

Entry Points27

Unprotected0

AJAX Handlers 27

authwp_ajax_expenseszyx987_getExpensesexpenseszyx987_importer.php:1546

authwp_ajax_expenseszyx987_saveTypecategoryexpenseszyx987_importer.php:1806

authwp_ajax_expenseszyx987_saveTypeexpenseszyx987_importer.php:2003

authwp_ajax_expenseszyx987_saveRoleexpenseszyx987_importer.php:2189

authwp_ajax_expenseszyx987_getUsertypesexpenseszyx987_importer.php:2354

authwp_ajax_expenseszyx987_saveUserexpenseszyx987_importer.php:2675

authwp_ajax_expenseszyx987_getUsersexpenseszyx987_importer.php:2879

authwp_ajax_expenseszyx987_saveTaxexpenseszyx987_importer.php:3515

authwp_ajax_expenseszyx987_saveCurrencyexpenseszyx987_importer.php:3720

authwp_ajax_expenseszyx987_saveCustomertypeexpenseszyx987_importer.php:3837

authwp_ajax_expenseszyx987_saveCustomerexpenseszyx987_importer.php:3942

authwp_ajax_expenseszyx987_saveRecurringpaymentfrequencyexpenseszyx987_importer.php:4056

authwp_ajax_expenseszyx987_saveDepartmentexpenseszyx987_importer.php:4161

authwp_ajax_expenseszyx987_editConstantvalueexpenseszyx987_importer.php:4266

authwp_ajax_expenseszyx987_getExpensedetailsexpenseszyx987_importer.php:4358

authwp_ajax_expenseszyx987_getTypecategoriesexpenseszyx987_importer.php:4491

authwp_ajax_expenseszyx987_getTypesexpenseszyx987_importer.php:4599

authwp_ajax_expenseszyx987_getRolesexpenseszyx987_importer.php:4707

authwp_ajax_expenseszyx987_getTaxesexpenseszyx987_importer.php:4815

authwp_ajax_expenseszyx987_getCurrenciesexpenseszyx987_importer.php:4920

authwp_ajax_expenseszyx987_getCustomertypesexpenseszyx987_importer.php:5025

authwp_ajax_expenseszyx987_getRecurringpaymentfrequenciesexpenseszyx987_importer.php:5133

authwp_ajax_expenseszyx987_getCustomersexpenseszyx987_importer.php:5241

authwp_ajax_expenseszyx987_getDepartmentsexpenseszyx987_importer.php:5355

authwp_ajax_expenseszyx987_getConstantsexpenseszyx987_importer.php:5463

authwp_ajax_expenseszyx987_getLogsexpenseszyx987_importer.php:5527

authwp_ajax_expenseszyx987_deleteExpenseexpenseszyx987_importer.php:6614

WordPress Hooks 11

actionadmin_menuexpenseszyx987_importer.php:1122

actioninitexpenseszyx987_importer.php:1141

actionexpenseszyx987_cron_dbbackup_hookexpenseszyx987_importer.php:6234

filtercron_schedulesexpenseszyx987_importer.php:6275

filtercron_schedulesexpenseszyx987_importer.php:6285

filtercron_schedulesexpenseszyx987_importer.php:6295

filtercron_schedulesexpenseszyx987_importer.php:6305

filterpre_get_document_titleexpenseszyx987_landingpage.php:796

filterpre_get_document_titleexpenseszyx987_landingpage.php:831

actionwp_enqueue_scriptsexpenseszyx987_landingpage.php:1081

actionwp_enqueue_scriptsexpenseszyx987_masterpage.php:46

Scheduled Events 1

expenseszyx987_cron_dbbackup_hook

Maintenance & Trust

Expenses Book Plugin for WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMay 16, 2025

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

Expenses Book Plugin for WordPress Alternatives

GiveWP – Donation Plugin and Fundraising Platform

give

B

76

Accept donations and begin fundraising with GiveWP, the highest rated WordPress donation plugin for online giving.

100K 69 CVEs

underConstruction

underconstruction

B

82

Creates a 'Coming Soon' page that will show for all users who are not logged in

40K 5 CVEs

Force Login

wp-force-login

A

92

Force Login is a simple lightweight plugin that requires visitors to log in to interact with the website.

30K No CVEs

HurryTimer – An Scarcity and Urgency Countdown Timer for WordPress & WooCommerce

hurrytimer

A

95

Create unlimited urgency and scarcity countdown timers for WordPress and WooCommerce to boost conversions and sales instantly.

20K 5 CVEs

My Private Site

jonradio-private-site

A

99

Make your WordPress site private with one click for family, projects, or teams. Protection for content, login, and registration.

20K 2 CVEs

Developer Profile

Expenses Book Plugin for WordPress Developer Profile

v20202020

4 plugins · 10 total installs

89

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Expenses Book Plugin for WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/expenses-book/css/style.css/wp-content/plugins/expenses-book/js/script.js

Script Paths

/wp-content/plugins/expenses-book/js/script.js

Version Parameters

expenses-book/style.css?ver=expenses-book/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

wp_expenseszyx987_admin_page

HTML Comments

Data Attributes

data-expenses-book-id

JS Globals

wp_expenseszyx987_vars

Shortcode Output

[expenses-book-dashboard][expenses-book-report]

FAQ

Expenses Book Plugin for WordPress Security & Risk Analysis