WP-Safety

Hello Kushimoto Security & Risk Analysis

wordpress.org/plugins/hello-kushimoto

This is not just a plugin. When activated you will randomly see a Quotations of legendary engineer Mr. M in the upper right of your admin screen on ev …

10 active installs v2.10.0 PHP + WP 4.3+ Updated Dec 9, 2016
jokekushimotosamplewctokyo
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Hello Kushimoto Safe to Use in 2026?

Generally Safe

Score 85/100

Hello Kushimoto has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago
Risk Assessment

The plugin 'hello-kushimoto' v2.10.0 appears to have a very strong security posture based on the provided static analysis. The absence of any identified attack surface entry points that are not protected by authentication checks, along with 100% proper output escaping and the use of prepared statements for all SQL queries, are excellent indicators of good security practices. Furthermore, the zero recorded vulnerabilities in its history, across all severities and types, suggest a well-maintained and secure codebase over time. The plugin also shows good practices by not using dangerous functions, performing file operations, or making external HTTP requests, and its single capability check is a positive sign of controlled access.

Vulnerabilities
None known

Hello Kushimoto Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Hello Kushimoto Release Timeline

v2.10.0Current
v2.9.1
v2.9.0
v2.8.2
v2.8.1
v2.8.0
v2.7.0
v2.6.0
v2.5.1
v2.4.1
v2.4.0
v2.3.0
v2.2.2
v2.2.1
v2.2.0
v2.1.12
v2.1.11
v2.1.10
v2.1.9
v2.1.8
Code Analysis
Analyzed Mar 17, 2026

Hello Kushimoto Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
27 escaped
Nonce Checks
0
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped27 total outputs
Attack Surface

Hello Kushimoto Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 7
actionwp_loadedhello-kushimoto.php:54
actionadmin_enqueue_scriptssrc\class-hello-kushimoto-admin-notices.php:20
actionadmin_noticessrc\class-hello-kushimoto-admin-notices.php:21
actionwp_dashboard_setupsrc\class-hello-kushimoto-dashboard-widget.php:16
actionadmin_enqueue_scriptssrc\class-hello-kushimoto-dashboard-widget.php:17
actionadmin_menusrc\class-hello-kushimoto-option-page.php:49
actionadmin_initsrc\class-hello-kushimoto-option-page.php:50
Maintenance & Trust

Hello Kushimoto Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.33
Last updatedDec 9, 2016
PHP min version
Downloads2K

Community Trust

Rating96/100
Number of ratings6
Active installs10
Alternatives

Hello Kushimoto Alternatives

MWW Disclaimer Buttons

MWW Disclaimer Buttons

mww-disclaimer-buttons

A
98

The FTC requires that you put disclosures at the top of your post if you were compensated in any way (affiliate links, free products, or payment).

500 2 CVEs
Content Randomizer

Content Randomizer

content-randomizer

A
85

This plugin allows you to add texts, images, videos and display them in a random order or slideshow.

200 No CVEs
Free Product for WooCommerce

Free Product for WooCommerce

free-product-for-woocommerce

A
92

Display FREE if WooCommerce Product Price is Zero or Empty.

200 No CVEs
Free Product Sample for WooCommerce

Free Product Sample for WooCommerce

woo-free-product-sample

A
100

The easy way to handle free product sample for WooCommerce. Promote your business in minutes!

200 No CVEs
Free Product Samples for WooCommerce – Try Before You Buy, Request Samples by Mail

Free Product Samples for WooCommerce – Try Before You Buy, Request Samples by Mail

free-product-sample

A
100

Advanced Product Sample for WooCommerce does one thing, and it does it well. It lets you order product as a product sample.

100 No CVEs
Developer Profile

Hello Kushimoto Developer Profile

Toro_Unit (Hiroshi Urabe)

23 plugins · 216K total installs

85
trust score
Avg Security Score
87/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Hello Kushimoto

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/hello-kushimoto/assets/styles/hello-kushimoto-admin-notices.css/wp-content/plugins/hello-kushimoto/assets/styles/hello-kushimoto-admin-notices-rtl.css/wp-content/plugins/hello-kushimoto/assets/styles/dashboard-widget.css
Version Parameters
hello-kushimoto-admin-noticeshello-kushimoto-admin-notices-rtlhello-kushimoto-dashboard-widget

HTML / DOM Fingerprints

CSS Classes
hello-kushimotospeaker-hello-kushimoto-dashboard-widgethello-kushimoto-dashboard-widget-avatarhello-kushimoto-dashboard-widget-message
Shortcode Output
<strong>
FAQ

Frequently Asked Questions about Hello Kushimoto