Does Hook Injector have any unpatched vulnerabilities?

No. All known vulnerabilities in Hook Injector have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Hook Injector compatible with WordPress 6.9.4?

According to WordPress.org data, Hook Injector 1.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Hook Injector compatible with PHP 7.4+?

Hook Injector requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Hook Injector updated?

Hook Injector was last updated on Feb 25, 2026. Frequent updates are generally a positive security signal.

What is Hook Injector's security score?

Hook Injector has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Hook Injector Security & Risk Analysis

wordpress.org/plugins/hook-injector

Inject custom Gutenberg blocks without writing code.

0 active installs v1.0.0 PHP 7.4+ WP 6.0+ Updated Feb 25, 2026

content-injectiondevelopergutenberghooksvisual-hook

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Hook Injector Safe to Use in 2026?

Generally Safe

Score 100/100

Hook Injector has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "hook-injector" v1.0.0 plugin exhibits a strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the potential attack surface. Furthermore, the code signals demonstrate good security practices, with all SQL queries utilizing prepared statements and all output being properly escaped. The presence of capability checks for all identified outputs is also a positive indicator. The taint analysis shows no identified flows, including those with unsanitized paths, which is a very encouraging sign of secure coding.

The vulnerability history is equally positive, with no known CVEs recorded for this plugin. This suggests a history of secure development or a lack of previous security scrutiny. However, it's important to note that a clean vulnerability history alone does not guarantee future security, especially for plugins with minimal detected entry points.

In conclusion, "hook-injector" v1.0.0 appears to be a well-developed and secure plugin. The lack of any identified risks in the static analysis and vulnerability history, combined with the implementation of good coding practices, makes it a low-risk plugin at this time. The primary weakness, if any, is the extremely limited attack surface, which while secure, also means very little can be definitively assessed about its broader security capabilities beyond what's explicitly analyzed. Future versions should continue to adhere to these security standards.

Vulnerabilities

None known

Hook Injector Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Hook Injector Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped3 total outputs

Attack Surface

Hook Injector Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

actionplugins_loadedhook-injector.php:49

actioninitincludes\Core\Plugin.php:24

actionenqueue_block_editor_assetsincludes\Core\Plugin.php:25

actionwpincludes\Frontend\Injector.php:7

Maintenance & Trust

Hook Injector Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 25, 2026

PHP min version7.4

Downloads74

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

Hook Injector Alternatives

Debug This

debug-this

100

Peek under the hood with sixty debugging reports just one click away.

2K No CVEs

System Dashboard

system-dashboard

Central dashboard to monitor various WordPress components, processes and data, including the server.

1K 11 CVEs

Visual Hook Guide for Kadence

visual-hook-guide-for-kadence

Find Kadence action hooks quickly and easily by seeing their actual locations inside your Kadence theme.

500 No CVEs

Block Catalog

block-catalog

100

Keep track of which Gutenberg Blocks are used across your site.

100 No CVEs

BlockX

blockx

Elevate your Gutenberg Block development experience.

30 No CVEs

Developer Profile

Hook Injector Developer Profile

dharmilkumar

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Hook Injector

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/hook-injector/build/index.asset.php/wp-content/plugins/hook-injector/build/index.js

Script Paths

/wp-content/plugins/hook-injector/build/index.js

Version Parameters

hook_injector-editorhook-injector/build/index.js?ver=

HTML / DOM Fingerprints

REST Endpoints

/wp-json/wp/v2/hook_injector

FAQ