Does Hostinger Tools have any unpatched vulnerabilities?

No. All known vulnerabilities in Hostinger Tools have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Hostinger Tools compatible with WordPress 6.9.4?

According to WordPress.org data, Hostinger Tools 3.0.59 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Hostinger Tools compatible with PHP 8.1+?

Hostinger Tools requires PHP 8.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Hostinger Tools updated?

Hostinger Tools was last updated on Mar 3, 2026. Frequent updates are generally a positive security signal.

What is Hostinger Tools's security score?

Hostinger Tools has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Hostinger Tools Security & Risk Analysis

wordpress.org/plugins/hostinger

Simplified WordPress management. Manage site info, maintenance, security, & redirects.

3.0M active installs v3.0.59 PHP 8.1+ WP 5.5+ Updated Mar 3, 2026

hostingerhttpsmaintenancesecuritytools

A · Safe

CVEs total1

Unpatched0

Last CVEJan 5, 2024

Plugin page Download

Safety Verdict

Is Hostinger Tools Safe to Use in 2026?

Generally Safe

Score 99/100

Hostinger Tools has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 5, 2024Updated 1mo ago

Risk Assessment

The Hostinger plugin v3.0.59 exhibits a generally strong security posture based on the static analysis. The absence of any attack surface (AJAX handlers, REST API routes, shortcodes, cron events) with unprotected entry points is a significant strength. The code also demonstrates good practices with 100% of SQL queries using prepared statements, a healthy percentage of output being properly escaped, and the presence of nonce and capability checks. The lack of file operations and dangerous functions further bolsters its security. However, the presence of one historical high-severity vulnerability, though currently patched, does indicate a past weakness that warrants attention. The single external HTTP request is a minor point of interest, but without further context, it's difficult to assess its risk. The lack of taint analysis results prevents a deeper understanding of potential data flow vulnerabilities.

Key Concerns

One historical high severity CVE
Only 79% of output properly escaped
Single external HTTP request

Vulnerabilities

Hostinger Tools Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

High

1 total CVE

CVE-2023-6751high · 7.3Missing Authorization

Hostinger <= 1.9.7 - Missing Authorization to Maintenance Mode Activation

Jan 5, 2024 Patched in 1.9.8 (207d)

Code Analysis

Analyzed Mar 16, 2026

Hostinger Tools Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

19 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

79% escaped24 total outputs

Attack Surface

Hostinger Tools Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 39

actionadmin_noticeshostinger.php:78

actionplugins_loadedhostinger.php:138

actionplugins_loadedhostinger.php:148

actionadmin_initincludes\Admin\Ajax.php:17

actionadmin_enqueue_scriptsincludes\Admin\Assets.php:42

actionadmin_enqueue_scriptsincludes\Admin\Assets.php:43

actionadmin_enqueue_scriptsincludes\Admin\Assets.php:46

actionadmin_footerincludes\Admin\Hooks.php:24

filterwp_kses_allowed_htmlincludes\Admin\Hooks.php:25

filterhostinger_admin_menu_bar_itemsincludes\Admin\Menu.php:15

filterhostinger_menu_subpagesincludes\Admin\Menu.php:16

actioninitincludes\Admin\Redirects.php:30

actionplugins_loadedincludes\Bootstrap.php:63

actionwp_footerincludes\ComingSoon.php:20

actiontemplate_redirectincludes\ComingSoon.php:21

filterwp_headersincludes\ComingSoon.php:22

filterxmlrpc_enabledincludes\Hooks.php:14

filterwp_is_application_passwords_availableincludes\Hooks.php:15

filterwp_headersincludes\Hooks.php:16

actioninitincludes\Hooks.php:17

actionupdate_option_woocommerce_coming_soonincludes\Hooks.php:18

actionupdate_option_woocommerce_store_pages_onlyincludes\Hooks.php:19

actionupgrader_process_completeincludes\Hooks.php:20

actiontransition_post_statusincludes\Hooks.php:21

actionupdated_optionincludes\Hooks.php:22

actioninitincludes\LlmsTxtGenerator\LlmsTxtGenerator.php:37

actiontransition_post_statusincludes\LlmsTxtGenerator\LlmsTxtGenerator.php:102

actionhostinger_tools_settings_savedincludes\LlmsTxtGenerator\LlmsTxtGenerator.php:103

actionupdate_option_blognameincludes\LlmsTxtGenerator\LlmsTxtGenerator.php:104

actionupdate_option_blogdescriptionincludes\LlmsTxtGenerator\LlmsTxtGenerator.php:105

actionactivate_woocommerce/woocommerce.phpincludes\LlmsTxtGenerator\LlmsTxtGenerator.php:106

actiondeactivate_woocommerce/woocommerce.phpincludes\LlmsTxtGenerator\LlmsTxtGenerator.php:107

actioninitincludes\LlmsTxtGenerator.php:25

actiontransition_post_statusincludes\LlmsTxtGenerator.php:94

actionhostinger_tools_setting_enable_llms_txt_updateincludes\LlmsTxtGenerator.php:95

actionupdate_option_blognameincludes\LlmsTxtGenerator.php:96

actionupdate_option_blogdescriptionincludes\LlmsTxtGenerator.php:97

actionwp_enqueue_scriptsincludes\Preview\Assets.php:13

actionrest_api_initincludes\Rest\Routes.php:31

Maintenance & Trust

Hostinger Tools Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 3, 2026

PHP min version8.1

Downloads16.7M

Community Trust

Rating60/100

Number of ratings25

Active installs3.0M

Alternatives

Hostinger Tools Alternatives

Weborado Helper

weborado-helper

100

Essential tools for WordPress site administrators to monitor versions, enhance security, and improve performance.

100 No CVEs

Really Simple Security – Simple and Performant Security (formerly Really Simple SSL)

really-simple-ssl

Easily improve site security with WordPress Hardening, Two-Factor Authentication (2FA), Login Protection, Vulnerability Detection and SSL certificate.

3.0M 2 CVEs

XO Security

xo-security

100

XO Security is a plugin to enhance login related security.

30K 1 CVE

MainWP Dashboard: Self-hosted WordPress Management for Agencies

mainwp

Run updates, backups, security and reporting across all client sites from your own server. Keep data private and prove your value with branded reports …

20K 6 CVEs

Brozzme DB Prefix & Tools Addons

brozzme-db-prefix-change

100

Easily change your WordPress DB prefix, save time, increase security.

10K No CVEs

Developer Profile

Hostinger Tools Developer Profile

Hostinger

2 plugins · 4.0M total installs

trust score

Avg Security Score

100/100

Avg Patch Time

207 days

View full developer profile

Detection Fingerprints

How We Detect Hostinger Tools

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/hostinger/assets/css/plugin-rating.min.css/wp-content/plugins/hostinger/assets/css/hostinger-global.min.css

Script Paths

/wp-content/plugins/hostinger/vue-frontend/dist/main.js

Version Parameters

hostinger/assets/css/plugin-rating.min.css?ver=hostinger/assets/css/hostinger-global.min.css?ver=hostinger/vue-frontend/dist/main.js?ver=

HTML / DOM Fingerprints

CSS Classes

hts-theme-settings

JS Globals

hostinger_tools_data

REST Endpoints

/wp-json/hostinger-tools-plugin/v1

FAQ