Does info have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is info compatible with WordPress 5.5.18?

According to WordPress.org data, info 2.4 has been tested up to WordPress 5.5.18. Check the plugin's changelog for the latest compatibility information.

How often is info updated?

info was last updated on Aug 9, 2020. Frequent updates are generally a positive security signal.

What is info's security score?

info has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

info Security & Risk Analysis

wordpress.org/plugins/info

Plugin shows in the admin bar the number of SQL queries, the amount of time in seconds and memory load.

80 active installs v2.4 PHP + WP 3.0+ Updated Aug 9, 2020

infoqueriesquerysqltime

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is info Safe to Use in 2026?

Generally Safe

Score 85/100

info has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The "info" plugin v2.4 exhibits an excellent security posture based on the provided static analysis and vulnerability history. The complete absence of identified attack surface points like AJAX handlers, REST API routes, shortcodes, and cron events significantly limits potential entry points for attackers. Furthermore, the code signals indicate strong development practices with no dangerous functions, no raw SQL queries (all prepared statements), no file operations, no external HTTP requests, and no bundled libraries. This suggests a highly secure and self-contained plugin.

While the lack of identified taint flows and vulnerability history is a strong positive indicator, the sole identified code signal concern is the output escaping. With 1 total output and 0% properly escaped, this represents a potential risk for Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is directly rendered without proper sanitization. However, given the absence of attack vectors, the practical impact of this issue is currently limited. In conclusion, the plugin is remarkably secure due to its minimal attack surface and robust coding practices, with output escaping being the only notable area requiring attention.

Key Concerns

Unescaped output detected

Vulnerabilities

None known

info Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

info Release Timeline

v2.4Current

v2.3

v2.2

v2.1.0

v2.0.0

v1.0.0

Code Analysis

Analyzed Mar 16, 2026

info Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped1 total outputs

Attack Surface

info Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 3

actionadmin_bar_menuinfo.php:29

actionwp_footerinfo.php:42

filterplugin_row_metainfo.php:56

Maintenance & Trust

info Maintenance & Trust

Maintenance Signals

WordPress version tested5.5.18

Last updatedAug 9, 2020

PHP min version

Downloads12K

Community Trust

Rating100/100

Number of ratings1

Active installs80

Alternatives

info Alternatives

Admin Bar Queries

admin-bar-queries

MySQL queries and load details added to your admin bar.

20 No CVEs

SQLog

sqlog

Log WordPress MySQL queries in csv file (and log file). Useful when you need to improve the performance or debug something.

10 No CVEs

Version Info – Server Health Monitor, PHP & MySQL Version Display, Environment Indicators

version-info

100

The #1 technical dashboard for WordPress professionals. Display PHP, MySQL, WP & server versions anywhere in admin. Monitor CPU, RAM, DB size &amp …

10K No CVEs

WP-ServerInfo

wp-serverinfo

Display your host's PHP, MYSQL & memcached (if installed) information on your WordPress dashboard.

10K No CVEs

Advanced Query Loop

advanced-query-loop

100

Transform your Query Loop blocks into powerful, flexible content engines! 🚀

5K No CVEs

Developer Profile

info Developer Profile

webvitaly

14 plugins · 128K total installs

trust score

Avg Security Score

81/100

Avg Patch Time

396 days

View full developer profile

Detection Fingerprints

How We Detect info

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

HTML Comments

FAQ