WP-Safety

Integrity Checker Security & Risk Analysis

wordpress.org/plugins/integrity-checker

The WordPress Integrity Checker checks your WordPress installation by detecting modified files, permissions issues and other common problems.

200 active installs v0.10.0 PHP + WP 4.4+ Updated Oct 13, 2025
checksumsecuresecuritysecurity-plugin
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Integrity Checker Safe to Use in 2026?

Generally Safe

Score 100/100

Integrity Checker has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The "integrity-checker" v0.10.0 plugin exhibits a mixed security posture. While it benefits from a lack of documented vulnerabilities and a high percentage of SQL queries using prepared statements, several concerning areas warrant attention. The presence of the `unserialize` function, a known source of vulnerabilities, is a significant red flag, especially given the limited output escaping. Furthermore, the plugin exposes a REST API route without proper permission callbacks, creating an unprotected entry point that could be exploited to trigger the `unserialize` function or other unintended actions. The limited scope of taint analysis, reporting zero flows, might indicate a lack of thorough dynamic testing or that the plugin's design genuinely avoids complex data flow issues. However, the static analysis findings, particularly the `unserialize` function and the unprotected REST API endpoint, represent tangible risks that need mitigation.

Key Concerns

  • Unprotected REST API route
  • Dangerous function: unserialize
  • Low percentage of output escaping
  • Bundled library (DataTables) without version check
Vulnerabilities
None known

Integrity Checker Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Integrity Checker Code Analysis

Dangerous Functions
1
Raw SQL Queries
2
27 prepared
Unescaped Output
43
3 escaped
Nonce Checks
1
Capability Checks
0
File Operations
3
External Requests
11
Bundled Libraries
1

Dangerous Functions Found

unserialize$this->result = unserialize($response['body']);src\Tests\Checksum\WPRepository.php:27

Bundled Libraries

DataTables

SQL Query Safety

93% prepared29 total queries

Output Escaping

7% escaped46 total outputs
Attack Surface
1 unprotected

Integrity Checker Attack Surface

Entry Points7
Unprotected1

REST API Routes 7

GET/wp-json/integrity-checker/v1background/(?P<session>[a-zA-Z0-9-]+)src\BackgroundProcess.php:85
GET/wp-json/integrity-checker/v1quotasrc\Rest.php:68
GET/wp-json/integrity-checker/v1apikeysrc\Rest.php:80
GET/wp-json/integrity-checker/v1userdatasrc\Rest.php:93
GET/wp-json/integrity-checker/v1process/statussrc\Rest.php:112
GET/wp-json/integrity-checker/v1testresult/scanall/truncatehistorysrc\Rest.php:168
GET/wp-json/integrity-checker/v1settingssrc\Rest.php:221
WordPress Hooks 11
actioninitintegrity-checker.php:53
actionadmin_initsrc\Admin\AdminPage.php:45
actionadmin_menusrc\Admin\AdminPage.php:46
actionadmin_enqueue_scriptssrc\Admin\AdminPage.php:55
actionload-plugins.phpsrc\AdminUIHooks.php:45
filtersite_transient_update_pluginssrc\AdminUIHooks.php:51
actionshutdownsrc\BackgroundProcess.php:126
filtercron_schedulessrc\BackgroundProcess.php:130
actionrest_api_initsrc\BackgroundProcess.php:133
actionrest_api_initsrc\integrityChecker.php:130
actionupgrader_process_completesrc\integrityChecker.php:147
Maintenance & Trust

Integrity Checker Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32
Last updatedOct 13, 2025
PHP min version
Downloads12K

Community Trust

Rating96/100
Number of ratings6
Active installs200
Alternatives

Integrity Checker Alternatives

SX User Name Security

SX User Name Security

user-name-security

A
100

SX User Name Security prevents WordPress from showing your real Login everywhere. It ovverides the body_class function, User Nicename, Nickname and Di &hellip;

1K No CVEs
Block wp-login

Block wp-login

block-wp-login

A
99

This plugin completely blocks access to wp-login.php and creates a new secret login URL

600 1 CVE
Virus Finder

Virus Finder

virus-finder

A
100

Find viruses in your WordPress easily. Virus scan, malware finder.

100 No CVEs
Reset Password Removed

Reset Password Removed

reset-password-removed

A
92

Enhance the security of your blogs by preventing password reset over email function.

20 No CVEs
WP Security By Made I.T.

WP Security By Made I.T.

wp-security-by-made-it

A
100

Secure your WordPress Website.

10 No CVEs
Developer Profile

Integrity Checker Developer Profile

Erik Torsner

1 plugin · 200 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Integrity Checker

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/integrity-checker/css/style.css/wp-content/plugins/integrity-checker/css/jqCron.css/wp-content/plugins/integrity-checker/css/font-awesome.min.css/wp-content/plugins/integrity-checker/css/jquery.dataTables.min.css/wp-content/plugins/integrity-checker/js/main.js/wp-content/plugins/integrity-checker/js/jquery.dataTables.min.js/wp-content/plugins/integrity-checker/js/jqCron.js
Script Paths
/wp-content/plugins/integrity-checker/js/main.js/wp-content/plugins/integrity-checker/js/jquery.dataTables.min.js/wp-content/plugins/integrity-checker/js/jqCron.js
Version Parameters
integrity-checker/js/main.js?ver=integrity-checker/js/jquery.dataTables.min.js?ver=integrity-checker/js/jqCron.js?ver=integrity-checker/css/style.css?ver=integrity-checker/css/jqCron.css?ver=integrity-checker/css/font-awesome.min.css?ver=integrity-checker/css/jquery.dataTables.min.css?ver=

HTML / DOM Fingerprints

CSS Classes
jq-cron
HTML Comments
<!-- Integrity Checker -->
Data Attributes
data-tab-id
JS Globals
integrityCheckerApi
REST Endpoints
/wp-json/integrity-checker/v1
FAQ

Frequently Asked Questions about Integrity Checker