Jameel's Dev Tools Security & Risk Analysis
wordpress.org/plugins/jameels-dev-toolsChalked full of little helpers for developing websites, including search and replace function and shortcode to create columns.
Is Jameel's Dev Tools Safe to Use in 2026?
Generally Safe
Score 85/100Jameel's Dev Tools has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "jameels-dev-tools" plugin v1.0.2 exhibits a generally good security posture based on the provided static analysis. There are no reported vulnerabilities in its history, and the code analysis reveals a lack of dangerous functions, file operations, and external HTTP requests. The presence of only two SQL queries, with 50% using prepared statements, is also a positive sign. The plugin also performs nonce checks on one entry point, indicating some awareness of security best practices.
However, several areas present potential concerns. The plugin has a significant attack surface with 6 shortcodes, all of which are identified as unprotected entry points. Furthermore, the output escaping is very poor, with only 13% of outputs being properly escaped, leaving it susceptible to Cross-Site Scripting (XSS) vulnerabilities. The complete absence of capability checks on any entry points is a major oversight, meaning any authenticated user, regardless of their role, could potentially trigger functionality within the plugin.
While the vulnerability history is clean, this could be due to the plugin's relatively small size or lack of historical scrutiny. The combination of a large, unprotected attack surface and insufficient output escaping, coupled with a lack of capability checks, creates a notable risk. Despite its positive aspects, these weaknesses warrant careful consideration and remediation.
Key Concerns
- Unprotected shortcodes
- Poor output escaping
- Missing capability checks
- SQL queries without prepare
Jameel's Dev Tools Security Vulnerabilities
Jameel's Dev Tools Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Jameel's Dev Tools Attack Surface
Shortcodes 6
WordPress Hooks 3
Maintenance & Trust
Jameel's Dev Tools Maintenance & Trust
Maintenance Signals
Community Trust
Jameel's Dev Tools Alternatives
Admin Slug Column
admin-slug-column
Adds a URL path column to all admin post type edit screens. Works with posts, pages, and any custom post type including WooCommerce products.
The Ultimate WordPress Toolkit – WP Extended
wpextended
SMTP Email, Maintenance Mode, Duplicate Posts & Pages, Duplicate menu, Code Snippets, SVG File upload, Disable Gutenberg, Limit Login Attempts &am …
All Page URLs
all-page-urls
Displays a list of all published post, page, and WooCommerce product URLs in your admin dashboard.
Email Cop
email-cop
Prevents WordPress from sending out emails and save them so that you can preview them without actually having to send them.
Basic Dev Tools
basic-dev-tools
A plugin with some Basic Tools For Development and Developers. Trying to be easier the way of develop common things in WP
Jameel's Dev Tools Developer Profile
2 plugins · 20 total installs
How We Detect Jameel's Dev Tools
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/jameels-dev-tools/css/jdt_admin.css/wp-content/plugins/jameels-dev-tools/js/jdt_tmce_buttons.js/wp-content/plugins/jameels-dev-tools/js/jdt_tmce_home_url.js/wp-content/plugins/jameels-dev-tools/css/jdt_columns.css/wp-content/plugins/jameels-dev-tools/js/jdt_tmce_buttons.js/wp-content/plugins/jameels-dev-tools/js/jdt_tmce_home_url.jsjameels-dev-tools/css/jdt_admin.css?ver=jameels-dev-tools/js/jdt_tmce_buttons.js?ver=jameels-dev-tools/js/jdt_tmce_home_url.js?ver=jameels-dev-tools/css/jdt_columns.css?ver=HTML / DOM Fingerprints
column-wrapperfirstlasttwocolthreecolfourcolfivecolsixcol+6 more<!-- End Column --><!-- End Column Group -->data-col-classJDT_Global[column_wrap][/column_wrap][column][/column]