Does oik bwtrace have any unpatched vulnerabilities?

No. All known vulnerabilities in oik bwtrace have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is oik bwtrace compatible with WordPress 6.8.5?

According to WordPress.org data, oik bwtrace 4.1.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is oik bwtrace compatible with PHP 5.6+?

oik bwtrace requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is oik bwtrace updated?

oik bwtrace was last updated on May 10, 2025. Frequent updates are generally a positive security signal.

What is oik bwtrace's security score?

oik bwtrace has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

oik bwtrace Security & Risk Analysis

wordpress.org/plugins/oik-bwtrace

Debug trace for WordPress, including ad hoc action hook and filter tracing.

20 active installs v4.1.0 PHP 5.6+ WP 5.0+ Updated May 10, 2025

ad-hoc-tracingbacktracedebugtrace

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is oik bwtrace Safe to Use in 2026?

Generally Safe

Score 100/100

oik bwtrace has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago

Risk Assessment

The plugin "oik-bwtrace" v4.1.0 exhibits a mixed security posture. On one hand, the absence of known vulnerabilities and the use of prepared statements for all SQL queries are positive indicators. The plugin also does not appear to have a significant attack surface through AJAX handlers, REST API routes, shortcodes, or cron events, and there are no reported taint flows, which are all strong points.

However, significant concerns arise from the static analysis. The fact that 100% of the total outputs are not properly escaped presents a high risk of Cross-Site Scripting (XSS) vulnerabilities. Additionally, the absence of any nonce checks or capability checks on any of the entry points (even though the stated entry points are zero) is a critical oversight, as it means any potential future additions to the attack surface would likely be unprotected.

While the plugin has no recorded vulnerability history, this is likely due to its limited exposure and the current lack of a developed attack surface. The lack of escaping and authorization checks are fundamental security practices that are missing, making the plugin inherently vulnerable to exploitation should an entry point be utilized or introduced. The overall risk is moderate to high due to the critical unescaped output issue and the lack of authorization checks.

Key Concerns

Unescaped output detected
No nonce checks on any entry points
No capability checks on any entry points

Vulnerabilities

None known

oik bwtrace Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

oik bwtrace Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped4 total outputs

Attack Surface

oik bwtrace Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 44

actionshutdownadmin\class-oik-trace-summary.php:57

actionactivated_pluginadmin\oik-bwtrace.php:33

actionadmin_print_styles-settings_page_bw_trace_optionsadmin\oik-bwtrace.php:61

actionadmin_print_styles-settings_page_bw_action_optionsadmin\oik-bwtrace.php:71

actionupdate_option_bw_trace_files_optionsadmin\oik-bwtrace.php:496

actionupdate_option_bw_trace_optionsadmin\oik-bwtrace.php:497

actionupdate_option_bw_action_optionsadmin\oik-bwtrace.php:498

actionupdate_option_bw_summary_optionsadmin\oik-bwtrace.php:499

actiondeprecated_constructor_runincludes\bwtrace-actions.php:92

actiondeprecated_argument_runincludes\bwtrace-actions.php:93

actiondeprecated_file_includedincludes\bwtrace-actions.php:94

actiondeprecated_function_runincludes\bwtrace-actions.php:95

actiondoing_it_wrong_runincludes\bwtrace-actions.php:96

filterdeprecated_argument_trigger_errorincludes\bwtrace-actions.php:97

filterdeprecated_constructor_trigger_errorincludes\bwtrace-actions.php:98

filterdeprecated_file_trigger_errorincludes\bwtrace-actions.php:99

filterdeprecated_function_trigger_errorincludes\bwtrace-actions.php:100

filterdoing_it_wrong_trigger_errorincludes\bwtrace-actions.php:101

filterrest_pre_echo_responseincludes\bwtrace-actions.php:480

actionplugin_loadedincludes\bwtrace-actions.php:491

actionmu_plugin_loadedincludes\bwtrace-actions.php:492

actionnetwork_plugin_loadedincludes\bwtrace-actions.php:493

actionplugins_loadedincludes\bwtrace-actions.php:495

actionmuplugins_loadedincludes\bwtrace-actions.php:497

actionallincludes\bwtrace-anychange.php:88

actionallincludes\bwtrace-stringwatch.php:113

actionshutdownincludes\class-BW-trace-controller.php:70

actionallincludes\class-BW-trace-controller.php:87

actionplugins_loadedincludes\class-BW-trace-controller.php:480

actionallincludes\oik-action-counts.php:74

actionshutdownincludes\oik-action-counts.php:75

actionplugins_loadedoik-bwtrace.php:120

actionmuplugins_loadedoik-bwtrace.php:121

actionwp_loadedoik-bwtrace.php:129

filteroik_query_libsoik-bwtrace.php:130

filterdetermine_localeoik-bwtrace.php:140

actionadmin_menuoik-bwtrace.php:172

actionadmin_menuoik-bwtrace.php:173

actionadmin_initoik-bwtrace.php:179

actionadmin_initoik-bwtrace.php:180

actionadmin_initoik-bwtrace.php:181

actionadmin_initoik-bwtrace.php:182

actionoik_admin_menuoik-bwtrace.php:193

actionoik_add_shortcodesoik-bwtrace.php:195

Maintenance & Trust

oik bwtrace Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMay 10, 2025

PHP min version5.6

Downloads6K

Community Trust

Rating100/100

Number of ratings1

Active installs20

Alternatives

oik bwtrace Alternatives

Debug Toolkit

debug-toolkit

Code debug made easier and more enjoyable.

20 No CVEs

Debug Bar Query Tracer

debug-bar-query-tracer

100

A Debug Bar plugin that lets you trace what plugins are causing database queries.

10 No CVEs

Notice TraceLog

notice-trace-log

100

Easily display PHP backtraces when Notices occur. Designed for developers to quickly identify the source of early execution issues in WordPress.

0 No CVEs

Debug Bar Post Meta

debug-bar-post-meta

Adds a post meta panel for displaying all of the post meta.

40 No CVEs

WP Crontrol

wp-crontrol

WP Crontrol enables you to take control of the cron events on your WordPress website.

300K 3 CVEs

Developer Profile

oik bwtrace Developer Profile

bobbingwide

16 plugins · 7K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

15 days

View full developer profile

Detection Fingerprints

How We Detect oik bwtrace

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/oik-bwtrace/css/bw-trace.css/wp-content/plugins/oik-bwtrace/js/bw-trace.js

Script Paths

/wp-content/plugins/oik-bwtrace/js/bw-trace.js

Version Parameters

oik-bwtrace/css/bw-trace.css?ver=oik-bwtrace/js/bw-trace.js?ver=

HTML / DOM Fingerprints

CSS Classes

bw-trace-enabledbw-trace-status

HTML Comments

Data Attributes

data-bw_trace_leveldata-bw_trace_statusdata-bw_trace_output

JS Globals

bw_trace_optionsbw_trace_enabledbw_trace_settings

REST Endpoints

/wp-json/oik-bwtrace/v1/trace

Shortcode Output

[bw_trace][bw_trace_output][bw_trace_status]

FAQ