WP-Safety

Only Self Pings Security & Risk Analysis

wordpress.org/plugins/only-self-pings

Keep your site privacy and automatic pingbacks!

10 active installs v1.0 PHP + WP 3.9+ Updated Mar 25, 2019
pingbackspingsprivacyprivaterelated-posts
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Only Self Pings Safe to Use in 2026?

Generally Safe

Score 85/100

Only Self Pings has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7yr ago
Risk Assessment

The 'only-self-pings' plugin v1.0 exhibits a very limited attack surface based on the static analysis provided. With no detected AJAX handlers, REST API routes, shortcodes, or cron events, the plugin offers few direct entry points for malicious activity. The absence of dangerous functions, file operations, and external HTTP requests, coupled with the use of prepared statements for any potential (though none detected) SQL queries, suggests a strong foundation in secure coding practices concerning data manipulation and external interaction. The vulnerability history is also clean, with no recorded CVEs, indicating a lack of known exploitable issues.

Key Concerns

  • No capability checks implemented
  • No nonce checks implemented
  • 50% of output not properly escaped
Vulnerabilities
None known

Only Self Pings Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Only Self Pings Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
1 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

50% escaped2 total outputs
Attack Surface

Only Self Pings Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 7
actioninitinit.php:15
actioninitinit.php:18
actioninitinit.php:21
actionadmin_menuonly-self-pings.php:37
actionadmin_initonly-self-pings.php:38
filterplugin_row_metaonly-self-pings.php:39
actionpre_pingonly-self-pings.php:40
Maintenance & Trust

Only Self Pings Maintenance & Trust

Maintenance Signals

WordPress version tested4.3.34
Last updatedMar 25, 2019
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Only Self Pings Alternatives

Force Login

Force Login

wp-force-login

A
92

Force Login is a simple lightweight plugin that requires visitors to log in to interact with the website.

30K No CVEs
My Private Site

My Private Site

jonradio-private-site

A
99

Make your WordPress site private with one click for family, projects, or teams. Protection for content, login, and registration.

20K 2 CVEs
BP Simple Private

BP Simple Private

bp-simple-private

A
100

A simple Private Content settings plugin for BuddyPress or the BuddyBoss Platform.

500 No CVEs
Wbcom Designs – Private Community for BuddyPress

Wbcom Designs – Private Community for BuddyPress

lock-my-bp

A
98

Create a private BuddyPress community by restricting access to non-members. Control who sees what with flexible privacy settings.

400 2 CVEs
Toolbelt

Toolbelt

wp-toolbelt

A
85

Fast, privacy focused, utilities to improve your website. Includes a Markdown block, spam protection, related posts, cookie banner, and more.

300 No CVEs
Developer Profile

Only Self Pings Developer Profile

ulfben

6 plugins · 5K total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Only Self Pings

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/only-self-pings/lang

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Only Self Pings