Does 診断ジェネレータ作成プラグイン have any unpatched vulnerabilities?

Yes — 診断ジェネレータ作成プラグイン currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is 診断ジェネレータ作成プラグイン compatible with WordPress 6.5.8?

According to WordPress.org data, 診断ジェネレータ作成プラグイン 1.4.16 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

How often is 診断ジェネレータ作成プラグイン updated?

診断ジェネレータ作成プラグイン was last updated on Apr 29, 2025. Frequent updates are generally a positive security signal.

What is 診断ジェネレータ作成プラグイン's security score?

診断ジェネレータ作成プラグイン has a WP-Safety security score of 78/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

診断ジェネレータ作成プラグイン Security & Risk Analysis

wordpress.org/plugins/os-diagnosis-generator

診断サイトを手軽に作成できるプラグインです。

700 active installs v1.4.16 PHP + WP 2.8+ Updated Apr 29, 2025

%e8%a8%ba%e6%96%ad%e5%8d%a0%e3%81%84

B · Generally Safe

CVEs total1

Unpatched1

Last CVEJun 5, 2025

Plugin page Download

Safety Verdict

Is 診断ジェネレータ作成プラグイン Safe to Use in 2026?

Mostly Safe

Score 78/100

診断ジェネレータ作成プラグイン is generally safe to use. 1 past CVE were resolved. Keep it updated.

1 known CVE 1 unpatched Last CVE: Jun 5, 2025Updated 11mo ago

Risk Assessment

The "os-diagnosis-generator" plugin exhibits a mixed security posture. On the positive side, it demonstrates strong practices regarding SQL queries, exclusively using prepared statements, and includes a reasonable number of nonce and capability checks, suggesting an awareness of common WordPress security vulnerabilities. The absence of external HTTP requests and bundled libraries also reduces potential attack vectors. However, significant concerns arise from the taint analysis, which identified 4 flows with unsanitized paths. While these were not classified as critical or high severity, this indicates a potential for input sanitization to be overlooked in certain code paths, which could be exploited if a proper vector is found.

The plugin's vulnerability history is a major red flag. With one known medium-severity CVE that remains unpatched, it directly demonstrates a real-world security flaw. The recurring theme of "Missing Authorization" in past vulnerabilities is particularly worrying, as it suggests a persistent weakness in how the plugin handles user permissions. This, combined with the unsanitized paths found in static analysis, points to a potential for unauthorized access or data manipulation if a vulnerability is actively exploited. While some security best practices are in place, the unpatched vulnerability and the taint analysis findings necessitate careful consideration and prompt remediation.

Key Concerns

Unpatched CVE (medium severity)
Taint analysis: unsanitized paths found
Vulnerability history: Missing Authorization pattern
Output escaping: low coverage (20%)

Vulnerabilities

診断ジェネレータ作成プラグイン Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-30934medium · 5.3Missing Authorization

診断ジェネレータ作成プラグイン <= 1.4.16 - Missing Authorization

Jun 5, 2025Unpatched

Code Analysis

Analyzed Mar 16, 2026

診断ジェネレータ作成プラグイン Code Analysis

Dangerous Functions

Raw SQL Queries

51 prepared

Unescaped Output

107

26 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared51 total queries

Output Escaping

20% escaped133 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

5 flows4 with unsanitized paths

<themeClass> (class\themeClass.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

診断ジェネレータ作成プラグイン Attack Surface

Entry Points6

Unprotected0

Shortcodes 6

[OSDGSIS-FORM] diagnosisViewClass.php:10

[OSDGSIS-RESULT-FORM] diagnosisViewClass.php:11

[osdgsis-form] diagnosisViewClass.php:13

[osdgsis-result-form] diagnosisViewClass.php:14

[formosdgsis] diagnosisViewClass.php:16

[formosdgsisresult] diagnosisViewClass.php:17

WordPress Hooks 11

actionin_admin_footeraddon\default.php:5

actionadmin_menuaddon\default.php:6

actionadmin_initdiagnosisAdminClass.php:8

actionadmin_initdiagnosisAdminClass.php:9

actionadmin_menudiagnosisAdminClass.php:11

actionplugins_loadeddiagnosisClass.php:6

actionplugins_loadeddiagnosisClass.php:8

actionwp_headdiagnosisClass.php:10

actioninitdiagnosisViewClass.php:8

actionwp_print_scriptsdiagnosisViewClass.php:19

actioninitdiagnosisViewClass.php:21

Maintenance & Trust

診断ジェネレータ作成プラグイン Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedApr 29, 2025

PHP min version

Downloads16K

Community Trust

Rating0/100

Number of ratings0

Active installs700

Alternatives

診断ジェネレータ作成プラグイン Alternatives

No alternatives data available yet.

Developer Profile

診断ジェネレータ作成プラグイン Developer Profile

OLIVESYSTEM

3 plugins · 720 total installs

trust score

Avg Security Score

83/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect 診断ジェネレータ作成プラグイン

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/os-diagnosis-generator/css/admin-style.css/wp-content/plugins/os-diagnosis-generator/css/style.css/wp-content/plugins/os-diagnosis-generator/js/admin.js/wp-content/plugins/os-diagnosis-generator/js/main.js

Version Parameters

os-diagnosis-generator/css/admin-style.css?ver=os-diagnosis-generator/css/style.css?ver=os-diagnosis-generator/js/admin.js?ver=os-diagnosis-generator/js/main.js?ver=

HTML / DOM Fingerprints

CSS Classes

osdg_body

HTML Comments

Data Attributes

data-diagnosis-id

JS Globals

osdg_data

FAQ