WP-Safety

PressPrimer Assignment Security & Risk Analysis

wordpress.org/plugins/pressprimer-assignment

Collect, review, and grade student assignments in WordPress. File uploads, text submissions, inline feedback, and LMS integration. Free forever.

0 active installs v1.0.0 PHP 7.4+ WP 6.4+ Updated Mar 24, 2026
assignmenteducationgradinglearndashlms
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is PressPrimer Assignment Safe to Use in 2026?

Generally Safe

Score 100/100

PressPrimer Assignment has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The 'pressprimer-assignment' v1.0.0 plugin exhibits a generally strong security posture, with many good practices in place. The plugin demonstrates commendable adherence to secure coding standards by utilizing prepared statements for all SQL queries and properly escaping all output. The presence of a significant number of nonce and capability checks further strengthens its defense against common WordPress vulnerabilities. However, a few areas warrant attention. The presence of unsanitized paths in the taint analysis suggests a potential risk of path traversal vulnerabilities, even though no critical or high-severity flows were identified in this specific analysis. Additionally, the 'exec' function is a powerful and potentially dangerous function that, if misused, could lead to remote code execution. While the analysis doesn't indicate a direct vulnerability related to 'exec' in this version, its presence requires careful monitoring in future updates.

The plugin's vulnerability history is currently clean, with no recorded CVEs. This is a positive indicator, suggesting that the developers have been diligent in maintaining security. The absence of past vulnerabilities, coupled with the robust coding practices observed, points to a development team that is likely aware of and attempts to mitigate security risks. However, the presence of the 'exec' function and the unsanitized paths in taint analysis are weaknesses that, if exploited in conjunction with other factors or in future versions, could introduce significant risk. The limited attack surface and the majority of entry points being protected are strengths that mitigate some of these concerns.

Key Concerns

  • Unsanitized paths in taint analysis
  • Use of dangerous 'exec' function
  • REST API route without permission callback
Vulnerabilities
None known

PressPrimer Assignment Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

PressPrimer Assignment Release Timeline

v1.0.0Current
Code Analysis
Analyzed Apr 16, 2026

PressPrimer Assignment Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
242 prepared
Unescaped Output
0
857 escaped
Nonce Checks
23
Capability Checks
90
File Operations
6
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

exec$which_result = @exec( 'which pdftotext 2>/dev/null' );includes/admin/class-ppa-admin-settings.php:376

SQL Query Safety

100% prepared242 total queries

Output Escaping

100% escaped857 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

8 flows2 with unsanitized paths
render (includes/admin/class-ppa-admin-categories.php:86)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

PressPrimer Assignment Attack Surface

Entry Points21
Unprotected1

AJAX Handlers 11

authwp_ajax_pressprimer_assignment_repair_database_tablesincludes/admin/class-ppa-admin-settings.php:52
authwp_ajax_pressprimer_assignment_onboarding_progressincludes/admin/class-ppa-onboarding.php:102
authwp_ajax_pressprimer_assignment_get_onboarding_stateincludes/admin/class-ppa-onboarding.php:103
authwp_ajax_pressprimer_assignment_upload_fileincludes/frontend/class-ppa-submission-handler.php:44
authwp_ajax_pressprimer_assignment_remove_fileincludes/frontend/class-ppa-submission-handler.php:45
authwp_ajax_pressprimer_assignment_submit_assignmentincludes/frontend/class-ppa-submission-handler.php:46
authwp_ajax_pressprimer_assignment_delete_submissionincludes/frontend/class-ppa-submission-handler.php:47
authwp_ajax_pressprimer_assignment_save_text_draftincludes/frontend/class-ppa-text-handler.php:36
authwp_ajax_pressprimer_assignment_submit_text_assignmentincludes/frontend/class-ppa-text-handler.php:37
authwp_ajax_pressprimer_assignment_search_assignments_learndashincludes/integrations/class-ppa-learndash.php:74
authwp_ajax_pressprimer_assignment_search_assignments_tutorlmsincludes/integrations/class-ppa-tutorlms.php:82

REST API Routes 8

GET/wp-json/ppa/v1/settingsincludes/api/class-ppa-rest-settings.php:44
GET/wp-json/ppa/v1/email/testincludes/api/class-ppa-rest-settings.php:61
GET/wp-json/ppa/v1/learndash/assignments/searchincludes/integrations/class-ppa-learndash.php:992
GET/wp-json/ppa/v1/learndash/statusincludes/integrations/class-ppa-learndash.php:1014
POST/wp-json/ppa/v1/learndash/settingsincludes/integrations/class-ppa-learndash.php:1026
GET/wp-json/ppa/v1/tutorlms/assignments/searchincludes/integrations/class-ppa-tutorlms.php:1174
GET/wp-json/ppa/v1/tutorlms/statusincludes/integrations/class-ppa-tutorlms.php:1196
POST/wp-json/ppa/v1/tutorlms/lesson-assignmentincludes/integrations/class-ppa-tutorlms.php:1208

Shortcodes 2

[pressprimer_assignment] includes/frontend/class-ppa-shortcodes.php:52
[pressprimer_assignment_my_submissions] includes/frontend/class-ppa-shortcodes.php:53
WordPress Hooks 73
actionadmin_initincludes/admin/class-ppa-admin-assignments.php:45
actionadmin_noticesincludes/admin/class-ppa-admin-assignments.php:46
actioncurrent_screenincludes/admin/class-ppa-admin-assignments.php:49
filterset_screen_option_pressprimer_assignment_assignments_per_pageincludes/admin/class-ppa-admin-assignments.php:52
filterset-screen-optionincludes/admin/class-ppa-admin-assignments.php:115
actionadmin_post_pressprimer_assignment_save_categoryincludes/admin/class-ppa-admin-categories.php:52
actionadmin_post_pressprimer_assignment_delete_categoryincludes/admin/class-ppa-admin-categories.php:53
actionadmin_noticesincludes/admin/class-ppa-admin-categories.php:54
actionadmin_noticesincludes/admin/class-ppa-admin-grading.php:46
actioncurrent_screenincludes/admin/class-ppa-admin-grading.php:47
filterset_screen_option_pressprimer_assignment_grading_per_pageincludes/admin/class-ppa-admin-grading.php:48
filterset-screen-optionincludes/admin/class-ppa-admin-grading.php:107
actionadmin_initincludes/admin/class-ppa-admin-submissions.php:45
actionadmin_noticesincludes/admin/class-ppa-admin-submissions.php:46
actioncurrent_screenincludes/admin/class-ppa-admin-submissions.php:47
filterset_screen_option_pressprimer_assignment_submissions_per_pageincludes/admin/class-ppa-admin-submissions.php:48
filterset-screen-optionincludes/admin/class-ppa-admin-submissions.php:107
actionadmin_menuincludes/admin/class-ppa-admin.php:47
actionadmin_menuincludes/admin/class-ppa-admin.php:48
actionadmin_enqueue_scriptsincludes/admin/class-ppa-admin.php:49
actionadmin_enqueue_scriptsincludes/admin/class-ppa-onboarding.php:104
actionrest_api_initincludes/api/class-ppa-rest-assignments.php:49
actionrest_api_initincludes/api/class-ppa-rest-categories.php:49
actionrest_api_initincludes/api/class-ppa-rest-grading-queue.php:48
actionrest_api_initincludes/api/class-ppa-rest-settings.php:35
actionrest_api_initincludes/api/class-ppa-rest-statistics.php:48
actionrest_api_initincludes/api/class-ppa-rest-submissions.php:65
filterblock_categories_allincludes/blocks/class-ppa-blocks.php:33
actioninitincludes/blocks/class-ppa-blocks.php:36
actionpressprimer_assignment_extract_pdf_textincludes/class-ppa-plugin.php:161
actionpressprimer_assignment_submission_submittedincludes/class-ppa-plugin.php:195
actionpressprimer_assignment_submission_gradedincludes/class-ppa-plugin.php:201
actionpressprimer_assignment_submission_returnedincludes/class-ppa-plugin.php:207
actionpressprimer_assignment_submission_deletedincludes/class-ppa-plugin.php:213
actionpressprimer_assignment_deletedincludes/class-ppa-plugin.php:219
filterwp_privacy_personal_data_exportersincludes/class-ppa-privacy.php:45
filterwp_privacy_personal_data_erasersincludes/class-ppa-privacy.php:46
actioninitincludes/frontend/class-ppa-frontend.php:56
actioninitincludes/frontend/class-ppa-shortcodes.php:43
filterheartbeat_receivedincludes/frontend/class-ppa-text-handler.php:38
actionadd_meta_boxesincludes/integrations/class-ppa-learndash.php:70
actionsave_postincludes/integrations/class-ppa-learndash.php:71
actioninitincludes/integrations/class-ppa-learndash.php:77
actionrest_api_initincludes/integrations/class-ppa-learndash.php:78
actionenqueue_block_editor_assetsincludes/integrations/class-ppa-learndash.php:79
filterthe_contentincludes/integrations/class-ppa-learndash.php:82
filterlearndash_mark_complete_buttonincludes/integrations/class-ppa-learndash.php:83
actionpressprimer_assignment_submission_passedincludes/integrations/class-ppa-learndash.php:86
filterlearndash-lesson-can-completeincludes/integrations/class-ppa-learndash.php:89
actionrest_api_initincludes/integrations/class-ppa-learndash.php:92
actionadmin_initincludes/integrations/class-ppa-learndash.php:99
filterpressprimer_assignment_user_has_teacher_capabilityincludes/integrations/class-ppa-learndash.php:100
actionadd_meta_boxesincludes/integrations/class-ppa-tutorlms.php:78
actionsave_postincludes/integrations/class-ppa-tutorlms.php:79
actioninitincludes/integrations/class-ppa-tutorlms.php:85
actionenqueue_block_editor_assetsincludes/integrations/class-ppa-tutorlms.php:86
actionadmin_enqueue_scriptsincludes/integrations/class-ppa-tutorlms.php:89
actionadmin_initincludes/integrations/class-ppa-tutorlms.php:96
filterpressprimer_assignment_user_has_teacher_capabilityincludes/integrations/class-ppa-tutorlms.php:97
filterthe_contentincludes/integrations/class-ppa-tutorlms.php:102
filtertutor_has_lesson_contentincludes/integrations/class-ppa-tutorlms.php:107
filtertutor_lesson/single/complete_formincludes/integrations/class-ppa-tutorlms.php:110
actionpressprimer_assignment_submission_passedincludes/integrations/class-ppa-tutorlms.php:113
actionrest_api_initincludes/integrations/class-ppa-tutorlms.php:116
actionautomator_add_integrationincludes/integrations/uncanny-automator/class-ppa-automator-loader.php:30
actionpressprimer_assignment_submission_failedincludes/integrations/uncanny-automator/triggers/class-ppa-assignment-failed.php:58
actionpressprimer_assignment_submission_gradedincludes/integrations/uncanny-automator/triggers/class-ppa-assignment-graded.php:58
actionpressprimer_assignment_submission_passedincludes/integrations/uncanny-automator/triggers/class-ppa-assignment-passed.php:58
actionpressprimer_assignment_submission_submittedincludes/integrations/uncanny-automator/triggers/class-ppa-assignment-submitted.php:58
actionpressprimer_assignment_submission_submittedincludes/services/class-ppa-email-service.php:921
actionpressprimer_assignment_submission_returnedincludes/services/class-ppa-email-service.php:924
actionwp_initialize_sitepressprimer-assignment.php:49
actioninitpressprimer-assignment.php:64

Scheduled Events 1

pressprimer_assignment_extract_pdf_text
Maintenance & Trust

PressPrimer Assignment Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 24, 2026
PHP min version7.4
Downloads100

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

PressPrimer Assignment Alternatives

Uncanny Toolkit for LearnDash

Uncanny Toolkit for LearnDash

uncanny-learndash-toolkit

A
91

Extend LearnDash with a variety of useful modules that make it even easier to build great learner experiences with LearnDash.

20K 7 CVEs
PowerPack for LearnDash

PowerPack for LearnDash

powerpack-for-learndash

A
94

PowerPack for LearnDash offers 42 modules you can activate in a click to power up your LearnDash LMS website. What's included with PowerPack for …

1K 1 CVE
Easy Dash for LearnDash

Easy Dash for LearnDash

easy-dash-for-learndash

A
100

Easy Dash for LearnDash: an improved (and easy) dashboard for your LearnDash site.

800 No CVEs
Video Resume for LearnDash

Video Resume for LearnDash

ld-video-resume

A
85

This plugin stores the video progress on browser and resumes video on re-visit, it supports Vimeo, YouTube, Wistia and JWPlayer.

200 No CVEs
Grid Button for LearnDash

Grid Button for LearnDash

grid-button-for-learndash

A
85

Grid Button Text for LearnDash is the ultimate way to define custom texts and styles for courses buttons on the LearnDash Course Grid.

100 No CVEs
Developer Profile

PressPrimer Assignment Developer Profile

PressPrimer

2 plugins · 200 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect PressPrimer Assignment

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/pressprimer-assignment/assets/css/assignments.css/wp-content/plugins/pressprimer-assignment/assets/js/assignments.js
Script Paths
/wp-content/plugins/pressprimer-assignment/assets/js/assignments.js
Version Parameters
pressprimer-assignment/assets/css/assignments.css?ver=pressprimer-assignment/assets/js/assignments.js?ver=

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about PressPrimer Assignment