Promote My Extensions Security & Risk Analysis
wordpress.org/plugins/promote-my-extensionsThis plugin creates a custom post type to share information about WordPress themes and plugins you've developed.
Is Promote My Extensions Safe to Use in 2026?
Generally Safe
Score 100/100Promote My Extensions has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "promote-my-extensions" v0.4.0 plugin exhibits a strong security posture based on the provided static analysis and vulnerability history. The absence of any identified CVEs and the lack of critical or high-severity findings in taint analysis are significant strengths. Furthermore, the code demonstrates good development practices, with all SQL queries utilizing prepared statements and a high percentage of output being properly escaped.
However, there are minor areas for improvement. While the attack surface is currently zero, the plugin's reliance on nonce and capability checks being present only once suggests that the implemented security checks might be limited. The proper escaping of 80% of outputs, while good, indicates that 20% of outputs are not properly escaped, which could potentially lead to XSS vulnerabilities if those outputs are user-controlled and not sanitized beforehand.
Overall, the plugin appears to be developed with security in mind, evidenced by the lack of past vulnerabilities and the use of secure coding practices. The current version seems robust, but attention to the few unescaped outputs and ensuring comprehensive security checks across all potential entry points would further solidify its security.
Key Concerns
- 20% of outputs are not properly escaped
Promote My Extensions Security Vulnerabilities
Promote My Extensions Code Analysis
Output Escaping
Promote My Extensions Attack Surface
WordPress Hooks 11
Maintenance & Trust
Promote My Extensions Maintenance & Trust
Maintenance Signals
Community Trust
Promote My Extensions Alternatives
CGA Plugin Helper
cga-plugin-helper
This plugin will assist you in the installation of plugins. Choose from a curated list, manually search for plugins and export all active plugins.
Structure Viewer
structure-viewer
View, search, and export the complete file structure of your WordPress plugins and themes with an advanced file viewer.
Theme and Plugin (T&P) Profiler
theme-plugin-profiler
Make your theme or plugin faster, greener and smarter with this plugin, that will tell you which of your functions is eating up most server time.
TIVWP-DM Development Manager
tivwp-dm-development-manager
Install and manage development plugins
Toolbar Plugins Link
toolbar-plugins-link
Toolbar Plugins Link customizes the Admin Toolbar and adds a shortcut to the plugins page.
Promote My Extensions Developer Profile
7 plugins · 170 total installs
How We Detect Promote My Extensions
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/promote-my-extensions/css/wp-admin.css/wp-content/plugins/promote-my-extensions/js/admin.js/wp-content/plugins/promote-my-extensions/js/admin.jspromote-my-extensions/css/wp-admin.css?ver=promote-my-extensions/js/admin.js?ver=HTML / DOM Fingerprints
wpe-documentation-details