WP-Safety

Silo Scope Security & Risk Analysis

wordpress.org/plugins/silo-scope

Comprehensive site health monitoring for WordPress. Get a complete health report covering security, performance, server configuration, SEO, and plugin …

0 active installs v1.1.0 PHP 7.4+ WP 6.1+ Updated Feb 10, 2026
health-checkmonitoringperformancesecuritysite-health
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Silo Scope Safe to Use in 2026?

Generally Safe

Score 100/100

Silo Scope has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The "silo-scope" v1.1.0 plugin exhibits a generally strong security posture with several positive indicators. The absence of any known CVEs and the complete utilization of prepared statements for all SQL queries are excellent signs of secure development practices. The high percentage of properly escaped output and the presence of nonce and capability checks on a significant majority of its entry points further bolster its security. However, there are notable areas for concern. The plugin exposes 28 AJAX handlers, with a substantial 12 of these lacking any authentication checks. This creates a significant attack surface that could be exploited by unauthenticated users. Additionally, while taint analysis found no critical or high severity vulnerabilities, the presence of two flows with unsanitized paths, though not classified as critical, warrants attention as they could potentially lead to unexpected behavior or minor security weaknesses. The lack of vulnerability history suggests a mature and well-maintained codebase, but this should not overshadow the identified weaknesses in access control for its AJAX endpoints.

Key Concerns

  • Unprotected AJAX handlers
  • Flows with unsanitized paths
Vulnerabilities
None known

Silo Scope Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Silo Scope Release Timeline

v1.1.0Current
v1.0.0
Code Analysis
Analyzed Apr 16, 2026

Silo Scope Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
35 prepared
Unescaped Output
5
113 escaped
Nonce Checks
29
Capability Checks
34
File Operations
2
External Requests
15
Bundled Libraries
0

SQL Query Safety

100% prepared35 total queries

Output Escaping

96% escaped118 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

13 flows2 with unsanitized paths
ajax_xmlrpc_mode (includes/security-checks.php:46)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
12 unprotected

Silo Scope Attack Surface

Entry Points28
Unprotected12

AJAX Handlers 28

authwp_ajax_ss_update_pluginincludes/ajax-handlers.php:26
authwp_ajax_ss_toggle_pluginincludes/ajax-handlers.php:27
authwp_ajax_ss_headers_basic_saveincludes/ajax-handlers.php:28
authwp_ajax_ss_indexing_setincludes/ajax-handlers.php:29
authwp_ajax_ss_regenerate_tokenincludes/ajax-handlers.php:30
authwp_ajax_ss_clear_attemptsincludes/ajax-handlers.php:31
authwp_ajax_ss_save_securityincludes/ajax-handlers.php:32
authwp_ajax_ss_license_saveincludes/ajax-handlers.php:33
authwp_ajax_ss_license_clearincludes/ajax-handlers.php:34
authwp_ajax_ss_get_reportincludes/ajax-handlers.php:35
authwp_ajax_ss_xmlrpc_modeincludes/security-checks.php:25
authwp_ajax_ss_probe_xmlrpcincludes/security-checks.php:26
authwp_ajax_ss_xmlrpc_modesilo-scope.php:92
authwp_ajax_ss_probe_xmlrpcsilo-scope.php:133
authwp_ajax_ss_get_site_reportsilo-scope.php:665
authwp_ajax_ss_update_pluginsilo-scope.php:675
authwp_ajax_ss_toggle_pluginsilo-scope.php:676
authwp_ajax_ss_headers_basic_savesilo-scope.php:680
authwp_ajax_ss_indexing_setsilo-scope.php:685
authwp_ajax_ss_regenerate_tokensilo-scope.php:688
authwp_ajax_ss_clear_attemptssilo-scope.php:689
authwp_ajax_ss_save_securitysilo-scope.php:692
authwp_ajax_ss_license_savesilo-scope.php:694
authwp_ajax_ss_license_clearsilo-scope.php:695
authwp_ajax_ss_plugin_settings_savesilo-scope.php:697
authwp_ajax_ss_send_test_emailsilo-scope.php:698
authwp_ajax_ss_test_policy_endpointsilo-scope.php:699
authwp_ajax_ss_toggle_recommendationssilo-scope.php:701
WordPress Hooks 15
filterxmlrpc_enabledincludes/security-checks.php:24
filterxmlrpc_enabledsilo-scope.php:84
actioninitsilo-scope.php:186
actionplugins_loadedsilo-scope.php:397
actionrest_api_initsilo-scope.php:659
actionadmin_menusilo-scope.php:660
actionadmin_initsilo-scope.php:661
actionadmin_initsilo-scope.php:662
actionadmin_enqueue_scriptssilo-scope.php:664
actionss_cleanupsilo-scope.php:671
actionsend_headerssilo-scope.php:683
actioncurrent_screensilo-scope.php:706
filteradmin_footer_textsilo-scope.php:714
filterupdate_footersilo-scope.php:715
actionplugins_loadedsilo-scope.php:5208

Scheduled Events 1

ss_cleanup
Maintenance & Trust

Silo Scope Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 10, 2026
PHP min version7.4
Downloads182

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Silo Scope Alternatives

DiveWP – Boost Site Performance with Clear, Actionable Steps

DiveWP – Boost Site Performance with Clear, Actionable Steps

divewp-boost-site-performance

A
100

Learn WP Best Practices Through Your Own Site! Get clear insights about Performance, Security, and Best Practices – explained in plain English.

200 No CVEs
Watchman Tower

Watchman Tower

watchman-tower

A
100

Centralized WordPress monitoring for agencies. Track uptime, performance, SSL, and site health across multiple client sites.

10 No CVEs
HealthSweep Site Monitor – Advanced Site Health & Performance Tools

HealthSweep Site Monitor – Advanced Site Health & Performance Tools

healthsweep-site-monitor

A
100

Advanced WordPress Site Health, performance, security, cleanup, snapshots, alerts, and local speed benchmarking for admins.

0 No CVEs
SW Site Doctor

SW Site Doctor

sw-site-doctor

A
100

Scan your WordPress site for security risks, speed issues, and migration problems. Free with PageSpeed integration.

0 No CVEs
Jetpack – WP Security, Backup, Speed, & Growth

Jetpack – WP Security, Backup, Speed, & Growth

jetpack

A
87

Improve your WP security with powerful one-click tools like backup, WAF, and malware scan. Includes free tools like stats, CDN and social sharing.

3.0M 24 CVEs
Developer Profile

Silo Scope Developer Profile

Epsiloncool

9 plugins · 1K total installs

93
trust score
Avg Security Score
90/100
Avg Patch Time
6 days
View full developer profile
Detection Fingerprints

How We Detect Silo Scope

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/silo-scope/build/report.css/wp-content/plugins/silo-scope/build/admin.css/wp-content/plugins/silo-scope/build/admin.js
Script Paths
/wp-content/plugins/silo-scope/build/report.js/wp-content/plugins/silo-scope/build/admin.js
Version Parameters
silo-scope/build/report.css?ver=silo-scope/build/report.js?ver=silo-scope/build/admin.css?ver=silo-scope/build/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
silo-scope-reportss-admin-content
HTML Comments
<!-- SS: Fatal error capture (shutdown handler) --><!-- Single source of truth for Scope version: read from header. --><!-- SCOPE_VERSION is used by Fleet plugin to check dependency --><!-- Fleet-specific files (loaded by Scope Fleet plugin when active) -->+18 more
Data Attributes
data-nonce="ss-update"
JS Globals
SiloScopeAdminss_ajax_object
REST Endpoints
/wp-json/silo-scope/v1/settings/wp-json/silo-scope/v1/report
FAQ

Frequently Asked Questions about Silo Scope