WP-Safety

Simple Time to Read LSC Security & Risk Analysis

wordpress.org/plugins/simple-time-to-read-lsc

Add an estimated reading time to your WordPress posts, pages, or custom post types. Lightweight, customizable, and easy to use.

0 active installs v1.0.0 PHP 8.0+ WP 5.6+ Updated Unknown
content-timerestimated-reading-timepost-read-timereadabilityreading-time
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Simple Time to Read LSC Safe to Use in 2026?

Generally Safe

Score 100/100

Simple Time to Read LSC has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The "simple-time-to-read-lsc" plugin v1.0.0 demonstrates a generally strong security posture based on the provided static analysis. The absence of dangerous functions, file operations, and external HTTP requests, coupled with a 100% use of prepared statements for SQL queries, are significant strengths. Furthermore, the presence of nonce and capability checks on entry points (AJAX handlers, REST API routes, shortcodes) indicates good development practices in preventing unauthorized access and actions. The 100% output escaping for observed outputs is also a positive indicator, reducing the risk of cross-site scripting (XSS) vulnerabilities. The lack of any recorded CVEs or past vulnerabilities further contributes to its current perceived security.

However, the static analysis does reveal a minor area of concern: 10% of the 100 total outputs are not properly escaped. While this is a relatively small percentage, it still represents a potential avenue for XSS vulnerabilities if not addressed. The absence of any taint analysis results is not necessarily an indication of security, but rather that no such flows were identified or analyzed by the tool. Overall, the plugin appears to be developed with security in mind, but the small percentage of unescaped outputs warrants attention for a complete security assurance.

Key Concerns

  • Outputs not properly escaped
Vulnerabilities
None known

Simple Time to Read LSC Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Simple Time to Read LSC Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
10
90 escaped
Nonce Checks
1
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

90% escaped100 total outputs
Attack Surface

Simple Time to Read LSC Attack Surface

Entry Points2
Unprotected0

REST API Routes 1

GET/wp-json/simple-time-to-read-lsc/v1(?P<id>\d+)includes\apis\SimpleTimeToReadRest.php:62

Shortcodes 1

[sttrlsc_main] includes\SimpleTimeToReadIntegrate.php:56
WordPress Hooks 11
actionadd_meta_boxesincludes\admin\metaboxes\SimpleTimeToReadAbstractMetabox.php:96
actionsave_postincludes\admin\metaboxes\SimpleTimeToReadAbstractMetabox.php:99
actionadmin_menuincludes\admin\options\SimpleTimeToReadAbstractOption.php:57
actionadmin_initincludes\admin\options\SimpleTimeToReadAbstractOption.php:58
actionadmin_enqueue_scriptsincludes\admin\SimpleTimeToReadAdmin.php:82
actionadmin_enqueue_scriptsincludes\admin\SimpleTimeToReadAdmin.php:89
actionrest_api_initincludes\apis\SimpleTimeToReadRest.php:53
actioninitincludes\blocks\SimpleTimeToReadAbstractBlock.php:58
actionwp_enqueue_scriptsincludes\SimpleTimeToReadClass.php:123
actionwp_enqueue_scriptsincludes\SimpleTimeToReadClass.php:130
filterthe_contentincludes\SimpleTimeToReadIntegrate.php:54
Maintenance & Trust

Simple Time to Read LSC Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedUnknown
PHP min version8.0
Downloads178

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Simple Time to Read LSC Alternatives

WP Reading Progress

WP Reading Progress

wp-reading-progress

A
100

Light weight fully customizable reading progress bar. Sticks to top, bottom or sticky menu, with fallback for small screens. Includes ert (beta).

3K No CVEs
LP Estimated Reading Time

LP Estimated Reading Time

lp-estimated-reading-time

A
85

Displays an estimated reading time of your blog posts

50 No CVEs
Sam Reading Time

Sam Reading Time

sam-reading-time

A
100

Display estimated reading time for your posts using a clean shortcode. Includes a lightweight settings panel under the "Posts" menu.

10 No CVEs
Estimated Reading Time Content

Estimated Reading Time Content

estimated-reading-time-content

A
92

Adds a reading time block to posts and pages, with customizable settings and widget support.

0 No CVEs
ReadBar – Smart Reading Time & Dynamic Progress Bar

ReadBar – Smart Reading Time & Dynamic Progress Bar

read-bar

A
100

Add estimated reading time and a dynamic reading progress bar to your WordPress posts and pages to boost content engagement and improve readability.

0 No CVEs
Developer Profile

Simple Time to Read LSC Developer Profile

gurn1

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Simple Time to Read LSC

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/simple-time-to-read-lsc/vendor/lc/sttrlsc/includes/admin/fields/SimpleTimeToReadFieldsRender.php/wp-content/plugins/simple-time-to-read-lsc/vendor/lc/sttrlsc/includes/data/SimpleTimeToReadDataMeta.php/wp-content/plugins/simple-time-to-read-lsc/vendor/lc/sttrlsc/includes/data/SimpleTimeToReadDataOptions.php/wp-content/plugins/simple-time-to-read-lsc/vendor/lc/sttrlsc/includes/data/SimpleTimeToReadDataDefaults.php

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Simple Time to Read LSC