Site Health Tool Manager Security & Risk Analysis
wordpress.org/plugins/site-health-tool-managerEasily control which tests appear in the the Site Health Tool
Is Site Health Tool Manager Safe to Use in 2026?
Generally Safe
Score 85/100Site Health Tool Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "site-health-tool-manager" v1.1 plugin exhibits a strong security posture based on the provided static analysis. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events with unprotected entry points significantly limits its attack surface. The code signals further reinforce this, showing no dangerous functions, all SQL queries using prepared statements, and a reasonable output escaping rate. The presence of nonce and capability checks, although minimal, is a positive sign. The taint analysis reveals no unsanitized paths or critical/high severity flows, indicating the developers have likely considered input validation. The vulnerability history being completely clean further supports a low-risk profile for this plugin.
While the current analysis indicates a very secure plugin, the limited scope of analysis (only 2 taint flows analyzed) might mean some edge cases are not uncovered. The 67% proper output escaping, while decent, could be improved to 100% to mitigate potential XSS vulnerabilities in the remaining cases. However, given the overall lack of critical findings and the clean history, the plugin appears well-developed from a security perspective.
Key Concerns
- Output escaping not fully implemented
Site Health Tool Manager Security Vulnerabilities
Site Health Tool Manager Code Analysis
Output Escaping
Data Flow Analysis
Site Health Tool Manager Attack Surface
WordPress Hooks 3
Maintenance & Trust
Site Health Tool Manager Maintenance & Trust
Maintenance Signals
Community Trust
Site Health Tool Manager Alternatives
Scout Checkr
scout-checkr
Manage and observe multiple Wordpress sites you manage in one comfortable view. Best way to be updated about your Site Health status you can monitor …
LightStart – Maintenance Mode, Coming Soon and Landing Page Builder
wp-maintenance-mode
Easy Drag & Drop Page Builder that adds a splash page to your site that it's perfect for a coming soon page, maintenance or landing page.
Adminimize
adminimize
Adminimize that lets you hide 'unnecessary' items from the WordPress backend
Performance Lab
performance-lab
Performance plugin from the WordPress Performance Team, which is a collection of standalone performance features.
Remove Dashboard Access
remove-dashboard-access-for-non-admins
Disable Dashboard access for users of a specific role or capability. Disallowed users are redirected to a chosen URL. Get set up in seconds.
Site Health Tool Manager Developer Profile
1 plugin · 2K total installs
How We Detect Site Health Tool Manager
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
HTML / DOM Fingerprints
wrapnoticenotice-successis-dismissiblenotice-errorname="checked[]"id="widget-setting"name="widget"name="submit"value="Save Settings"name="shtm-disable-tests-nonce"