Does Site Stats Dashboard have any unpatched vulnerabilities?

No. All known vulnerabilities in Site Stats Dashboard have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Site Stats Dashboard compatible with WordPress 6.7.5?

According to WordPress.org data, Site Stats Dashboard 1.0 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Site Stats Dashboard compatible with PHP 7.2+?

Site Stats Dashboard requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Site Stats Dashboard updated?

Site Stats Dashboard was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Site Stats Dashboard's security score?

Site Stats Dashboard has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Site Stats Dashboard Security & Risk Analysis

wordpress.org/plugins/site-stats-dashboard

Simple dashboard that displays site statistics (post count, comment count, visit count) in the admin panel.

0 active installs v1.0 PHP 7.2+ WP 5.2+ Updated Unknown

commentsdashboardpostsstatsvisits

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Site Stats Dashboard Safe to Use in 2026?

Generally Safe

Score 100/100

Site Stats Dashboard has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "site-stats-dashboard" plugin v1.0 exhibits a strong security posture based on the provided static analysis. The absence of dangerous functions, file operations, and external HTTP requests is commendable. Crucially, all SQL queries are prepared, and all output is properly escaped, mitigating common web vulnerabilities like SQL injection and Cross-Site Scripting (XSS). The plugin also demonstrates good practice by implementing a capability check for its single REST API route, and the limited attack surface with no unprotected entry points is a significant strength.

The analysis shows no reported vulnerabilities in its history, which, combined with the current static analysis findings, suggests a well-developed and secure plugin. There are no identified critical or high severity taint flows, and the limited scope of the plugin (indicated by zero shortcodes, cron events, and AJAX handlers) further reduces potential attack vectors.

However, the lack of any nonce checks, even with a capability check present on the REST API, could be a minor concern if the REST API were to become more complex or handle user-supplied data in a way that could be exploited by timing attacks or other advanced techniques. Despite this, the overall security of the plugin appears robust, with no immediate critical risks identified.

Key Concerns

Missing nonce checks

Vulnerabilities

None known

Site Stats Dashboard Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Site Stats Dashboard Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Site Stats Dashboard Attack Surface

Entry Points1

Unprotected0

REST API Routes 1

GET/wp-json/ssds/v1/statssite-stats-dashboard.php:85

WordPress Hooks 4

actionadmin_menusite-stats-dashboard.php:47

actionadmin_enqueue_scriptssite-stats-dashboard.php:80

actionrest_api_initsite-stats-dashboard.php:94

actionwpsite-stats-dashboard.php:124

Maintenance & Trust

Site Stats Dashboard Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedUnknown

PHP min version7.2

Downloads299

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Site Stats Dashboard Alternatives

Most Read Posts in XX days

most-read-posts-in-xx-days

A simple plugin that counts and shows hits for each Post and Page in your WordPress blog.

300 No CVEs

WP Comment Stats

wp-comment-stats

Shows detailed stats of your WordPress comments based on original plugin 'Comment Stats' - https://wordpress.org/plugins/comment-stats/

10 No CVEs

WP Year End Stats

wp-yearendstats

100

Displays fancy stats about your blog which you can include in your year end review posts.

10 No CVEs

ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin)

google-analytics-dashboard-for-wp

Connects Google Analytics with your WordPress site. Displays stats to help you understand your users and site content on a whole new level!

300K 5 CVEs

No Page Comment

no-page-comment

An admin interface to control the default comment and trackback settings on new posts, pages and custom post types.

10K 2 CVEs

Developer Profile

Site Stats Dashboard Developer Profile

szatek

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Site Stats Dashboard

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/site-stats-dashboard/assets/js/site-stats-dashboard-admin.js/wp-content/plugins/site-stats-dashboard/assets/css/site-stats-dashboard-admin.css

Script Paths

assets/js/site-stats-dashboard-admin.js

Version Parameters

site-stats-dashboard/assets/css/site-stats-dashboard-admin.css?ver=site-stats-dashboard/assets/js/site-stats-dashboard-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

wrapdashicons-chart-bar

HTML Comments

Data Attributes

id="ssds-react-app"

JS Globals

ssdsData

REST Endpoints

/wp-json/ssds/v1/stats

FAQ