Does Feature Flipper have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Feature Flipper compatible with WordPress 6.8.5?

According to WordPress.org data, Feature Flipper 2.0.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Feature Flipper compatible with PHP 7.4+?

Feature Flipper requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Feature Flipper updated?

Feature Flipper was last updated on Aug 23, 2025. Frequent updates are generally a positive security signal.

What is Feature Flipper's security score?

Feature Flipper has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Feature Flipper Security & Risk Analysis

wordpress.org/plugins/syntatis-feature-flipper

Disable Comments, Gutenberg, Emojis, and other features you don't need in WordPress

20 active installs v2.0.0 PHP 7.4+ WP 6.4+ Updated Aug 23, 2025

admincommentssecuritytweaksupdates

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Feature Flipper Safe to Use in 2026?

Generally Safe

Score 100/100

Feature Flipper has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8mo ago

Risk Assessment

The static analysis of syntatis-feature-flipper v2.0.0 reveals a strong security posture from a code perspective. The plugin exhibits excellent practices by having zero unprotected entry points across AJAX handlers, REST API routes, shortcodes, and cron events. All identified SQL queries are properly prepared, and all output is correctly escaped, mitigating common injection and cross-site scripting (XSS) risks. The absence of file operations and external HTTP requests further reduces the attack surface. The single nonce check suggests a potential area for review, though its absence across all other entry points is covered by the lack of those entry points themselves.

Key Concerns

Only 1 nonce check found.

Vulnerabilities

None known

Feature Flipper Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Feature Flipper Release Timeline

v2.0.0Current

v1.9.5

v1.9.4

v1.9.3

v1.9.2

v1.9.1

v1.9.0

v1.8.2

v1.8.1

v1.8.0

v1.7.1

v1.7.0

v1.6.0

v1.5.1

v1.5.0

v1.4.1

v1.4.0

v1.3.0

v1.2.1

v1.2.0

Code Analysis

Analyzed Apr 16, 2026

Feature Flipper Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

25 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared3 total queries

Output Escaping

100% escaped25 total outputs

Attack Surface

Feature Flipper Attack Surface

Entry Points0

Unprotected0

Maintenance & Trust

Feature Flipper Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 23, 2025

PHP min version7.4

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

Feature Flipper Alternatives

InfiniteWP Client

iwp-client

Install this plugin on unlimited sites and manage them all from a central dashboard. This plugin communicates with your InfiniteWP Admin Panel.

200K 7 CVEs

AdminEase

adminease

100

Boosts your WordPress admin with tools for updates, security, performance, and user management - no coding required.

30 No CVEs

Digest Notifications

digest

Get a daily, weekly, or monthly digest of what's happening on your site instead of receiving a single email each time.

20 No CVEs

SK Notice Hider

sk-notice-hider

100

Control WordPress notifications and automatic updates. Hide admin notices, update emails, and manage core updates.

0 No CVEs

Loginizer

loginizer

Loginizer is a WordPress security plugin which helps you fight against bruteforce attacks.

1.0M 8 CVEs

Developer Profile

Feature Flipper Developer Profile

Thoriq Firdaus

2 plugins · 40 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Feature Flipper

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/syntatis-feature-flipper/dist/assets/admin-bar/index.css/wp-content/plugins/syntatis-feature-flipper/dist/assets/admin-bar/index.js

Script Paths

/wp-content/plugins/syntatis-feature-flipper/inc/bootstrap/app.php

Version Parameters

syntatis-feature-flipper/dist/assets/admin-bar/index.asset.phpsyntatis-feature-flipper/dist/assets/admin-bar/index.csssyntatis-feature-flipper/dist/assets/admin-bar/index.js

HTML / DOM Fingerprints

CSS Classes

with-avatarno-avatar

Data Attributes

data-inline

JS Globals

wp.environmentTypewp.adminBarMenu

REST Endpoints

/wp-json/wp/v2/comments

FAQ