WP-Safety

Tweak Hidden Options Security & Risk Analysis

wordpress.org/plugins/tweak-hidden-options

Tweak Hidden Options is a safe and easy-to-use way to modify, tweak, and change various hidden options within WordPress.

10 active installs v1.01 PHP + WP 3.0.1+ Updated Dec 12, 2015
configconfigurationgzipoptions
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Tweak Hidden Options Safe to Use in 2026?

Generally Safe

Score 85/100

Tweak Hidden Options has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago
Risk Assessment

The "tweak-hidden-options" v1.01 plugin presents a mixed security posture. On the positive side, the plugin demonstrates good practices by exclusively using prepared statements for any SQL queries and includes a nonce check. Furthermore, there is no recorded vulnerability history, suggesting a generally stable and secure development.

Key Concerns

  • Outputs are not properly escaped
  • Taint flows with unsanitized paths found
  • No capability checks on entry points
Vulnerabilities
None known

Tweak Hidden Options Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Tweak Hidden Options Release Timeline

v1.01Current
Code Analysis
Analyzed Apr 16, 2026

Tweak Hidden Options Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
8
0 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

0% escaped8 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
tho_display_options_page (options-page.php:26)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Tweak Hidden Options Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 4
actioninitoptions-functions.php:5
filterplugin_row_metaoptions-functions.php:52
actionadmin_menuoptions-page.php:21
actionadmin_headoptions-page.php:74
Maintenance & Trust

Tweak Hidden Options Maintenance & Trust

Maintenance Signals

WordPress version tested4.4.34
Last updatedDec 12, 2015
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Tweak Hidden Options Alternatives

Theme Configurator

Theme Configurator

theme-configurator

A
85

theme-configurator is the easiest and most elegant way to add customized options pages to your Wordpress theme. No coding required!

10 No CVEs
Product Configurations Table

Product Configurations Table

product-configurations-table

A
100

Displays product options as a table with selectable values.

0 No CVEs
Public Post Preview Configurator

Public Post Preview Configurator

public-post-preview-configurator

A
85

Enables you to configure the 'public post preview' plugin with a user interface.

10K No CVEs
Seers Ai | Consent Management Platform (Easy to set up GDPR/CCPA Compliant Cookie Consent)

Seers Ai | Consent Management Platform (Easy to set up GDPR/CCPA Compliant Cookie Consent)

seers-cookie-consent-banner-privacy-policy

A
99

Smart, AI-powered 1-click setup to comply with GDPR, CCPA, TIPA, MCDPA, DUA and global data privacy laws. Simple, effective, and future-ready.

1K 2 CVEs
WP Sitemaps Config

WP Sitemaps Config

wp-sitemaps-config

A
100

Configure all XML sitemaps generated by the WordPress core with ease

700 No CVEs
Developer Profile

Tweak Hidden Options Developer Profile

Miina Sikk

10 plugins · 8K total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Tweak Hidden Options

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Tweak Hidden Options