WP-Safety

Value Analysis – Nutzwertanalyse Security & Risk Analysis

wordpress.org/plugins/value-analysis-nutzwertanalyse

Value Analysis - Value Engineering - Nutzwertanalyse

0 active installs v0.11 PHP + WP 5.6+ Updated Unknown
cost-analysisnutzwertanalysepaarvergleichsmethodevalue-analysisvalue-engineering
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Value Analysis – Nutzwertanalyse Safe to Use in 2026?

Generally Safe

Score 100/100

Value Analysis – Nutzwertanalyse has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The 'value-analysis-nutzwertanalyse' plugin v0.11 exhibits a mixed security posture. On the positive side, it demonstrates good practices by having no known CVEs, no bundled libraries, no SQL queries that are not prepared, and no file operations or external HTTP requests. The presence of a nonce check is also a positive sign. However, there are significant areas for improvement. The static analysis reveals that only 10% of the identified 31 output points are properly escaped, indicating a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. Furthermore, the taint analysis shows one flow with unsanitized paths, which, while not flagged as critical or high, still represents a potential weakness. The plugin's vulnerability history is clean, but this could be a result of its limited adoption or insufficient security scrutiny rather than inherent robustness.

Key Concerns

  • Low output escaping rate
  • Unsanitized path taint flow
  • No capability checks on entry points
Vulnerabilities
None known

Value Analysis – Nutzwertanalyse Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Value Analysis – Nutzwertanalyse Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
28
3 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

10% escaped31 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<vave_page> (PHP\vave_page.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Value Analysis – Nutzwertanalyse Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

authwp_ajax_vave_requestPHP\vave_request.php:2
noprivwp_ajax_vave_requestPHP\vave_request.php:3
WordPress Hooks 10
actionwp_enqueue_scriptsinit.php:55
actionadmin_enqueue_scriptsinit.php:56
actionadmin_menuinit.php:63
actionwp_headinit.php:85
actionadmin_headinit.php:86
actionwp_footerinit.php:105
actionadmin_footerinit.php:106
actionplugins_loadedinit.php:115
actioninitPHP\vave_mainPHP.php:60
filtersingle_templatePHP\vave_mainPHP.php:64
Maintenance & Trust

Value Analysis – Nutzwertanalyse Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8
Last updatedUnknown
PHP min version
Downloads848

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Value Analysis – Nutzwertanalyse Alternatives

No alternatives data available yet.

Developer Profile

Value Analysis – Nutzwertanalyse Developer Profile

Severin Roth

3 plugins · 80 total installs

87
trust score
Avg Security Score
90/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Value Analysis – Nutzwertanalyse

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/value-analysis-nutzwertanalyse/CSS/style.css/wp-content/plugins/value-analysis-nutzwertanalyse/CSS/Style/kendo.common-office365.min.css/wp-content/plugins/value-analysis-nutzwertanalyse/CSS/Style/kendo.common.min.css/wp-content/plugins/value-analysis-nutzwertanalyse/JS/kendo.all.min.js/wp-content/plugins/value-analysis-nutzwertanalyse/JS/vave_main.js
Script Paths
/wp-content/plugins/value-analysis-nutzwertanalyse/JS/kendo.all.min.js/wp-content/plugins/value-analysis-nutzwertanalyse/JS/vave_main.js
Version Parameters
value-analysis-nutzwertanalyse/CSS/style.css?ver=value-analysis-nutzwertanalyse/CSS/Style/kendo.common-office365.min.css?ver=value-analysis-nutzwertanalyse/CSS/Style/kendo.common.min.css?ver=value-analysis-nutzwertanalyse/JS/kendo.all.min.js?ver=value-analysis-nutzwertanalyse/JS/vave_main.js?ver=

HTML / DOM Fingerprints

CSS Classes
va-wrappervave_gridvave_staticNotification-sectionvaMainContainer
Data Attributes
id="vave_tabstrip"id="vave_tabDash"id="vave_tabWork"id="vave_tabResult"id="vaMainContainer"
JS Globals
vave_ajaxURLvave_ajaxStatusvave_ajaxStack_ivave_ajaxStack_vsvave_ajaxStack_e
FAQ

Frequently Asked Questions about Value Analysis – Nutzwertanalyse