WP-Safety

WasiTools Security & Risk Analysis

wordpress.org/plugins/wasitools

A lightweight admin toolbox: duplicate posts, disable comments, maintenance mode, body class, cron jobs, and more — all in one place.

0 active installs v1.3.0 PHP 8.2+ WP 6.9+ Updated Apr 1, 2026
admintoolboxtoolkittoolsutilities
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is WasiTools Safe to Use in 2026?

Generally Safe

Score 100/100

WasiTools has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "wasitools" v1.3.0 plugin exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of any recorded CVEs, critical taint flows, dangerous functions, raw SQL queries, or unsanitized paths is highly positive. The code demonstrates robust use of prepared statements for SQL queries, comprehensive output escaping, and a significant number of nonce and capability checks, indicating developers have implemented good security practices.

However, a few minor points warrant attention. The presence of two AJAX handlers without explicit authentication checks, while not directly flagged as a vulnerability in the taint analysis, represents an potential attack vector if these handlers perform sensitive operations. While the total attack surface is small and appears to be protected by other WordPress mechanisms, it's always best practice to explicitly check capabilities for all AJAX endpoints. The file operation, while not specified as problematic, could be a point of concern depending on its nature and if it involves user-controlled input.

Overall, "wasitools" v1.3.0 appears to be a secure plugin with a minimal risk profile. The lack of past vulnerabilities and the strong adherence to secure coding practices in the current version are commendable. The primary area for improvement would be to ensure explicit authentication and authorization checks are in place for all AJAX handlers, even if they are currently deemed protected by broader WordPress security measures.

Key Concerns

  • AJAX handlers without explicit auth checks
Vulnerabilities
None known

WasiTools Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

WasiTools Release Timeline

v1.3.0Current
Code Analysis
Analyzed Apr 16, 2026

WasiTools Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
826 escaped
Nonce Checks
23
Capability Checks
35
File Operations
1
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped826 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

4 flows
<Wasitools> (classes/Wasitools.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

WasiTools Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

authwp_ajax_wasitools_duplicate_postclasses/wasitools_DuplicatePost.php:40
authwp_ajax_wasitools_bulk_duplicate_postclasses/wasitools_DuplicatePost.php:42
WordPress Hooks 63
actionadmin_post_wasitools_generalclasses/Wasitools.php:56
actionadmin_post_wasitools_uninstallclasses/Wasitools.php:57
actioninitclasses/Wasitools.php:59
actionshutdownclasses/Wasitools.php:61
actionadmin_menuclasses/Wasitools.php:67
actionadmin_enqueue_scriptsclasses/Wasitools.php:69
actionadmin_enqueue_scriptsclasses/Wasitools.php:71
actionadmin_noticesclasses/Wasitools.php:73
actionadmin_menuclasses/wasitools_AdminMenu.php:33
actionadmin_menuclasses/wasitools_AdminMenu.php:34
actionadmin_post_wasitools_admin_menuclasses/wasitools_AdminMenu.php:36
actioninitclasses/wasitools_BodyClass.php:36
actionadd_meta_boxesclasses/wasitools_BodyClass.php:37
actionsave_postclasses/wasitools_BodyClass.php:38
actionenqueue_block_editor_assetsclasses/wasitools_BodyClass.php:39
filterbody_classclasses/wasitools_BodyClass.php:40
filteruse_block_editor_for_post_typeclasses/wasitools_ClassicEditor.php:30
actionmedia_buttonsclasses/wasitools_ClassicEditor.php:31
actionadmin_post_wasitools_classic_editorclasses/wasitools_ClassicEditor.php:33
actionadmin_menuclasses/wasitools_CronJobs.php:28
actionadmin_post_wasitools_cron_jobsclasses/wasitools_CronJobs.php:30
actioninitclasses/wasitools_Debugging.php:29
actionwasitools_test_cronjobclasses/wasitools_Debugging.php:30
actionadmin_noticesclasses/wasitools_Debugging.php:31
actionadmin_post_wasitools_debuggingclasses/wasitools_Debugging.php:33
filtercomments_openclasses/wasitools_DisableComments.php:30
filterpings_openclasses/wasitools_DisableComments.php:31
filterget_comments_numberclasses/wasitools_DisableComments.php:34
actioninitclasses/wasitools_DisableComments.php:37
actionadmin_initclasses/wasitools_DisableComments.php:40
actionadmin_menuclasses/wasitools_DisableComments.php:43
actionadmin_bar_menuclasses/wasitools_DisableComments.php:46
actionenqueue_block_editor_assetsclasses/wasitools_DisableComments.php:49
actionadd_meta_boxesclasses/wasitools_DisableComments.php:52
filtermanage_posts_columnsclasses/wasitools_DisableComments.php:196
filtermanage_pages_columnsclasses/wasitools_DisableComments.php:197
filtermanage_media_columnsclasses/wasitools_DisableComments.php:198
filterpage_row_actionsclasses/wasitools_DuplicatePost.php:34
filterpost_row_actionsclasses/wasitools_DuplicatePost.php:35
filtermedia_row_actionsclasses/wasitools_DuplicatePost.php:36
actionadmin_action_wasitools_duplicate_postclasses/wasitools_DuplicatePost.php:38
actionenqueue_block_editor_assetsclasses/wasitools_DuplicatePost.php:44
actionpost_submitbox_misc_actionsclasses/wasitools_DuplicatePost.php:46
filterattachment_fields_to_editclasses/wasitools_DuplicatePost.php:48
filterbulk_actions-uploadclasses/wasitools_DuplicatePost.php:53
filterhandle_bulk_actions-uploadclasses/wasitools_DuplicatePost.php:54
actionadmin_enqueue_scriptsclasses/wasitools_DuplicatePost.php:62
actionadmin_post_wasitools_duplicate_postclasses/wasitools_DuplicatePost.php:64
actiontemplate_redirectclasses/wasitools_MaintenanceMode.php:34
actionadmin_bar_menuclasses/wasitools_MaintenanceMode.php:36
actionadmin_action_wasitools_toggle_maintenanceclasses/wasitools_MaintenanceMode.php:38
actionadmin_enqueue_scriptsclasses/wasitools_MaintenanceMode.php:40
actionwp_enqueue_scriptsclasses/wasitools_MaintenanceMode.php:41
actionadmin_enqueue_scriptsclasses/wasitools_MaintenanceMode.php:43
actionadmin_post_wasitools_maintenance_modeclasses/wasitools_MaintenanceMode.php:45
filterwp_robotsclasses/wasitools_MaintenanceMode.php:221
filterrender_blockclasses/wasitools_MaintenanceMode.php:230
actionwp_enqueue_scriptsclasses/wasitools_MaintenanceMode.php:241
filterpage_row_actionsclasses/wasitools_RowActions.php:34
filterpost_row_actionsclasses/wasitools_RowActions.php:35
filtermedia_row_actionsclasses/wasitools_RowActions.php:36
filtercomment_row_actionsclasses/wasitools_RowActions.php:37
actionadmin_post_wasitools_row_actionsclasses/wasitools_RowActions.php:39

Scheduled Events 2

wasitools_test_cronjob
wasitools_test_cronjob
Maintenance & Trust

WasiTools Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 1, 2026
PHP min version8.2
Downloads75

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

WasiTools Alternatives

Foxdell Folio Taxonomy Toolkit

Foxdell Folio Taxonomy Toolkit

foxdell-folio-taxonomy-toolkit

A
85

Have finer control over your taxonomies so that you can have better organisation of your posts by using taxonomies other than just Categories and Tags &hellip;

10 No CVEs
Yuva Testing Utilities

Yuva Testing Utilities

yuva-testing-utilities

A
100

A small collection of developer utilities for faster WordPress testing on local or staging environments.

0 No CVEs
WPS Bidouille

WPS Bidouille

wps-bidouille

A
96

WPS Bidouille provides information about your WordPress and contains optimization tools.

10K 2 CVEs
Store Toolkit – WooCommerce Extensions, Quick Enhancements & Handy Tools

Store Toolkit – WooCommerce Extensions, Quick Enhancements & Handy Tools

woocommerce-store-toolkit

A
93

A huge set of Quick Enhancements and Handy Tools for WooCommerce – the ultimate WooCommerce booster!

8K 4 CVEs
Admin Tools

Admin Tools

admin-tools

A
85

Admin Tools Helps you to get better admin for your customers. Manage your menus, plugins, Top Bar, updates and more

4K No CVEs
Developer Profile

WasiTools Developer Profile

Holger Wassenhoven

3 plugins · 120 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect WasiTools

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wasitools/assets/css/admin.css/wp-content/plugins/wasitools/assets/css/admin_widget.css/wp-content/plugins/wasitools/assets/css/frontend.css/wp-content/plugins/wasitools/assets/js/admin.js/wp-content/plugins/wasitools/assets/js/admin_widget.js/wp-content/plugins/wasitools/assets/js/frontend.js/wp-content/plugins/wasitools/assets/js/uninstall.js
Script Paths
/wp-content/plugins/wasitools/assets/js/admin.js/wp-content/plugins/wasitools/assets/js/admin_widget.js/wp-content/plugins/wasitools/assets/js/frontend.js/wp-content/plugins/wasitools/assets/js/uninstall.js
Version Parameters
wasitools/assets/css/admin.css?ver=wasitools/assets/css/admin_widget.css?ver=wasitools/assets/css/frontend.css?ver=wasitools/assets/js/admin.js?ver=wasitools/assets/js/admin_widget.js?ver=wasitools/assets/js/frontend.js?ver=wasitools/assets/js/uninstall.js?ver=

HTML / DOM Fingerprints

CSS Classes
wasitools-admin-noticewasitools-admin-widget
HTML Comments
<!-- WasiTools Main Settings Page --><!-- WasiTools Admin Widget --><!-- WasiTools Widget Wrapper -->
Data Attributes
data-wasitools-iddata-wasitools-noncedata-wasitools-action
JS Globals
wasitools_admin_widget_vars
FAQ

Frequently Asked Questions about WasiTools