WP-Safety

WordPress Beta Tester Security & Risk Analysis

wordpress.org/plugins/wordpress-beta-tester

Allows you to easily upgrade for testing the next versions of WordPress.

2K active installs v4.0.0 PHP 5.6+ WP 4.9+ Updated Nov 7, 2025
advancedbetatesting
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WordPress Beta Tester Safe to Use in 2026?

Generally Safe

Score 100/100

WordPress Beta Tester has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The wordpress-beta-tester plugin v4.0.0 exhibits a strong security posture based on the provided static analysis. The complete absence of dangerous functions, raw SQL queries, and unsanitized taint flows is a significant strength. The code correctly utilizes prepared statements for all SQL queries and ensures all output is properly escaped, minimizing risks of injection attacks and cross-site scripting (XSS). Furthermore, the presence of nonce checks and capability checks on its entry points indicates a commitment to secure access control. The plugin also demonstrates good practice by avoiding bundled libraries and performing file operations securely (none detected). The lack of any historical vulnerabilities, including critical or high severity ones, further reinforces its current secure state.

While the plugin scores highly on many security metrics, a minor area of consideration is the single external HTTP request. Although not inherently a vulnerability, such requests can become a vector for attacks if the external resource is compromised or if data is transmitted insecurely. The limited number of entry points and the fact that none are found to be unprotected is excellent. In conclusion, this version of wordpress-beta-tester appears to be very secure, with no immediate critical or high-severity risks identified in the static analysis or its vulnerability history. The diligent use of security best practices in its code is commendable.

Key Concerns

  • External HTTP request detected
Vulnerabilities
None known

WordPress Beta Tester Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

WordPress Beta Tester Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
56 escaped
Nonce Checks
5
Capability Checks
2
File Operations
0
External Requests
1
Bundled Libraries
0

Output Escaping

100% escaped56 total outputs
Attack Surface

WordPress Beta Tester Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 27
actioninitsrc\WPBT\WPBT_Bootstrap.php:113
filterwp_beta_tester_add_settings_tabssrc\WPBT\WPBT_Core.php:47
actionwp_beta_tester_add_settingssrc\WPBT\WPBT_Core.php:48
actionwp_beta_tester_add_admin_pagesrc\WPBT\WPBT_Core.php:49
actionwp_beta_tester_update_settingssrc\WPBT\WPBT_Core.php:50
filterwp_beta_tester_save_redirectsrc\WPBT\WPBT_Core.php:126
filterwp_sprintf_lsrc\WPBT\WPBT_Core.php:338
filterwp_beta_tester_add_settings_tabssrc\WPBT\WPBT_Extras.php:58
actionwp_beta_tester_add_settingssrc\WPBT\WPBT_Extras.php:59
actionwp_beta_tester_add_admin_pagesrc\WPBT\WPBT_Extras.php:60
actionwp_beta_tester_update_settingssrc\WPBT\WPBT_Extras.php:61
filterwp_beta_tester_save_redirectsrc\WPBT\WPBT_Extras.php:149
filterauto_core_update_send_emailsrc\WPBT\WPBT_Extras.php:206
actioncurrent_screensrc\WPBT\WPBT_Help.php:21
actionadmin_initsrc\WPBT\WPBT_Settings.php:66
actionnetwork_admin_edit_wp_beta_testersrc\WPBT\WPBT_Settings.php:68
actionadmin_initsrc\WPBT\WPBT_Settings.php:69
actionadmin_head-plugins.phpsrc\WPBT\WPBT_Settings.php:74
actionadmin_head-update-core.phpsrc\WPBT\WPBT_Settings.php:75
actionupdate_option_wp_beta_tester_streamsrc\WPBT\WP_Beta_Tester.php:57
filtercore_version_check_query_argssrc\WPBT\WP_Beta_Tester.php:66
filterupdate_footersrc\WPBT\WP_Beta_Tester.php:86
actionwp_dashboard_setupsrc\WPBT\WP_Beta_Tester.php:90
actionwp_network_dashboard_setupsrc\WPBT\WP_Beta_Tester.php:91
actionupgrader_process_completesrc\WPBT\WP_Beta_Tester.php:94
filterpre_site_transient_update_coresrc\WPBT\WP_Beta_Tester.php:399
actionplugins_loadedwp-beta-tester.php:35
Maintenance & Trust

WordPress Beta Tester Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedNov 7, 2025
PHP min version5.6
Downloads540K

Community Trust

Rating80/100
Number of ratings47
Active installs2K
Alternatives

WordPress Beta Tester Alternatives

VK Plugin Beta Tester

VK Plugin Beta Tester

vk-plugin-beta-tester

A
100

VK Plugin Beta Tester is derived from "Plugin Beta Tester" WordPress Plugin, created by mitcho (Michael Yoshitaka Erlewine) Copyright 2013.

10 No CVEs
Beta Flags … now with A/B Testing!

Beta Flags … now with A/B Testing!

beta-flags

A
85

Thanks to: James Williams, whose plugin inspired this one (https://github.com/jamesrwilliams/feature-flags)

0 No CVEs
WP Reset

WP Reset

wp-reset

A
89

WP Reset resets the entire site or selected parts using advanced reset options to default values. 100% safe to use with built-in restore function.

300K 6 CVEs
ACF Content Analysis for Yoast SEO

ACF Content Analysis for Yoast SEO

acf-content-analysis-for-yoast-seo

A
100

WordPress plugin that adds the content of all ACF fields to the Yoast SEO score analysis.

100K No CVEs
Advanced Custom Fields: Font Awesome Field

Advanced Custom Fields: Font Awesome Field

advanced-custom-fields-font-awesome

A
99

Adds a new 'Font Awesome Icon' field to the popular Advanced Custom Fields plugin.

100K 1 CVE
Developer Profile

WordPress Beta Tester Developer Profile

Andy Fragen

12 plugins · 43K total installs

76
trust score
Avg Security Score
96/100
Avg Patch Time
356 days
View full developer profile
Detection Fingerprints

How We Detect WordPress Beta Tester

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about WordPress Beta Tester