WP Help Security & Risk Analysis
wordpress.org/plugins/wp-helpSite operators can create detailed, hierarchical documentation for the site's authors, editors, and contributors, viewable in the WordPress admin …
Is WP Help Safe to Use in 2026?
Generally Safe
Score 92/100WP Help has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'wp-help' plugin version 1.7.5 exhibits a generally strong security posture, as indicated by the absence of known vulnerabilities and a robust implementation of security best practices within its code. The static analysis reveals no dangerous functions, all SQL queries are properly prepared, and a high percentage of output is correctly escaped. Furthermore, the plugin incorporates a significant number of nonce and capability checks, contributing to a secure handling of its limited entry points. The taint analysis also shows promising results with no critical or high severity unsanitized flows.
However, a minor concern arises from the presence of one unsanitized path identified in the taint analysis, though its severity is not explicitly stated as critical or high. The single file operation and external HTTP request, while not inherently risky, warrant careful consideration as potential vectors if not meticulously handled. The plugin's vulnerability history, being entirely clear, is a significant strength, suggesting a proactive approach to security or a low historical attack profile. Overall, 'wp-help' v1.7.5 appears to be a secure plugin, with its primary strength being its lack of historical and active exploitable issues. The slight concern around the unsanitized path should be investigated further to confirm its impact.
Key Concerns
- Unsanitized path in taint analysis
- File operation without clear context
- External HTTP request without clear context
WP Help Security Vulnerabilities
WP Help Code Analysis
Output Escaping
Data Flow Analysis
WP Help Attack Surface
WordPress Hooks 1
Maintenance & Trust
WP Help Maintenance & Trust
Maintenance Signals
Community Trust
WP Help Alternatives
Help Manager
help-manager
Create documentation for the site's authors, editors, and contributors viewable in the WordPress admin and avoid repeated "how-to" questions.
Back End Instructions
back-end-instructions
Plugin for WordPress developers to provide easy "how to use" instructions to their clients.
Admin Documentation
admin-documentation
Adds a simple documentation page to your WordPress admin to keep instructions, notes, and other helpful information for maintaining your website.
WP Help Docs
ilab-docs
Directly integrate markdown based help documentation for your WordPress theme or plugin into the WordPress admin for your end users and clients.
SimpleDocs – Documentation and Knowledge Base
simpledocs
A powerful, theme-friendly documentation system that works out of the box—no bloat, no JS, just clean, structured, and styled docs.
WP Help Developer Profile
29 plugins · 176K total installs
How We Detect WP Help
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/wp-help/dist/block-editor.js/wp-content/plugins/wp-help/dist/block-editor.jswp-help/dist/block-editor.asset.php?ver=wp-help/dist/block-editor.js?ver=HTML / DOM Fingerprints
data-type="wp-help-document"wp_help_editor_settings/wp-json/wp/v2/wp-help