Does WP Project Essentials have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Project Essentials have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Project Essentials compatible with WordPress 6.1.10?

According to WordPress.org data, WP Project Essentials 1.0.1 has been tested up to WordPress 6.1.10. Check the plugin's changelog for the latest compatibility information.

How often is WP Project Essentials updated?

WP Project Essentials was last updated on Feb 14, 2023. Frequent updates are generally a positive security signal.

What is WP Project Essentials's security score?

WP Project Essentials has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Project Essentials Security & Risk Analysis

wordpress.org/plugins/wp-project-essentials

An essential plugin for WordPress project.

0 active installs v1.0.1 PHP + WP 4.0+ Updated Feb 14, 2023

disable-commentsdisable-plugindisable-postswordpress-adminwp-admin

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is WP Project Essentials Safe to Use in 2026?

Generally Safe

Score 85/100

WP Project Essentials has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The "wp-project-essentials" v1.0.1 plugin exhibits a strong security posture based on the provided static analysis. The plugin demonstrates good practices by having no exposed entry points (AJAX, REST API, shortcodes, cron) without authentication checks, and all SQL queries are secured using prepared statements. The absence of dangerous functions, file operations, and external HTTP requests further contributes to its safety. The presence of nonce and capability checks, despite a relatively small number of outputs, suggests an awareness of secure coding principles.

The taint analysis shows no unsanitized paths or critical/high severity flows, which is highly encouraging. Furthermore, the plugin has a clean vulnerability history with zero known CVEs, indicating a mature and well-maintained codebase. The low number of outputs that are not properly escaped (approximately 26%) is a minor concern but does not appear to be exploited by any identified taint flows. Overall, this plugin appears to be very secure, with no critical or high-risk security issues identified in the static analysis or historical data.

Key Concerns

Output not properly escaped

Vulnerabilities

None known

WP Project Essentials Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

WP Project Essentials Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

58 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

74% escaped78 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

save_options (wp-project-essentials.php:110)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WP Project Essentials Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 24

filteradmin_footer_textincludes\modules\admin-footer-left.php:3

filterupdate_footerincludes\modules\admin-footer-right.php:3

actionadmin_initincludes\modules\disable-comments.php:4

filtercomments_openincludes\modules\disable-comments.php:16

filterpings_openincludes\modules\disable-comments.php:17

filtercomments_arrayincludes\modules\disable-comments.php:23

actionadmin_menuincludes\modules\disable-comments.php:30

actionadmin_initincludes\modules\disable-comments.php:36

actionadmin_initincludes\modules\disable-comments.php:45

actionwp_before_admin_bar_renderincludes\modules\disable-comments.php:51

actionadmin_initincludes\modules\disable-default-dashboard.php:3

actioninitincludes\modules\disable-major-update.php:4

actionadmin_headincludes\modules\disable-major-update.php:20

actioninitincludes\modules\disable-posts.php:3

actionadmin_enqueue_scriptsincludes\modules\enable-custom-dashboard.php:6

actionwp_dashboard_setupincludes\modules\enable-custom-dashboard.php:17

actionwp_loginincludes\modules\enable-custom-dashboard.php:41

actionadmin_initincludes\modules\hide-administration-menu.php:4

filteracf/settings/show_adminincludes\modules\hide-administration-menu.php:13

actionadmin_bar_menuincludes\modules\hide-wp-admin-header-menu.php:3

actionlogin_enqueue_scriptsincludes\modules\login-logo.php:3

actionadmin_menuwp-project-essentials.php:21

actionadmin_enqueue_scriptswp-project-essentials.php:22

actionadmin_action_wp-project-essentialswp-project-essentials.php:23

Maintenance & Trust

WP Project Essentials Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10

Last updatedFeb 14, 2023

PHP min version

Downloads1K

Community Trust

Rating100/100

Number of ratings2

Active installs0

Alternatives

WP Project Essentials Alternatives

Custom WP-Admin URL

custom-admin-url

This is a plugin to give your authority to change wordpress admin url with your demand.

100 No CVEs

EchBay Admin Security

echbay-admin-security

Protect Your Website Admin Against Hackers & Modify Login Page Design ( Nhiệm vụ: chặn mọi truy cập trực tiếp vào trang quản trị wordpress dưới dạ …

100 1 CVE

Cool Admin Theme Lite for WP

cool-admin-theme-lite-for-wp

Use the Cool Admin Theme Lite for WP to make your administration area cleaner, more fresh and cool, ofcourse.

30 No CVEs

Santi Tech Disable Posts & Comments

santi-tech-disable-posts-comments

100

Removes "Posts" and "Comments" from the WordPress admin, disables comments site-wide, and can disable the Gutenberg editor.

10 No CVEs

WP Adminbar Hiddener Tools Plugin

wp-admin-bar-hiddener-tools-plugin

100

This is just any wordpress site any visitor and Of all users ‍hidden wordpress admin bar.

10 No CVEs

Developer Profile

WP Project Essentials Developer Profile

Haris

4 plugins · 130 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Project Essentials

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-project-essentials/assets/style-admin.css/wp-content/plugins/wp-project-essentials/assets/style-checkbox-switch.css/wp-content/plugins/wp-project-essentials/about/assets/style-admin.css

Script Paths

/wp-content/plugins/wp-project-essentials/about/admin-enqueue-script.php

Version Parameters

wp-project-essentials/style.css?ver=wp-project-essentials/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

wp-project-essentials-wrap

HTML Comments

+11 more

Data Attributes

data-page-titledata-page-urldata-page-template

JS Globals

fegallery_media_wp_mediawpes_form_library

FAQ