Does Plugins List have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Plugins List compatible with WordPress 5.4.19?

According to WordPress.org data, Plugins List 1.2 has been tested up to WordPress 5.4.19. Check the plugin's changelog for the latest compatibility information.

Is Plugins List compatible with PHP 5.0+?

Plugins List requires PHP 5.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Plugins List updated?

Plugins List was last updated on May 12, 2020. Frequent updates are generally a positive security signal.

What is Plugins List's security score?

Plugins List has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Plugins List Security & Risk Analysis

wordpress.org/plugins/wp-system-snapshot

The perfect tool for developers to see a quick snapshot of the WordPress system.

10 active installs v1.2 PHP 5.0+ WP 4.6+ Updated May 12, 2020

databasemysqlphpserverthemes

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Plugins List Safe to Use in 2026?

Generally Safe

Score 85/100

Plugins List has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The wp-system-snapshot v1.2 plugin exhibits a mixed security posture. On one hand, it demonstrates good practices by exclusively using prepared statements for SQL queries and having no recorded vulnerability history, suggesting a commitment to security or simply a lack of prior exposure. The absence of AJAX handlers, REST API routes, shortcodes, and cron events without authentication checks, as well as no external HTTP requests or file operations, significantly reduces its attack surface. However, critical concerns arise from the presence of the `exec` function, which can be a gateway for arbitrary code execution if misused. Furthermore, only a meager 2% of its 51 output operations are properly escaped, indicating a high risk of cross-site scripting (XSS) vulnerabilities. The single taint flow identified as having unsanitized paths, despite not being classified as critical or high severity in the static analysis, warrants attention due to the potential for path traversal or file manipulation if the `exec` function is involved.

Key Concerns

Use of dangerous function 'exec'
Low output escaping coverage
Unsanitized path taint flow
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Plugins List Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Plugins List Release Timeline

v1.2Current

v1.1

v1.0

Code Analysis

Analyzed Apr 16, 2026

Plugins List Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

exec<?php $uptime = exec( "uptime", $system );layout5.php:43

SQL Query Safety

100% prepared2 total queries

Output Escaping

2% escaped51 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths

<layout5> (layout5.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Plugins List Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actionadmin_menuwp-system-snapshot.php:22

Maintenance & Trust

Plugins List Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19

Last updatedMay 12, 2020

PHP min version5.0

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Plugins List Alternatives

WP phpMyAdmin

wp-phpmyadmin-extension

[ ✅ 𝐒𝐄𝐂𝐔𝐑𝐄 𝐏𝐋𝐔𝐆𝐈𝐍𝐒 𝐵𝓎 𝒫𝓊𝓋𝑜𝓍 ] phpMyAdmin - Database Browser & Manager (for MySQL & MariaDB)

50K 2 CVEs

Version Info – Server Health Monitor, PHP & MySQL Version Display, Environment Indicators

version-info

100

The #1 technical dashboard for WordPress professionals. Display PHP, MySQL, WP & server versions anywhere in admin. Monitor CPU, RAM, DB size &amp …

10K No CVEs

WP-ServerInfo

wp-serverinfo

Display your host's PHP, MYSQL & memcached (if installed) information on your WordPress dashboard.

10K No CVEs

Diagnosis

diagnosis

Adds pages to the Dashboard menu with technical details about PHP, MySQL and other server details an administrator might need.

90 No CVEs

PHP Version Display

php-version-display

Display the currently PHP-MYSQL version at the end of "At a Glance" admin dashboard widget

10 No CVEs

Developer Profile

Plugins List Developer Profile

ESC IT (Web Design Bristol)

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Plugins List

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-system-snapshot/images/Green-tick.png/wp-content/plugins/wp-system-snapshot/images/Red-cross.png

HTML / DOM Fingerprints

FAQ