WP-Safety

WPFrank Companion Security & Risk Analysis

wordpress.org/plugins/wpfrank-companion

WPFrank Companion is a companion plugin for WP Frank themes.

2K active installs v0.3.2 PHP 4.0+ WP 4.0+ Updated Oct 6, 2025
adminfeaturedfrontpagetheme-pagewidgets
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WPFrank Companion Safe to Use in 2026?

Generally Safe

Score 100/100

WPFrank Companion has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6mo ago
Risk Assessment

The wpfrank-companion plugin v0.3.2 presents a generally positive security posture based on the static analysis. A significant strength is the complete absence of SQL injection vulnerabilities due to 100% use of prepared statements, and a high rate of output escaping (90%). The lack of dangerous functions, file operations, and external HTTP requests further contributes to a reduced attack surface. The plugin also has no recorded vulnerability history, which is a strong indicator of ongoing security awareness and a mature development process.

However, there are notable areas of concern that warrant attention. The complete lack of nonce checks and capability checks across all entry points is a significant weakness. While the static analysis reported zero entry points, this is highly unusual and could indicate an incomplete scan or a plugin that relies on external mechanisms for its functionality. If there were any hidden or unanalyzed entry points, they would be entirely unprotected. The taint analysis also reported zero flows, which, in conjunction with the lack of explicit checks, raises a flag. This could mean either no exploitable data flows exist, or they were not detected due to the absence of proper sanitization and validation mechanisms that the analysis tools might rely on.

Key Concerns

  • No nonce checks found
  • No capability checks found
  • Unusual absence of entry points
  • Unusual absence of taint flows
Vulnerabilities
None known

WPFrank Companion Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

WPFrank Companion Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
36
314 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

90% escaped350 total outputs
Attack Surface

WPFrank Companion Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 45
actionwpfrank_businessexpo_frontpageinc\businessexpo\businessexpo.php:70
actioncustomize_registerinc\businessexpo\customizer\businessexpo-default-data\client-customizer-default-data.php:5
actioncustomize_registerinc\businessexpo\customizer\businessexpo-default-data\funfact-customizer-default-data.php:33
actioncustomize_registerinc\businessexpo\customizer\businessexpo-default-data\team-customizer-default-data.php:4
actioncustomize_registerinc\businessexpo\customizer\child-themes-customizer-default-data\architect-designs-customizer-default-data.php:55
actioncustomize_registerinc\businessexpo\customizer\child-themes-customizer-default-data\architect-designs-customizer-default-data.php:92
actioncustomize_registerinc\businessexpo\customizer\child-themes-customizer-default-data\architect-designs-customizer-default-data.php:139
actioncustomize_registerinc\businessexpo\customizer\child-themes-customizer-default-data\architect-designs-customizer-default-data.php:166
actioncustomize_registerinc\businessexpo\customizer\child-themes-customizer-default-data\building-construction-customizer-default-data.php:55
actioncustomize_registerinc\businessexpo\customizer\child-themes-customizer-default-data\building-construction-customizer-default-data.php:92
actioncustomize_registerinc\businessexpo\customizer\child-themes-customizer-default-data\building-construction-customizer-default-data.php:139
actioncustomize_registerinc\businessexpo\customizer\child-themes-customizer-default-data\building-construction-customizer-default-data.php:166
actioncustomize_registerinc\businessexpo\customizer\child-themes-customizer-default-data\medical-health-customizer-default-data.php:55
actioncustomize_registerinc\businessexpo\customizer\child-themes-customizer-default-data\medical-health-customizer-default-data.php:92
actioncustomize_registerinc\businessexpo\customizer\child-themes-customizer-default-data\medical-health-customizer-default-data.php:139
actioncustomize_registerinc\businessexpo\customizer\child-themes-customizer-default-data\medical-health-customizer-default-data.php:166
actioncustomize_registerinc\businessexpo\customizer\hompage-layout\customizer_homepage_layout.php:107
actioncustomize_registerinc\businessexpo\customizer\wpfrank-companion-businessexpo-customizer-default.php:71
actioncustomize_registerinc\businessexpo\customizer\wpfrank-companion-businessexpo-customizer-default.php:108
actioncustomize_registerinc\businessexpo\customizer\wpfrank-companion-businessexpo-customizer-default.php:151
actioncustomize_registerinc\businessexpo\customizer\wpfrank-companion-businessexpo-customizer-default.php:178
actioncustomize_registerinc\businessexpo\customizer\wpfrank-companion-businessexpo-customizer-options.php:309
actioncustomize_registerinc\businessexpo\customizer\wpfrank-companion-businessexpo-customizer-options.php:535
actionwpfrank_cryptoairdrop_frontpageinc\cryptoairdrop\cryptoairdrop.php:63
actioncustomize_registerinc\cryptoairdrop\customizer\child-themes-customizer-default-data\crypto-compare-customizer-default-data.php:48
actioncustomize_registerinc\cryptoairdrop\customizer\child-themes-customizer-default-data\crypto-compare-customizer-default-data.php:80
actioncustomize_registerinc\cryptoairdrop\customizer\child-themes-customizer-default-data\crypto-mining-customizer-default-data.php:57
actioncustomize_registerinc\cryptoairdrop\customizer\child-themes-customizer-default-data\crypto-mining-customizer-default-data.php:100
actioncustomize_registerinc\cryptoairdrop\customizer\child-themes-customizer-default-data\crypto-token-customizer-default-data.php:49
actioncustomize_registerinc\cryptoairdrop\customizer\child-themes-customizer-default-data\crypto-token-customizer-default-data.php:92
actioncustomize_registerinc\cryptoairdrop\customizer\child-themes-customizer-default-data\meme-token-customizer-default-data.php:49
actioncustomize_registerinc\cryptoairdrop\customizer\child-themes-customizer-default-data\meme-token-customizer-default-data.php:91
actioncustomize_registerinc\cryptoairdrop\customizer\wpfrank-companion-cryptoairdrop-customizer-compare-options.php:255
actioncustomize_registerinc\cryptoairdrop\customizer\wpfrank-companion-cryptoairdrop-customizer-compare-options.php:527
actioncustomize_registerinc\cryptoairdrop\customizer\wpfrank-companion-cryptoairdrop-customizer-default.php:60
actioncustomize_registerinc\cryptoairdrop\customizer\wpfrank-companion-cryptoairdrop-customizer-default.php:95
actioncustomize_registerinc\cryptoairdrop\customizer\wpfrank-companion-cryptoairdrop-customizer-meme-options.php:236
actioncustomize_registerinc\cryptoairdrop\customizer\wpfrank-companion-cryptoairdrop-customizer-meme-options.php:507
actioncustomize_registerinc\cryptoairdrop\customizer\wpfrank-companion-cryptoairdrop-customizer-mining-options.php:215
actioncustomize_registerinc\cryptoairdrop\customizer\wpfrank-companion-cryptoairdrop-customizer-mining-options.php:485
actioncustomize_registerinc\cryptoairdrop\customizer\wpfrank-companion-cryptoairdrop-customizer-options.php:319
actioncustomize_registerinc\cryptoairdrop\customizer\wpfrank-companion-cryptoairdrop-customizer-options.php:627
actioncustomize_registerinc\cryptoairdrop\customizer\wpfrank-companion-cryptoairdrop-customizer-token-options.php:238
actioncustomize_registerinc\cryptoairdrop\customizer\wpfrank-companion-cryptoairdrop-customizer-token-options.php:509
actioninitwpfrank-companion.php:52
Maintenance & Trust

WPFrank Companion Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 6, 2025
PHP min version4.0
Downloads65K

Community Trust

Rating100/100
Number of ratings2
Active installs2K
Alternatives

WPFrank Companion Alternatives

Avantex Companion

Avantex Companion

avantex-companion

A
100

tested up to 6.8 License: GPLv3 or later License URI: http://www.gnu.org/licenses/gpl-3.0.html Avantex Companion is a companion plugin for Avantex the …

1K No CVEs
Marin Companion

Marin Companion

marin-companion

A
100

Marin Companion is a companion plugin for Marin theme.

500 No CVEs
Envo Companion

Envo Companion

envo-companion

A
100

Envo Companion is a companion plugin for Webenvo themes.

200 No CVEs
Daddy Plus

Daddy Plus

daddy-plus

A
100

Daddy Plus is a useful plugin for WordPress theme by Themes Daddy.

9K No CVEs
Desert Companion

Desert Companion

desert-companion

A
100

Desert Companion Enhances Desert Themes with additional functionality.

20K No CVEs
Developer Profile

WPFrank Companion Developer Profile

FARAZFRANK

28 plugins · 47K total installs

79
trust score
Avg Security Score
100/100
Avg Patch Time
578 days
View full developer profile
Detection Fingerprints

How We Detect WPFrank Companion

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wpfrank-companion/inc/businessexpo/assets/css/businessexpo.css/wp-content/plugins/wpfrank-companion/inc/businessexpo/assets/js/businessexpo.js/wp-content/plugins/wpfrank-companion/inc/cryptoairdrop/assets/css/cryptoairdrop.css/wp-content/plugins/wpfrank-companion/inc/cryptoairdrop/assets/js/cryptoairdrop.js
Version Parameters
wpfrank-companion/style.css?ver=wpfrank-companion/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
section-headersection-subtitlesection-titledivider-maintheme-light-greytheme-darkpost-thumbnailpost-meta+8 more
Data Attributes
data-section-id
JS Globals
wpfrank_companion_plugin_url
FAQ

Frequently Asked Questions about WPFrank Companion