WPReadability Security & Risk Analysis

wordpress.org/plugins/wpreadability

Displays readability level for your posts and pages.

0 active installs v1.0.0 PHP + WP 4.6+ Updated Oct 25, 2017
readability
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is WPReadability Safe to Use in 2026?

Generally Safe

Score 85/100

WPReadability has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago
Risk Assessment

The "wpreadability" v1.0.0 plugin exhibits a generally positive security posture based on the provided static analysis and vulnerability history. The complete absence of known CVEs, coupled with the fact that all SQL queries utilize prepared statements, are strong indicators of good development practices and a low risk of common web vulnerabilities. The limited attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events, further strengthens its security profile, especially since none of these entry points are reported as unprotected. However, there are notable concerns within the code analysis. The presence of a dangerous function, `set_time_limit`, without clear context on its usage, introduces a potential risk if not handled carefully. More significantly, the fact that 100% of its single identified output is not properly escaped presents a direct vulnerability to Cross-Site Scripting (XSS) attacks. This lack of output escaping on any generated content is a critical weakness that could allow attackers to inject malicious scripts into the website.

Key Concerns

  • Unescaped output
  • Use of dangerous function (set_time_limit)
Vulnerabilities
None known

WPReadability Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

WPReadability Release Timeline

No version history available.
Code Analysis
Analyzed Apr 16, 2026

WPReadability Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
1
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Dangerous Functions Found

set_time_limitset_time_limit( 0 );readability.php:14

Output Escaping

0% escaped1 total outputs
Attack Surface

WPReadability Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 14
actionplugins_loadedreadability.php:40
actioninitsrc/readability.php:30
actionadmin_menusrc/readability.php:33
actionadmin_headsrc/readability.php:38
actionadmin_footersrc/readability.php:39
actionwp_headsrc/readability.php:40
actionwp_footersrc/readability.php:41
filterthe_contentsrc/readability.php:44
actionadd_meta_boxessrc/readability.php:79
actionadd_meta_boxessrc/readability.php:80
filtermanage_posts_columnssrc/readability.php:90
actionmanage_posts_custom_columnsrc/readability.php:91
filtermanage_pages_columnssrc/readability.php:92
actionmanage_pages_custom_columnsrc/readability.php:93
Maintenance & Trust

WPReadability Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.33
Last updatedOct 25, 2017
PHP min version
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Developer Profile

WPReadability Developer Profile

kevindaviesnz

2 plugins · 0 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect WPReadability

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wpreadability/css/readability_admin.css/wp-content/plugins/wpreadability/js/gsdom.js/wp-content/plugins/wpreadability/js/readability_admin.js/wp-content/plugins/wpreadability/css/readability.css/wp-content/plugins/wpreadability/js/readability.js
Script Paths
/wp-content/plugins/wpreadability/js/gsdom.js/wp-content/plugins/wpreadability/js/readability_admin.js/wp-content/plugins/wpreadability/js/readability.js

HTML / DOM Fingerprints

JS Globals
readability_params
FAQ

Frequently Asked Questions about WPReadability