Does YM Site Kit have any unpatched vulnerabilities?

No. All known vulnerabilities in YM Site Kit have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is YM Site Kit compatible with WordPress 6.9.4?

According to WordPress.org data, YM Site Kit 0.1.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is YM Site Kit compatible with PHP 7.4+?

YM Site Kit requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is YM Site Kit updated?

YM Site Kit was last updated on Mar 3, 2026. Frequent updates are generally a positive security signal.

What is YM Site Kit's security score?

YM Site Kit has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

YM Site Kit Security & Risk Analysis

wordpress.org/plugins/ym-site-kit

Enhance your website with powerful mini‑utilities.

10 active installs v0.1.6 PHP 7.4+ WP 6.0+ Updated Mar 3, 2026

kittoolsutilities

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is YM Site Kit Safe to Use in 2026?

Generally Safe

Score 100/100

YM Site Kit has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The 'ym-site-kit' v0.1.6 plugin exhibits a strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events contributing to the attack surface is a significant strength. Furthermore, the code demonstrates good practices by not utilizing dangerous functions, employing prepared statements for all SQL queries, and consistently checking nonces and user capabilities.

The plugin also shows excellent output escaping, with 94% of outputs being properly handled, minimizing the risk of cross-site scripting (XSS) vulnerabilities. The presence of a single file operation and a single nonce check, alongside five capability checks, suggests a well-contained and permission-aware functionality.

The vulnerability history, being completely clear of any known CVEs, is highly reassuring and indicates a history of secure development or minimal prior exposure. While the zero taint analysis results are positive, it's worth noting that the small scope of analysis (0 flows) might limit its effectiveness. Overall, this plugin appears to be very secure, with no immediately apparent critical or high-severity risks based on the provided data. The only potential area for minor concern could be the single file operation, depending on its implementation, but without further context, it's not a strong indicator of risk.

Vulnerabilities

None known

YM Site Kit Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

YM Site Kit Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

31 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

94% escaped33 total outputs

Attack Surface

YM Site Kit Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 34

actionadmin_initincludes\ymsk-utility.php:116

filtermanage_post_posts_columnsutilities\advanced-columns.php:59

actionmanage_post_posts_custom_columnutilities\advanced-columns.php:62

filtermanage_media_columnsutilities\advanced-columns.php:71

actionmanage_media_custom_columnutilities\advanced-columns.php:82

filtermanage_page_posts_columnsutilities\advanced-columns.php:120

actionmanage_page_posts_custom_columnutilities\advanced-columns.php:131

filtermanage_plugins_columnsutilities\advanced-columns.php:146

actionmanage_plugins_custom_columnutilities\advanced-columns.php:149

filterdefault_hidden_columnsutilities\advanced-columns.php:167

actionymsk_utilities_savedutilities\comments-deactivator.php:12

actionadmin_initutilities\comments-deactivator.php:27

actionadmin_menuutilities\comments-deactivator.php:41

actionwp_before_admin_bar_renderutilities\comments-deactivator.php:46

actionadmin_noticesutilities\comments-deactivator.php:53

filtercomments_openutilities\comments-deactivator.php:75

filterpings_openutilities\comments-deactivator.php:76

filtercomments_arrayutilities\comments-deactivator.php:79

actionadmin_enqueue_scriptsutilities\hide-user-fields.php:12

filtertemplate_redirectutilities\maintenance-mode.php:12

actionadmin_bar_menuutilities\maintenance-mode.php:31

filterimage_editor_output_formatutilities\media-converter.php:13

filterwp_generate_attachment_metadatautilities\media-converter.php:21

filterwp_editor_set_qualityutilities\media-converter.php:53

filterget_custom_logoutilities\svg-logo.php:17

filterupload_mimesutilities\svg-support.php:12

filterwp_check_filetype_and_extutilities\svg-support.php:21

filtersanitize_titleutilities\transliterator.php:48

actionadmin_initym-site-kit.php:53

actionadmin_enqueue_scriptsym-site-kit.php:77

actionadmin_menuym-site-kit.php:83

actioncurrent_screenym-site-kit.php:95

actionadmin_initym-site-kit.php:113

actionafter_setup_themeym-site-kit.php:138

Maintenance & Trust

YM Site Kit Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 3, 2026

PHP min version7.4

Downloads317

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

YM Site Kit Alternatives

Store Toolkit – WooCommerce Extensions, Quick Enhancements & Handy Tools

woocommerce-store-toolkit

A huge set of Quick Enhancements and Handy Tools for WooCommerce – the ultimate WooCommerce booster!

8K 4 CVEs

All in One Tools

aio-tools

Tiện ích đa chức năng – Áp dụng dễ dàng cho mọi website

100 No CVEs

Dynamic Cart Messages for WooCommerce

dynamic-cart-messages-woocommerce

100

Dynamic Cart Messages allows you to boost your sales on your WooCommerce site by allowing you to show tailored messages on the cart page to incentiviz …

100 No CVEs

Disable All WordPress Updates and Theme Editors

disable-automatic-updates-and-theme-editors

Disable All WordPress Updates and Theme Editors is a handy tool that allows you to not only disable all types of WordPress updates but also allows you …

30 No CVEs

Foxdell Folio Taxonomy Toolkit

foxdell-folio-taxonomy-toolkit

Have finer control over your taxonomies so that you can have better organisation of your posts by using taxonomies other than just Categories and Tags …

10 No CVEs

Developer Profile

YM Site Kit Developer Profile

Yan Metelitsa

4 plugins · 220 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect YM Site Kit

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ym-site-kit/assets/css/ymsk-admin.css/wp-content/plugins/ym-site-kit/assets/js/ymsk-admin.js

Script Paths

/wp-content/plugins/ym-site-kit/assets/js/ymsk-admin.js

Version Parameters

ym-site-kit/assets/css/ymsk-admin.css?ver=ym-site-kit/assets/js/ymsk-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

ymsk-thumbnailymsk-utility-section

Data Attributes

data-slug="advanced-columns"

FAQ