Does ZeroState have any unpatched vulnerabilities?

No. All known vulnerabilities in ZeroState have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ZeroState compatible with WordPress 6.8.5?

According to WordPress.org data, ZeroState 1.0.3 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is ZeroState compatible with PHP 7.2+?

ZeroState requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is ZeroState updated?

ZeroState was last updated on Jul 3, 2025. Frequent updates are generally a positive security signal.

What is ZeroState's security score?

ZeroState has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ZeroState Security & Risk Analysis

wordpress.org/plugins/zerostate

Reset your WordPress site to a clean, default state or perform targeted resets with user-friendly interface. 🧹 ZeroState helps you get back to a blank …

0 active installs v1.0.3 PHP 7.2+ WP 5.0+ Updated Jul 3, 2025

clean-wordpressresetsite-resetwordpress-reset

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is ZeroState Safe to Use in 2026?

Generally Safe

Score 100/100

ZeroState has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago

Risk Assessment

The "zerostate" v1.0.3 plugin exhibits a strong security posture based on the provided static analysis. It has a minimal attack surface with no identified entry points, and the analyzed code signals indicate good security practices such as a high percentage of prepared statements for SQL queries, and a very high rate of proper output escaping. The presence of nonce and capability checks further strengthens its defenses against common web attacks. The absence of any known CVEs or historical vulnerabilities is also a significant positive indicator, suggesting a developer who prioritizes security.

However, the analysis did reveal one flow with unsanitized paths, which, while not classified as critical or high severity in the taint analysis, warrants attention. This suggests a potential area where malicious input could be used to manipulate file operations or other path-sensitive functions. Despite this single identified weakness, the overall security of "zerostate" v1.0.3 appears to be very good, with the developer demonstrating a clear commitment to secure coding principles. The single taint flow with unsanitized paths is the only notable concern that deviates from an otherwise excellent security report.

Key Concerns

Flow with unsanitized paths found

Vulnerabilities

None known

ZeroState Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

ZeroState Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

17 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

80% prepared5 total queries

Output Escaping

94% escaped18 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths

zerostate_admin_notice (includes\class-zerostate.php:297)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

ZeroState Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionadmin_menuadmin\zerostate-settings.php:23

actionadmin_enqueue_scriptsadmin\zerostate-settings.php:24

actionadmin_action_zerostate_full_reset_actionincludes\class-zerostate.php:33

actionadmin_noticesincludes\class-zerostate.php:34

actioninitzerostate.php:41

Maintenance & Trust

ZeroState Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJul 3, 2025

PHP min version7.2

Downloads424

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

ZeroState Alternatives

Factory Reset

factory-reset

Plugin to reset your site to its initial state.

20 No CVEs

Ultimate WordPress Reset

ultimate-wp-reset

Resets the WordPress database back to default state with one click. Deletes all settings and content. Does not modify any files only resets the databa …

10 No CVEs

WP Reset

wp-reset

WP Reset resets the entire site or selected parts using advanced reset options to default values. 100% safe to use with built-in restore function.

300K 6 CVEs

Database Reset

wordpress-database-reset

Skip reinstalling WP to reset it & reset the WordPress database back to its original state with 1-click.

10K 3 CVEs

WP Database Reset

wordpress-reset

100

Resets the WordPress database back to its defaults. Deletes all customizations and content. Does not modify files only resets the database.

5K No CVEs

Developer Profile

ZeroState Developer Profile

Ashar

3 plugins · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ZeroState

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/zerostate/admin/css/tailwind.min.css

Version Parameters

zerostate-tailwind?ver=2.2.19zerostate-settings-styles?ver=1.0.3zerostate-settings-js?ver=1.0.3

HTML / DOM Fingerprints

CSS Classes

zerostate-rangezerostate-noticeglassmorphic-cardupgrade-buttonzerostate-dashboard

Data Attributes

data-site-url

FAQ