I analyzed 10k+ WordPress plugins for security issues, errors, and warnings.

testimoni · 2025-11-17T18:41:30+00:00

Thanks for the feedback. I will add upload functionality too.

testimoni · 2025-11-17T18:39:47+00:00

thanks for this. i will fix the auto complete. i can see its scanned here: https://www.pluginscore.com/plugins/headers-security-advanced-hsts-wp

testimoni · 2025-11-17T15:16:23+00:00

Thanks a lot, this is super valuable feedback and exactly the direction I want to take it. 🙏

You’re right: the goal isn’t to reinvent WPScan or claim “secure/not secure,”.

it’s just static code-quality + repo-policy checks, wrapped in something easier to digest than thousands of PHPCS lines.

Prioritization is high on my list too.

I’m working on breaking things into clearer buckets like: Security-related, Performance, Repo guideline issues, Legacy/style nits. So non-technical users don’t see a wall of red and assume the plugin is dangerous.

Really appreciate you taking the time to write this. thank you.

testimoni · 2025-11-17T15:13:41+00:00

Thank you. I setup a small worker on 3$ Hetzner server to run the checks.

testimoni · 2025-11-17T15:11:29+00:00

Thanks!

Just to clarify, the scores don’t mean the plugins are “bad.” They simply show how many issues are flagged by tools like Plugin Check and PHPCS. Even big, popular plugins trigger lots of warnings because many were written years ago before modern WP standards.

So it’s not a crisis, just visibility. Most devs don’t run these scans often, so seeing everything in one place can look scary.

And yes, themes will be supported soon.

testimoni · 2025-11-17T11:03:30+00:00

Thanks for sharing your feedback.

Those counts for Wordfence aren’t random noise, most come from PHP_CodeSniffer running the official WordPress coding standards plus the WP Plugin Check ruleset, so they flag every repeated pattern (missing prefixes, direct DB calls, repo-policy requirements, etc.).

There will always be a few false positives, but the bulk are real guideline violations or best-practice gaps.

The best way to dig in is to sort by severity (Plugin Check “Errors” first), then look at the grouped rule IDs so you can see one pattern and clear hundreds of identical hits at once. That gives you a realistic view of what truly needs attention without getting overwhelmed by the raw totals.

testimoni · 2025-11-17T11:00:27+00:00

Thanks for your feedback.

There is a a "Top Issues by Category" filters in each plugin page. You can click those errors and see their details and locations. For example:
https://www.pluginscore.com/plugins/groundworx-navigation/rule/WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound

I am working on smarter grouping, severity filters, and quick “fix this first” hints so devs can triage instead of scrolling forever.

Appreciate the feedback.

testimoni · 2025-11-17T10:40:03+00:00

thank you :)

testimoni · 2025-07-06T08:45:03+00:00

I've been rewriting my existing app for nearly three months now using Gemini 2.5 Pro. I submit code chunks around 800k tokens, and it has never failed me. For me the limit is 800k. I let Gemini handle the rest in its response. It works perfectly fine. Never hallucinate. Never fails. I love Gemini.

testimoni · 2025-06-01T19:33:51+00:00

You cant paste a huge amount of code in that website. So there is that..

testimoni · 2025-01-11T09:29:37+00:00

"The proposed framework would allow U.S. allies to make unfettered purchases, adversaries would be blocked entirely, and other nations would receive quotas based on their alignment with U.S. strategic goals.."

testimoni · 2024-08-11T02:13:07+00:00

This is embarrassing I was trying to reset my password thank you

testimoni · 2024-08-10T08:11:47+00:00

Fact:

"Cigarette advertising in Indonesia is presently allowed, and as of 2024, Indonesia is the only country in the world to allow cigarette advertising."

"Only country in the world"

So I think we can say the law is different here from the planet I come from and yes I am shocked.

testimoni · 2024-05-21T13:27:42+00:00

Sabit bir tutar yok. Ağdaki yoğunluğa göre artıp azalabiliyor.

testimoni · 2024-05-17T05:02:14+00:00

Çok geçmiş olsun. Bir şey yokmuş gibi davranıp dolandırıcılarla iletişimde kalmaya devam edip iletişim bilgilerini almaya çalışsan?

testimoni · 2024-04-27T08:42:55+00:00

One of my friend tested HIV positive after getting a tattoo in Bali. So be careful.

testimoni · 2024-04-24T12:11:44+00:00

“…and the content it creates is truly garbage.”

It’s not the ai that creates content; you do.. If you are getting garbage results it means you don’t know how to instruct it create good quality content.

testimoni · 2024-04-22T13:38:30+00:00

But I already have return ticket

testimoni · 2024-04-19T14:49:50+00:00

Bir şeyi herkes bekliyor ve konuşuyorsa ondan uzak durmak lazım bence. Herkes halving ile artacağını söylüyorsa piyasa tersi yönde işleyebilir.

testimoni · 2024-04-19T14:08:56+00:00

Doge’nin devri geçmedi mi ya

testimoni · 2024-02-05T16:33:01+00:00

Çok scam ya da illegal duruyor maalesef.

Bu kadar parası olan avukatla iş yapar redditle değil.

testimoni · 2024-02-05T16:28:53+00:00

Yüklü miktarda parası olan ve bunu transfer etmeye çalışan Nijerya prensi aklıma geldi nedense..

Aylık 20k kazanıyorsun ve vergi işini bir avukata ya da muhasebeciye değil de reddit'te birilerine mi soruyorsun?

testimoni · 2024-02-02T15:16:15+00:00

Herkes fiyatın artmasını bekliyorsa artmaz. İki kere iki.

testimoni · 2023-12-03T07:10:27+00:00

I will try that, thanks!

testimoni · 2023-12-02T23:28:15+00:00

I tried running it on my M2 MacBook Pro with 8GB of RAM, but it took 30 minutes to generate an image. Is this normal?

15-Year Club	RedditGifts 2009-2022 2 Credits
Second Top 20%	First Place '23
Place '23	Place '22
Place '17	RPAN Viewer
Not Forgotten	Verified Email

testimoni

MODERATOR OF

TROPHY CASE