Description
Scinorx Site Risk Snapshot helps WordPress administrators review practical plugin-maintenance risk signals from inside WordPress.
The plugin creates a local snapshot covering:
- Installed, active, and inactive plugins
- Plugin updates visible in the cached WordPress update data
- Writable plugin main files
- Missing plugin compatibility headers
- Administrator account count
- Whether the built-in theme and plugin file editor is disabled
- Must-use plugins and drop-ins for review awareness
- A copyable plain-text report for developers, hosts, or internal review
This plugin is intentionally diagnostic. It does not update plugins, delete plugins, modify files, change users, disable editors, or automatically apply hardening changes.
Scinorx Site Risk Snapshot is useful before a maintenance pass, after a website handoff, during a plugin cleanup review, or when a business owner wants a simple summary of site risk signals.
Privacy
The plugin does not send data to Scinorx Technologies or any third party.
It does not use telemetry, tracking, analytics, hidden remote API calls, or background reporting.
The snapshot is generated locally in WordPress admin from WordPress/plugin metadata and current site state. The report can be copied manually by an administrator if they choose to share it with a developer, host, or Scinorx.
External Services
This plugin does not contact external services.
WordPress itself may already maintain plugin update data through its normal update system. Scinorx Site Risk Snapshot reads the local cached update data when available; it does not trigger its own remote update check.
Installation
- Upload the plugin files to the
/wp-content/plugins/scinorx-site-risk-snapshotdirectory, or install the plugin through the WordPress Plugins screen. - Activate the plugin through the Plugins screen in WordPress.
- Open Site Risk in the WordPress admin menu.
- Review the snapshot, findings, installed plugin table, and copyable report.
FAQ
-
Does this plugin update or delete plugins?
-
No. It is a diagnostic snapshot only. It does not update, delete, deactivate, or modify plugins.
-
Does this plugin send my plugin list to Scinorx?
-
No. Nothing is sent automatically. The copyable report is shown in the admin area so an administrator can manually share it if they choose.
-
Does this plugin call an external API?
-
No. The plugin reads local WordPress/plugin metadata and cached update data already available to WordPress.
-
Why does the plugin mention inactive plugins?
-
Inactive plugins can still leave code on the server. This does not mean every inactive plugin is dangerous, but unused inactive plugins should be reviewed and removed when they are no longer needed.
-
Why does the plugin mention writable plugin files?
-
Some hosts require writable plugin files for normal updates. However, writable plugin files can increase damage if an attacker gains write access. The plugin lists this as a review signal, not a malware confirmation.
Reviews
There are no reviews for this plugin.
Contributors & Developers
“Scinorx Site Risk Snapshot” is open source software. The following people have contributed to this plugin.
ContributorsTranslate “Scinorx Site Risk Snapshot” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
1.0.0
- Initial release.
