This plugin hasn’t been tested with the latest 3 major releases of WordPress. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

Code Analyzer

Description

Scans plugin files for matches to custom regex patterns. Useful for checking whether your plugins don’t do anything shady.

Default search patterns match the following:

  • Exploitable PHP and JS functions and HTML tags
  • Code (de)obfuscation
  • Remote requests (including pingbacks, trackbacks and mail sending)
  • Filesystem modification
  • Direct database queries
  • User creation
  • Inline and enqueued scripts
  • Unicode and ASCII character literals, integer literals
  • URL addresses
  • Strings containing “swf”
  • Google Analytics and AdSense IDs

Screenshots

  • Configuration page
  • Example code analysis: Akismet

Installation

  1. Install the plugin.
  2. Go to Settings > Code Analyzer to configure the plugin.
  3. To analyze a plugin, click the appropriate “Analyze code” link on the Plugins page.

Contributors & Developers

“Code Analyzer” is open source software. The following people have contributed to this plugin.

Contributors

Translate “Code Analyzer” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

0.2

  • Results are now sorted alphabetically
  • New option “Results display mode”
  • New search pattern “User creation”