You can follow the recent results of the Plugin Security Scorecard through the tool's Bluesky account.

• reCaptcha by BestWebSoft     C+
• TS Poll     B
• Tooltip Menu     C+
• Custom CSS for Blocks     C
• Notice     C
• WebP Conversion     C
• Tiny Default Thumbnail     D+
• Display Kitchen Sink by Default in Visual Editor     C
• YouTube DJ     D+
• Simple Plugin for Google Analytics     D+
• Easy WP Admin Customizer     D+
• Online Pre-Travel Shopping     D
• smo.io     C
• Last.wp     D+
• Socially Social Bookmaring Widget     D
• Berri Technorati Reactions on Dashboard     D+
• Content Aware Sidebars     C+
• Radio Tools     C
• Detech Cache     C
• Easy Social Shares     D+
• Dusupay Woocommerce Gateway     C
• SKT Maintenance     B
• Color Widgets     D+
• AppiFire for Mobile Apps     D+
• Country Caching Extension     C
• AdQuire     C
• Page Load Ajax     B
• WPGetBlogFeeds     C
• Admin Custom Description     C
• Fancy Quote & Alert Box for Gutenberg     C
• Conditional Email Routing For Contact Form 7     B
• OpenPath for WooCommerce     C
• 404 The Book of Changes     C
• Phototools     C
• Adjusted Bounce Rate     C
• Share Adsense Earnings     F
• Tagbox     C+
• FCC Nabaztag     D+
• Page navigation by menu     C+
• Sheepy     B
• BNS Bio     C
• KeymanWeb     C
• Page Templates for Posts     D+
• Simple Front End Edit Buttons     C
• Bitcoin payment for WPForms     B
• Cheap Flights By Kiwi.com     D
• Relative Links Fix     C
• Press-this auto close     C
• WP-TagMyCode     C
• Solomon Daily Wisdom     B
• SMS Contact Form 7 Notifications by ClickSend     D+
• JK Twitter Feeds     C
• GoCardless WordPress plugin     C
• IsSiY (Include second Sitemap into Yoast) WordPress SEO Extension     C
• RubyTabs Lite     C
• Free Contact Us Form plugin ( build in accordance to the GDPR )     D+
• Multi Connect     B
• Twitter Comments     D+
• Storefront Visual Hook Guide     C
• Blocks Editor Interface Customizer     C+
• Remove Update Notification     C
• Easy Tags     C
• AP Gravatars     C
• Bring4You     C
• Feeds Plugin     C
• Turbo SMS     C
• Speed Up     C
• Convizit Analytics     D+
• Track Debug     C+
• Buggyman.io Integration     D+
• Kindle-2-Widget     D+
• Videoencrypt Watermark     D+
• Simple Analytics     C+
• Easy Font Icons     D+
• Stock Message     D+
• WP Enterprise Launch Deploy     C
• Recommendations     C
• Sup Post Widget     C
• wp_comment_mail_notify     D+
• Visitor force login page     C
• Order Departments for WooCommerce     B
• Prevent user name and email leakage     C
• Custom CSS and JavaScript     C
• Remove Extra Media     D+
• OrkestaPay Card     C+
• One Click Demo Importer By Phoeniixx     D+
• RK_IMPORT_EXPORT_WP_WC_PLUGIN     F
• PopUpBuilder.App     C
• Embed JavaScript File Content     C
• Orders Synchronization for Merit Aktiva     C
• Developer Code Editor     C
• Quote Status Copy & Share By Adittaw     C+
• wPadlock     C
• Smilee.io     C
• BuddyPress Admin Access Activity     D+
• Cubo CRM     C+
• NCS E-Giving Custom Payment Platform     D
• Before After     C
• Twitter for WordPress Extended 2     D+
• Linkable Title Html and Php Widget     C

Check Another Plugin

Choose WordPress plugin available in the Plugin Directory to check by searching on its name or slug:

Choose a category to see a comparison of all the WordPress plugins already graded from that category:

Choose ClassicPress plugin to check by searching on its name or slug:

Check Plugin Not in WordPress Plugin Directory

Subscribers of our service can submit ZIP files of plugins that are not in the WordPress Plugin Directory to have them checked. (Not all issues can be checked for with uploaded plugins, as they require data not available with just the plugin's files.) You can sign up for the service for free here. For existing subscribers, once you are logged in to your account, return to this page to access that functionality.

The results of these gradings will not be stored.

About the Scorecard

The Plugin Security Scorecard grades plugins' handling of security based on data coming from the Plugin Vulnerabilities service, checking over the contents of the plugin, the WordPress.org API, and data generated specifically for the tool. It provides a useful, but incomplete, understanding of the security posture of the plugin and its developer. All the issues identified are ones that the developer of the plugin has the ability to address to get the grade of the plugin up to an A+.

Grades are calculated based on issues with any of the following:

• Plugins known to be vulnerable
• Plugin developers with track records of improperly handling security problems
• Security issues in the plugin that can be detected in an automated fashion
• Issues with the developer's developerment processes that suggest that their could be problems with security
• Plugins making unsupported, misleading, and false claims about their handling of security and the handling of security with WordPress

We are working to expand and refine the tools' ability to provide a good measure of plugins' security status. If you are aware of an additional security concern with this plugin that isn't represented here, please contact us. Other feedback on the tool is also welcome.

If you want a comprehensive understanding of the security of the plugin, a well-done security review is really needed to provide that.