Skip to main content

Is wpfullpicture.com a Scam? Security Check Results - WP Full Picture Reviews

wpfullpicture.com favicon

Is wpfullpicture.com Safe? Security Analysis for WP Full Picture

https://wpfullpicture.com

Check if wpfullpicture.com is a scam or legitimate. Free security scan and reviews.

TechnologyN/asmall
WordPressPHPKadence ThemeKadence BlocksFull Picture Premium Plugin+6 more
Analyzed 7/30/2025Completed 11:00:23 PM
73
Security Score
MEDIUM RISK

AI Summary

WP Full Picture is a specialized WordPress and WooCommerce plugin provider focused on delivering advanced analytics, marketing integrations, and privacy compliance tools. The company offers a comprehensive solution that includes multiple tracking integrations, visitor scoring, consent management, and GDPR compliance features, positioning itself as a niche player in the WordPress ecosystem. The website demonstrates a high level of professionalism, with clear navigation, excellent content quality, and consistent branding. Technically, the site is built on WordPress using the Kadence theme and blocks, with integrations to major analytics and marketing platforms such as Google Analytics 4, Facebook Pixel, Matomo, and Microsoft Clarity. Hosting is provided by OVH sas with Cloudflare nameservers, ensuring good performance and security. Security posture is strong with HTTPS enforced, domain locking, and cookie consent mechanisms, although DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent banner. Overall, the site scores highly on content quality, technical implementation, and security, with minor recommendations for improvement.

Detected Technologies

WordPressPHPKadence ThemeKadence BlocksFull Picture Premium PluginGoogle Analytics 4Google Tag ManagerMatomoMicrosoft ClarityFacebook PixelGoogle Fonts Bunny CDN

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

The business operates in the technology sector, specifically targeting WordPress and WooCommerce website owners who require advanced analytics and privacy compliance tools. Its business model is based on plugin sales with free and pro versions, supported by an affiliate program and a growing user base of over 2500 trusted websites. The company leverages partnerships and integrations with major analytics and marketing platforms to enhance its offering. Market positioning is niche but strong within the WordPress plugin ecosystem, with competitive advantages including visitor scoring and comprehensive consent management. Growth indicators include recent founding in 2023 and active content updates. The company maintains a professional online presence with clear legal documentation and user support channels.

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (1)

k*****@proton.me

Security Posture Analysis

Comprehensive Security Assessment

WP Full Picture exhibits a mature security posture for a small technology business. The use of HTTPS, domain locking statuses (clientDeleteProhibited and clientTransferProhibited), and Cloudflare nameservers contribute to a secure environment. The website implements a GDPR-compliant cookie consent banner with script blocking until consent, enhancing user privacy and compliance. Server-side tracking and data protection mechanisms are in place, including records of consent with daily email backups. However, the absence of DNSSEC and a published security policy or incident response contact are gaps that could be addressed to improve transparency and incident readiness. No vulnerabilities or exposed sensitive data were detected in the website content. Overall, the security posture is strong but could benefit from formalized policies and DNS security enhancements.

Strategic Recommendations

Priority Actions for Security Improvement

1

Enable DNSSEC on the domain to enhance DNS security and prevent spoofing.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

WP Full Picture

Description:

WP Full Picture is a WordPress and WooCommerce plugin designed to help users set up advanced tracking and privacy solutions easily and quickly. It offers integrations with multiple analytics and marketing tools, visitor scoring, consent management, and GDPR compliance features.

Key Services:
Analytics integrationsMarketing tool integrationsConsent banner and privacy managementVisitor scoringWooCommerce trackingRecords of consentAnalytics dashboards
Content Quality:

excellent

Branding:

consistent

Technical Stack

Technologies:
WordPressPHPKadence ThemeKadence BlocksFull Picture Premium PluginGoogle Analytics 4Google Tag ManagerMatomoMicrosoft ClarityFacebook PixelGoogle Fonts Bunny CDN
Frameworks:
WordPress
Platforms:
WordPress
Performance:

fast

Mobile:

excellent

Accessibility:

good

SEO:

excellent

Security Assessment

Security Score:
90/100
Best Practices:
  • HTTPS enforced
  • Domain locked with clientDeleteProhibited and clientTransferProhibited
  • Cookie consent banner with opt-in/opt-out
  • Script and iframe blocking until consent
  • No exposed sensitive data in HTML
  • Use of server-side tracking for analytics

Analytics & Tracking

Services:
Google Analytics 4MatomoMicrosoft ClarityGoogle Tag Manager
Tracking Level:extensive
Privacy Compliance:good

Advertising & Marketing

Tracking Pixels:
Google Analytics 4Facebook PixelMicrosoft ClarityMatomo
Marketing Tools:
Google AdsMeta PixelX Ads (Twitter Ads)
Transparency Level:good

Website Quality Assessment

Design Quality:excellent
User Experience:excellent
Content Relevance:excellent
Navigation Clarity:excellent
Professionalism:excellent
Trustworthiness:high

Key Observations

1

Website is a professional WordPress plugin site focused on analytics and privacy compliance

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

50/100
Score

Weak Strict-Transport-Security configuration

LOW

Current value: "max-age=2628000; includeSubDomains"

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

95/100
Score

No Data Protection Officer mentioned

LOW

Large organizations may need to designate a DPO under GDPR

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy85% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

25/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

75/100
Score

DMARC not enforcing

MEDIUM

DMARC policy is set to "none"

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 include:_mail.dhosting.pl -all
DNS Lookups:1/10
Policy:-all
DKIM Selectors Found
Selector:mail(1296-bit rsa)
DMARC Details
Policy:none
Aggregate Reports:rua@dmarc.brevo.com

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

75/100
Score

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 54 days

Weak SSL Key Length

HIGH

SSL certificate uses 256-bit key, which is considered weak

Partial SSL/TLS Assessment

LOW

Completed 2 of 4 security checks due to time constraints

Certificate Details

Subject:wpfullpicture.com
Issuer:WE1
Valid Until:9/23/2025 (54 days)
SANs:wpfullpicture.com, *.wpfullpicture.com

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

80/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

DMARC Policy Set to None

LOW

DMARC is configured but not enforcing any policy

DNS Records

A Records:104.21.7.3, 172.67.135.139
AAAA Records:2606:4700:3031::ac43:878b, 2606:4700:3030::6815:703
Name Servers:
pam.ns.cloudflare.comDNS only
woz.ns.cloudflare.comDNS only
MX Records:
10: mx-1.dpoczta.pl
10: mx-2.dpoczta.pl
SOA:Serial: 2376929511, TTL: 1800s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:126ms

SPF Analysis

SPF Record:
v=spf1 include:_mail.dhosting.pl -all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built on a modern WordPress infrastructure using the Kadence theme and Kadence Blocks plugin, ensuring responsive and accessible design. It integrates multiple analytics and marketing technologies including Google Analytics 4, Facebook Pixel, Matomo, Microsoft Clarity, and Google Tag Manager. Hosting is provided by OVH sas with Cloudflare nameservers, contributing to fast loading times and reliable uptime. The site uses advanced cookie consent and script blocking mechanisms to comply with GDPR and CCPA. Performance is optimized with preloading of critical CSS and fonts, and asynchronous loading of tracking scripts. No deprecated or vulnerable libraries were detected. The technical implementation reflects a well-maintained and modern digital presence with opportunities to further enhance DNS security and formalize security policies.
Analyze Another Website